Privacy Policy

Contents

Introduction: Your Privacy, Our Commitment

At Lvra Global (Pvt) Ltd ("Lvra Global," "we," "our," "us"), a leading digital marketing and technology solutions provider based in Colombo, Sri Lanka, your privacy is not just a policy; it's a fundamental commitment. We are deeply dedicated to protecting the personal data and privacy of all our website visitors, clients, prospective clients, business partners, and anyone who interacts with our services. This comprehensive Privacy Policy is meticulously designed to clearly articulate our transparent practices regarding the collection, use, processing, storage, and disclosure of your information. It also meticulously outlines your rights concerning your personal data and details how we diligently safeguard it, always adhering to applicable data protection laws and industry best practices, including the Sri Lankan Personal Data Protection Act, No. 09 of 2022 (PDPA).

By accessing our website, utilizing our diverse range of services (including digital marketing strategy, precision lead generation, bespoke website development, advanced SEO, dynamic social media management, and insightful technology consulting), or engaging with us through any other means such as email, phone, or online forms, you expressly acknowledge and agree to the terms outlined in this Privacy Policy. We strongly encourage you to read this policy carefully and thoroughly to understand our unwavering approach to your privacy and data security.

Information We Collect: Understanding Your Data

To provide and continuously improve our services, ensuring a seamless, effective, and personalized experience, we collect various types of information. This information is broadly categorized into non-personal information and personal information, each serving distinct purposes.

2.1. Non-Personal Information (Automatically Collected)

When you visit our website or interact with our online platforms, certain non-personal information is automatically collected. This data is crucial for us to understand user behavior patterns, optimize our website's performance, enhance security, and detect potential issues, all without directly identifying you. This type of information typically includes:

IP Address and Server Information: Your device's Internet Protocol (IP) address, which may provide an indication of your general geographic location (e.g., city or region), along with technical details about your server connection.
Date, Time, and Duration of Visit: Precise timestamps marking the beginning and end of your interactions with our website, as well as the total time spent on specific pages or the entire site.
Pages Visited and Documents Accessed: A detailed record of the specific web pages you view, the content you interact with, and any documents you download from our site.
Browser Type and Device Information: Comprehensive details about the web browser you are utilizing, your operating system, the type of device you are using, screen resolution, and preferred language settings.
Referring Website or Platform: The URL of the website or the name of the platform that directed you to our site (e.g., a specific Google search query, a link from LinkedIn, or a referral from another business website).
Clickstream Data: Information that traces the path you take through our website, including the specific sequence in which you visit pages, click on links, and navigate through different sections.
Interaction Data: Detailed insights into how you interact with various website elements, such as clicks on buttons, scrolling behavior, mouse movements, and engagement with embedded content.

This non-personal information is primarily collected through the use of cookies, web beacons, server logs, and advanced analytics tools (such as Google Analytics). It is always aggregated and used for essential purposes like statistical analysis, robust system administration, and to continually improve the overall functionality and user experience of our website.

2.2. Personal Information (Voluntarily Provided by You)

We only collect personal information when you consciously and voluntarily choose to provide it to us. The types of personal information we may collect include, but are not limited to:

Contact Information: Full name, email address, phone number, and mailing address for direct communication regarding services, inquiries, and updates.
Business Information: Company name, job title, industry, and business goals — enabling us to tailor our solutions to your specific market needs.
Inquiry and Communication Details: Any information you provide through contact forms, email correspondence, phone calls, live chat sessions, or online meetings with our team.
Account Credentials: If we provide you with access to secure client portals or dashboards, we may collect usernames and encrypted passwords strictly necessary for secure account management.
Payment Information: For billing purposes, we may collect your billing address. Payments are processed via bank transfers through local Sri Lankan banks. Lvra Global does not collect or store your bank account login credentials or card details on our servers.

How We Use Your Information: Purpose-Driven Processing

We use the information we collect for various legitimate, clearly defined business purposes, all aimed at providing you with high-quality services, continually improving our offerings, fostering strong client relationships, and maintaining effective communication.

Responding to Inquiries: To ensure a prompt, efficient, and personalized response to your questions and service-related inquiries submitted through our website, email, or phone.
Delivering and Improving Services: To provide, operate, maintain, and continuously enhance the digital marketing, lead generation, website development, SEO, social media, and technology consulting solutions you have engaged us for.
Sharing Updates and Proposals: To proactively send service-related updates, project milestone notifications, invoices, and customized proposals tailored to the services you have expressed interest in.
Internal Analytics and Business Improvement: To conduct in-depth data analysis and statistical evaluations, enabling us to assess the effectiveness of our services, identify areas for improvement, and develop innovative new offerings.
Marketing and Promotional Communications: If you have explicitly opted-in, we may use your contact information to send newsletters, promotional materials, and relevant industry insights. You may unsubscribe at any time.
Fulfilling Legal and Regulatory Obligations: To comply with all applicable laws, including the Sri Lankan Personal Data Protection Act, No. 09 of 2022 (PDPA), tax obligations, financial reporting standards, and lawful governmental requests.
Security and Fraud Prevention: To detect, prevent, and mitigate security threats, fraudulent activities, and unauthorized access attempts to our systems and services.
Personalization: To tailor your experience on our website and in our communications, ensuring we present content and services most relevant to your specific interests and business needs.

Crucially, Lvra Global will never sell, rent, or lease your personal data to unaffiliated third parties for their independent marketing or commercial purposes without your explicit consent.

Legal Basis for Processing (EU/UK Residents and Similar Jurisdictions)

For individuals residing in the European Union, United Kingdom, or other jurisdictions with similar comprehensive data protection regulations (e.g., GDPR, UK GDPR), we process your personal data based on clearly defined legal grounds:

Consent: We process your personal data when you have provided clear, explicit, and unambiguous consent for one or more specific purposes. You retain the right to withdraw your consent at any time without affecting the lawfulness of prior processing.
Performance of a Contract: Processing is necessary for the performance of a contract to which you are a party, or to take pre-contractual steps at your request — such as delivering services, fulfilling lead generation campaigns, or processing payments.
Compliance with a Legal Obligation: Processing is necessary to comply with a legal obligation to which Lvra Global is subject, including maintaining financial records for tax purposes or responding to lawful regulatory requests.
Legitimate Interests: Processing is necessary for the legitimate interests pursued by us or a third party, balanced against your rights and freedoms. This includes improving our website and services, detecting fraud, conducting market research, and marketing to existing clients.

Cookies and Tracking Technologies: Enhancing Your Online Experience

Our website strategically utilizes various types of "cookies" and similar tracking technologies to significantly enhance your browsing experience, conduct insightful analysis of website usage patterns, and support our targeted marketing efforts.

Cookies are small text files placed on your computer or mobile device when you visit a website. They are widely used to make websites function more efficiently, remember your preferences, and provide valuable information to website owners.

Types of Cookies We Use

Essential Cookies: Strictly necessary for the basic and secure operation of our website, enabling core functionalities such as page navigation, access to secure areas, and remembering fundamental preferences. Without these, key aspects of the website may not function correctly.
Performance / Analytics Cookies: Collect anonymous and aggregated information about how visitors use our website — such as pages visited most often and average time spent on pages — to improve website performance. We use Google Analytics for this purpose.
Functionality Cookies: Enable our website to remember choices you make (e.g., preferred language, region) and provide enhanced, more personalized features that improve your overall experience.
Targeting / Advertising Cookies: May be set through our site by trusted advertising partners (e.g., Google Ads, social media platforms) to build a profile of your interests and display relevant advertisements on other websites or platforms.

You can control and decline cookies through your browser settings. Be aware that restricting cookies may affect the functionality and personalization of your experience on our website. For third-party analytics cookies, you may opt-out through services such as the Google Analytics Opt-out Browser Add-on.

Data Storage and Security: Protecting Your Information

The security and confidentiality of your personal data is a paramount and continuous priority for Lvra Global. We implement a robust, multi-layered set of technical, administrative, and physical safeguards designed to protect your information comprehensively from unauthorized access, alteration, disclosure, misuse, or destruction.

Protected Servers: Your data is stored on advanced, purpose-built servers in highly controlled and physically secure facilities, monitored and protected by state-of-the-art security measures including restricted access, surveillance, and environmental controls.
Access Control: Access to your personal data is rigorously limited to authorized personnel with a legitimate business need. All personnel sign non-disclosure agreements and undergo regular, mandatory security awareness training.
Encryption in Transit: We utilize SSL and TLS encryption protocols to protect data transmitted between your browser and our website — the same technology that secures online banking — ensuring all information you send is encrypted and protected from interception.
Encryption at Rest: Where appropriate and technically feasible, particularly for sensitive data categories, data may be encrypted even when stored on our servers, providing an additional layer of protection.
Firewalls and Intrusion Detection: We deploy industry-standard, sophisticated firewalls and advanced intrusion detection/prevention systems (IDS/IPS) that continuously monitor network traffic and block malicious access attempts.
Regular Security Audits: We proactively and periodically conduct comprehensive security audits, external penetration testing, and internal vulnerability assessments to identify and address potential weaknesses in our systems.
Data Backup and Recovery: Comprehensive data backup and recovery procedures, including regular backups and disaster recovery plans, prevent data loss in the unlikely event of system failures or unforeseen incidents.

While we employ all reasonable precautions to protect your information, no method of transmission over the Internet or electronic storage can guarantee 100% absolute security. You also play a vital role: if provided with account credentials, it is your responsibility to keep them confidential and use strong, unique passwords.

Third-Party Links: Navigating External Websites

Our website and communications may contain links to external websites or platforms not owned, operated, or controlled by Lvra Global, including social media platforms, partner websites, industry resources, and external articles.

Please be acutely aware that Lvra Global is not responsible for the privacy practices, content accuracy, or security measures of these external sites. Once you navigate away from our website, our Privacy Policy no longer applies. We strongly encourage you to review the privacy policies of any third-party websites you visit before providing any personal information. Your interactions with any third-party website are solely at your own risk.

International Data Transfers: Global Reach with Privacy Safeguards

As a global digital marketing and technology solutions provider, Lvra Global may, as necessary for the provision of services and operational efficiency, store, process, or transfer your personal data to countries outside of your country of residence, including to servers where our service providers (such as HubSpot and monday.com) operate.

When we transfer personal data across international borders, we take all necessary and legally required steps to ensure that your data is treated securely, with an adequate level of protection, and in strict accordance with this Privacy Policy and all applicable data protection laws, including the Sri Lankan PDPA requirements for cross-border transfers. Safeguards we implement include:

Standard Contractual Clauses (SCCs): Utilizing data transfer agreements approved by relevant regulatory bodies (e.g., European Commission's Standard Contractual Clauses), which legally commit the recipient of the data to protect it to an equivalent standard.
Adequacy Decisions: Relying on countries or international organizations that have been formally deemed to provide an adequate level of data protection by relevant authorities.
Binding Corporate Rules (BCRs): For intra-group transfers within a corporate structure, where applicable, where a group of companies commits to a binding set of privacy rules.
Your Explicit Consent: In specific, limited cases, international data transfers may occur based on your explicit and informed consent, particularly after being clearly informed of the possible risks in the absence of other safeguards.

Data Retention: How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the specific purposes for which it was originally collected, including satisfying any legal, accounting, or reporting requirements. Our data retention policy is carefully balanced to ensure we hold data only as long as required for legitimate business and legal needs.

The specific retention period for different types of personal data depends on the purpose for which the data was collected, legal or regulatory obligations, dispute resolution requirements, and your consent. When your personal data is no longer legitimately required for these defined purposes, we will securely delete or anonymize it in a manner that permanently prevents its reconstruction or identification.

If you wish to know more about our specific data retention periods, or if you would like to request the deletion of your data where permissible, please contact us using the details provided in Section 15.

Anti-Spam Policy: Our Zero-Tolerance Stance

Lvra Global maintains a strict, zero-tolerance policy on spam. We are deeply committed to upholding ethical marketing practices and vehemently oppose the sending of unsolicited commercial messages.

No Unsolicited Emails: We categorically do not send unsolicited commercial emails to individuals who have not explicitly and clearly consented to receive them.
Consent-Based Marketing: Any marketing communications we send are always based on prior, verifiable consent (e.g., an explicit opt-in to our newsletter via a double opt-in process) or a legitimate business interest where a clear, pre-existing business relationship exists.
Easy Opt-Out: All our legitimate marketing emails prominently include a clear, functional unsubscribe link, allowing recipients to effortlessly opt out of future communications at any time.
Prohibited Use of Our Platforms: The use of our platforms, servers, or any services provided by Lvra Global to send unsolicited bulk messages is strictly and absolutely prohibited — including emails to purchased or rented lists, or utilizing deceptive headers or subject lines.
Consequences of Violation: Clients or users found to be in violation of this Anti-Spam Policy will have their services immediately suspended or terminated without prior notice and without refund. The offending party may also incur a cleanup fee to cover the costs of mitigating damage to our reputation and infrastructure.

We actively monitor our systems and investigate all reported instances of spam. Anyone who receives unsolicited emails appearing to originate from Lvra Global's services should report them immediately to customers@lvraglobal.com.

Your Rights: Empowering Your Data Control

Depending on your jurisdiction and applicable data protection laws (e.g., GDPR, UK GDPR, Sri Lankan PDPA, CCPA), you may have specific and enforceable rights regarding your personal information. Lvra Global is deeply committed to facilitating the transparent and efficient exercise of these rights.

Right to Access: You have the right to request a clear, comprehensive copy of the personal data we hold about you and to be fully informed about how we process it.
Right to Rectification: You have the right to request that we promptly correct any inaccurate, incomplete, or outdated personal data we hold about you.
Right to Erasure: You have the right to request the deletion of your personal data under certain specific circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain defined conditions, such as if you contest the accuracy of the data.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format (e.g., CSV, JSON) and to transmit that data to another data controller where technically feasible.
Right to Object to Processing: You have the right to object to the processing of your personal data where we are relying on a legitimate interest as the legal basis, or where the processing is for direct marketing purposes.
Right to Withdraw Consent: Where our processing of your data is based on your consent, you have the absolute right to withdraw your consent at any time without affecting the lawfulness of prior processing.
Right to Lodge a Complaint: You have the right to lodge a complaint with a relevant data protection supervisory authority in the country of your habitual residence, place of work, or the place of the alleged infringement.

To exercise any of these rights, please contact our dedicated privacy team at privacy@lvraglobal.com. We may ask you to verify your identity before processing your request and are committed to responding within the timeframe required by applicable law, typically within one month.

Children's Privacy: Protecting Younger Users

Our website and services are not intended for use by individuals under the age of 13. We do not knowingly, intentionally, or specifically collect personal data from children under 13 years of age.

If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take immediate and decisive steps to delete that information from our records as quickly as possible. If you are a parent or guardian and believe that a child under 13 has provided us with personal information, please contact us immediately at privacy@lvraglobal.com so we can take appropriate action.

Changes to This Privacy Policy: Staying Informed

Lvra Global reserves the right to update or modify this Privacy Policy from time to time to reflect changes in our operational practices, the evolution of our services, advancements in technology, or new legal and regulatory requirements.

Any modifications will be clearly posted on this page with a revised "Last Updated" date. If we make significant changes that materially impact your privacy rights, we will endeavor to provide more prominent notice — including email notification to clients where feasible — prior to the change becoming effective. We strongly encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Contact Us: Your Privacy Inquiries

If you have any questions, concerns, complaints, or requests regarding this Privacy Policy, your personal data, or our data handling practices, please do not hesitate to contact us. We are here to help, committed to transparency, and dedicated to ensuring your privacy is respected.

Business Address: Lvra Global (Pvt) Ltd, 14 Sir Baron Jayathilake Mawatha, Colombo 01, Sri Lanka — Phone: +94 70 355 9858

General Inquiries

hello@lvraglobal.com

Main point of contact for all general questions about Lvra Global and our services.

Privacy-Specific Concerns & Data Rights

privacy@lvraglobal.com

Dedicated privacy contact for all questions related to this Privacy Policy, data subject rights, and compliance matters.

Customer Support & Service Issues

customers@lvraglobal.com

For ongoing service-related issues, technical support, and account management questions.

Marketing & Press Inquiries

press@lvraglobal.com

For media relations, press releases, and partnership proposals.

Sales Inquiries

sales@lvraglobal.com

For requesting quotes, discussing new projects, or learning more about our services.