Legal

Web Privacy Policy

This policy applies to the sepia.live website and related browser-based experiences. It does not describe the app.

Version 1.2. Effective date: May 13, 2026. Last updated: May 22, 2026.

Controller and Contact

Tangible Spin LLP (LLPIN: AAR-1171), operating sepia.live.

Registered office: D101 Abodh Valamrk, AC Post, Govindapura, Bangalore 560045, Karnataka, India.

Privacy: privacy@sepia.live · Legal: legal@sepia.live · Support: support@sepia.live

Information we may process

  • Server-side request metadata such as IP address, user-agent, referrer, host, and requested path
  • Connection, routing, and security metadata such as timestamps, response status, and infrastructure logs
  • Contact details a user voluntarily submits through email or contact flows
  • Technical diagnostics, availability records, and abuse-prevention logs needed to operate the site
  • Limited campaign-measurement data from specific marketing landing pages when a Meta Pixel is loaded there

How information is used

  • To operate, secure, and deliver the website
  • To measure aggregate traffic and service performance from server-side logs
  • To measure visits to limited ad-driven marketing landing pages and demo-booking page performance
  • To detect abuse, fraud, bot activity, and reliability issues
  • To troubleshoot incidents and maintain infrastructure
  • To respond to contact requests or support inquiries

Server-side request logging

sepia.live measures website activity primarily through server-side request logging and header analysis rather than browser analytics tags. This means the website may record information sent with a normal page request, such as IP address, user-agent, referrer, host, requested path, request time, and related delivery or security metadata.

These records are used for operational reporting, traffic estimation, troubleshooting, abuse prevention, and platform security. They are not intended to build advertising profiles or cross-site behavioral tracking histories.

Certain limited marketing landing pages, typically reached through paid ads rather than normal website navigation, may also load Meta Pixel for campaign measurement and booking-page performance analysis.

Cookies and similar technologies

The general public sepia.live website is not intended to use non-essential analytics, advertising, or session-replay cookies during normal browsing. Website traffic measurement described in this policy is based mainly on server-side logs and request headers rather than Google Analytics, Google Tag Manager, Microsoft Clarity, or similar browser tags across the site.

However, certain limited marketing landing pages that are typically accessed through ads may load Meta Pixel for campaign measurement. If the site later adds other first-party cookies or local storage for user preferences, authenticated sessions, or other browser-side functions, this policy and the cookie policy should be updated at the same time.

Limited marketing-tag use

As of this version of the policy, sepia.live does not intend to load non-essential browser analytics, advertising, or session replay tags across the main public website. A limited exception applies to certain ad-driven marketing landing pages, including demo booking pages, where Meta Pixel may be used.

Data sharing and service providers

Information may be processed by service providers used to host, secure, route, and operate the website. Infrastructure providers may receive server request metadata and operational logs in the ordinary course of delivering the service.

No personal information in URLs or logs

sepia.live does not intend to place names, email addresses, phone numbers, billing details, or similar directly identifying information into public page URLs, query parameters, or browser-side tracking payloads. Users should also avoid sending sensitive information through channels not intended for it.

Retention and deletion

Website request logs, support inquiries, and operational diagnostics may be retained for security, abuse prevention, troubleshooting, legal compliance, and business operations.

Typical targets are: server and security logs for up to 12 months, contact and support emails for up to 24 months after the last active exchange, and encrypted backup copies for up to 35 days before rotation completes.

International processing

Website information may be processed by providers operating in more than one country. If cross-border processing occurs, sepia.live intends to rely on reasonable contractual, operational, and technical safeguards appropriate to the service setup.

Privacy rights and requests

Depending on a user's location, they may have rights to request access, correction, deletion, or additional information about personal data handling. See Privacy Requests for the current request route.

Contact

For privacy or data handling questions related to the website, contact privacy@sepia.live.

Related pages