1. Introduction: Your Privacy, Our Commitment

At Lvra Global (Pvt) Ltd ("Lvra Global," "we," "our," "us"), a leading digital marketing and technology solutions provider based in Colombo, Sri Lanka, your privacy is not just a policy; it's a fundamental commitment. We are deeply dedicated to protecting the personal data and privacy of all our website visitors, clients, prospective clients, business partners, and anyone who interacts with our services. This comprehensive Privacy Policy is meticulously designed to clearly articulate our transparent practices regarding the collection, use, processing, storage, and disclosure of your information. It also meticulously outlines your rights concerning your personal data and details how we diligently safeguard it, always adhering to applicable data protection laws and industry best practices, including the Sri Lankan Personal Data Protection Act, No. 09 of 2022 (PDPA).

By accessing our website, utilizing our diverse range of services (including digital marketing strategy, precision lead generation, bespoke website development, advanced SEO, dynamic social media management, and insightful technology consulting), or engaging with us through any other means such as email, phone, or online forms, you expressly acknowledge and agree to the terms outlined in this Privacy Policy. We strongly encourage you to read this policy carefully and thoroughly to understand our unwavering approach to your privacy and data security.

2. Information We Collect: Understanding Your Data

To provide and continuously improve our services, ensuring a seamless, effective, and personalized experience, we collect various types of information. This information is broadly categorized into non-personal information and personal information, each serving distinct purposes.

2.1. Non-Personal Information (Automatically Collected): Insights Without Identification

When you visit our website or interact with our online platforms, certain non-personal information is automatically collected. This data is crucial for us to understand user behavior patterns, optimize our website's performance, enhance security, and detect potential issues, all without directly identifying you. This type of information typically includes:

• IP Address and Server Information: Your device's Internet Protocol (IP) address, which may provide an indication of your general geographic location (e.g., city or region), along with technical details about your server connection, such as the type of server used and connection status.
• Date, Time, and Duration of Visit: Precise timestamps marking the beginning and end of your interactions with our website, as well as the total time spent on specific pages or the entire site.
• Pages Visited and Documents Accessed: A detailed record of the specific web pages you view, the content you interact with (e.g., videos played, articles read), and any documents you download from our site (e.g., brochures, whitepapers).
• Browser Type and Device Information: Comprehensive details about the web browser you are utilizing (e.g., Chrome, Firefox, Safari, Edge), your operating system (e.g., Windows, macOS, Android, iOS), the type of device you are using (e.g., desktop computer, mobile phone, tablet), screen resolution, and preferred language settings.
• Referring Website or Platform: The Uniform Resource Locator (URL) of the website or the name of the platform that directed you to our site (e.g., a specific Google search query, a link from a social media platform like LinkedIn, or a referral from another business website).
• Clickstream Data: Information that traces the path you take through our website, including the specific sequence in which you visit pages, click on links, and navigate through different sections.
• Interaction Data: Detailed insights into how you interact with various website elements, such as clicks on buttons, scrolling behavior, mouse movements, form field interactions, and engagement with embedded content. This data is often collected through advanced analytics tools to understand user engagement and optimize user experience.

This non-personal information is primarily collected through the use of cookies, web beacons, server logs, and advanced analytics tools (such as Google Analytics). It is always aggregated and used for essential purposes like statistical analysis, robust system administration, and to continually improve the overall functionality, content relevance, and user experience of our website.

2.2. Personal Information (Voluntarily Provided by You): Direct Engagement Data

We only collect personal information when you consciously and voluntarily choose to provide it to us. This typically occurs when you actively engage with us for specific purposes, demonstrating a clear interest in our services or a desire to communicate. The types of personal information we may collect include, but are not limited to:

• Contact Information:
  • Name: Your full legal name or the name of the primary contact person for your organization.
  • Email Address: Your professional or personal email address, essential for direct communication regarding services, inquiries, and updates.
  • Phone Number: Your contact telephone number (mobile or landline), allowing for direct and immediate communication.
  • Mailing Address: Your physical address for correspondence, billing purposes, or delivery of physical materials, if applicable.
   
• Business Information:
  • Company/Business Name: The full legal name of your organization or the name under which you operate your business.
  • Job Title/Role: Your specific position or role within your company, helping us understand your professional context.
  • Industry: The sector or industry in which your business operates, enabling us to tailor our solutions to your specific market needs.
  • Business Goals/Requirements: Detailed information about your strategic business objectives, marketing challenges, and the specific digital marketing or technology solutions you are interested in. This allows us to provide highly relevant proposals and services.
   
• Inquiry and Communication Details:
  • Any and all information you provide when actively filling out contact forms, inquiry forms, service request forms, or when subscribing to our informative newsletters.
  • Comprehensive details shared during direct email correspondence, phone calls, live chat sessions, or online meetings with our dedicated team members.
  • Information explicitly submitted for the purpose of receiving quotes, detailed proposals, or engaging in service consultations.
   
• Account Credentials (for specific services):
  • If we provide you with access to secure client portals, collaborative dashboards, or specific digital tools to manage your services with us, we may collect usernames and encrypted passwords. These are strictly necessary for secure account management, authentication, and safeguarding your access.
   
• Payment Information (for billing purposes):
  • When you engage us for paid services, we may collect essential billing details such as your billing address. For processing payments, we facilitate bank transfers through local Sri Lankan banks. We will provide you with our bank account details for this purpose. Please note that Lvra Global does not directly collect or store your sensitive bank account login credentials or credit/debit card details on our servers. All payment information shared for bank transfers is handled directly through secure banking channels as per the regulations and security protocols of the respective local banks.
   

By voluntarily providing this information, you implicitly consent to its collection and use as meticulously described in this Privacy Policy. We are committed to transparency and will always clearly indicate when personal information is required, and explicitly explain the specific purpose for its collection at the point of data entry.

3. How We Use Your Information: Purpose-Driven Processing

We use the information we collect for various legitimate, clearly defined business purposes, all meticulously aimed at providing you with high-quality services, continually improving our offerings, fostering strong client relationships, and maintaining effective communication. Our primary uses of your information include:

• Responding to Inquiries and Service Requests: To ensure a prompt, efficient, and personalized response to your questions, provide requested information, and address any service-related inquiries or support requests you submit through our website forms, direct email, or phone.
• Delivering and Improving Our Services: To comprehensively provide, operate, maintain, and continuously enhance the digital marketing, lead generation, website development, SEO, social media management, technology consulting, and any other bespoke solutions you have engaged us for. This encompasses every aspect from initial service delivery, ongoing troubleshooting, technical support, and iterative improvements based on client feedback and rigorous performance analysis.
• Sharing Updates and Proposals: To proactively send you essential service-related updates, notifications regarding project milestones, accurate invoices, and customized proposals meticulously tailored to the specific services you have expressed interest in or are currently utilizing.
• Internal Analytics and Business Improvement: To conduct in-depth data analysis, strategic research, and statistical evaluations. This allows us to gain profound insights into market trends, assess the effectiveness of our various services, identify critical areas for improvement, and strategically develop innovative new offerings. This includes analyzing website traffic patterns, user demographics, service usage patterns, and campaign performance data.
• Marketing and Promotional Communications (with consent): If you have explicitly opted-in and provided your clear consent, we may use your contact information to send you valuable newsletters, targeted promotional materials, updates about our latest services, exclusive special offers, and relevant industry insights that we believe will be of interest to you. Your preferences are respected, and you will always have a clear and easy option to unsubscribe from these communications at any time through a prominent link in every marketing email.
• Fulfilling Legal and Regulatory Obligations: To diligently comply with all applicable laws, governmental regulations, legal processes, or legitimate governmental requests, particularly those arising from the Sri Lankan Personal Data Protection Act, No. 09 of 2022 (PDPA). This includes, but is not limited to, fulfilling tax obligations, adhering to financial reporting standards (e.g., related to bank transfers), and responding to lawful subpoenas or court orders from competent authorities.
• Security and Fraud Prevention: To robustly detect, prevent, and actively mitigate security threats, fraudulent activities, and unauthorized access attempts to our systems and services. This involves continuous monitoring of our networks and systems for any suspicious behavior, implementing advanced threat detection, and maintaining vigilant cybersecurity protocols.
• Account Management: To efficiently manage your client account, securely process payments for services rendered (via bank transfers), and provide dedicated customer support related to your ongoing services and relationship with us.
• Personalization: To tailor and enhance your experience on our website and in our communications, ensuring that we present content, services, and offers that are most relevant to your specific interests, business needs, and preferences.

Crucially, Lvra Global adheres to a strict policy: we will never sell, rent, or lease your personal data to unaffiliated third parties for their independent marketing or commercial purposes without your explicit consent, unless specifically outlined in Section 7 (Sharing and Disclosure of Information) or when legally compelled to do so.

4. Legal Basis for Processing (for EU/UK Residents and Similar Jurisdictions): Our Foundational Principles

For individuals residing in the European Union, United Kingdom, or other jurisdictions with similar comprehensive data protection regulations (e.g., GDPR, UK GDPR), we process your personal data based on clearly defined legal grounds, ensuring compliance and transparency:

• Consent: We process your personal data when you have provided us with clear, explicit, and unambiguous consent for one or more specific purposes. For instance, this applies when you actively opt-in to subscribe to our newsletter, or when you complete a contact form with a clear consent checkbox. You retain the fundamental right to withdraw your consent at any time, without affecting the lawfulness of processing that was based on consent before its withdrawal.
• Performance of a Contract: Processing is necessary for the performance of a contract to which you are a party, or in order to take pre-contractual steps at your request. Examples include processing your data to provide a service you have requested, fulfilling the terms of a lead generation campaign, developing a website as per an agreement, or securely processing a payment for services rendered.
• Compliance with a Legal Obligation: Processing is necessary for compliance with a legal obligation to which Lvra Global is subject. This can include maintaining financial records for tax purposes, complying with audit requirements, or responding to lawful and verifiable requests from public authorities or regulatory bodies.
• Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data. Our legitimate interests are carefully balanced with your rights and include:
  • Continually improving and optimizing our website, service offerings, and overall user experience based on analytical insights.
  • Robustly detecting, preventing, and investigating fraud, security breaches, and other harmful or illegal activities to protect our systems and our clients.
  • Conducting comprehensive internal analytics, market research, and business development activities to understand our clientele better, enhance our service portfolio, and grow our business responsibly.
  • Marketing our services to existing clients or prospective clients with whom we have a clear, pre-existing business relationship or a genuine, demonstrable interest.
  • Exercising our legal rights, seeking legal advice, or defending against legal claims in case of disputes.
   

We meticulously ensure that a proper balance is struck between our legitimate interests and your fundamental rights and freedoms, upholding the principles of fairness and necessity.

5. Cookies and Tracking Technologies: Enhancing Your Online Experience

Our website strategically utilizes various types of "cookies" and similar tracking technologies to significantly enhance your browse experience, conduct insightful analysis of website usage patterns, and support our targeted marketing efforts.

5.1. What are Cookies?

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely and commonly used to make websites function more efficiently, remember your preferences, and provide valuable information to the website owners for various purposes.

5.2. How We Use Cookies:

• Essential Cookies: These cookies are strictly necessary for the basic and secure operation of our website. They enable core functionalities such as efficient page navigation, allowing you to access secure areas of the website (e.g., client portals), and remembering your fundamental preferences (e.g., language selection, consent choices). Without these cookies, key aspects of the website may not function correctly or may be inaccessible.
• Performance/Analytics Cookies: These cookies meticulously collect anonymous and aggregated information about how visitors use our website. This includes data points such as which pages are visited most often, the average time spent on specific pages, how users arrive at our site, and if users encounter any error messages. This data is entirely aggregated and anonymized, and it is used solely to deeply understand user behavior, improve the overall performance, loading speed, and usability of our website. We frequently use reputable third-party analytics services like Google Analytics for this purpose.
• Functionality Cookies: These cookies enable our website to remember choices you make (e.g., your username for returning visits, your preferred language, or the region you are browsing from) and provide enhanced, more personalized features that improve your experience. They may also be used to provide services you have specifically requested, such as enabling video playback on our site or remembering form field entries for convenience.
• Targeting/Advertising Cookies: These cookies may be set through our site by our trusted advertising partners (e.g., Google Ads, social media platforms). They may be used by those companies to build a sophisticated profile of your interests based on your browsing habits and then display relevant advertisements to you on other websites or platforms. It's important to note that while they track your browsing behavior, they typically do not store directly personal information but are based on uniquely identifying your browser and internet device for advertising personalization.

5.3. Your Choices Regarding Cookies: Exercising Control

You have significant control and the ability to accept or decline cookies. Most web browsers automatically accept cookies by default, but you can usually modify your browser setting to decline cookies if you prefer a more restricted experience. You can also actively delete cookies that have already been placed on your device.

• Browser Settings: You can granularly adjust your browser settings to:
  • Receive a notification whenever a cookie is set on your device.
  • Accept cookies exclusively from specific, trusted websites.
  • Completely reject all cookies from all websites.
  • Automatically delete all cookies upon closing your browser session.
  • Please be aware that if you choose to reject or significantly restrict cookies, some features and functionalities of our website may not operate correctly, or your overall user experience may be less efficient and personalized.
   
• Third-Party Opt-Outs: For certain third-party analytics and advertising cookies, you may have the option to opt-out directly through their respective services or industry-wide initiatives. Examples include the Google Analytics Opt-out Browser Add-on, or utilizing consumer choice tools provided by organizations like the Digital Advertising Alliance or the European Interactive Digital Advertising Alliance.

By continuing to use our website without actively changing your cookie settings, you signify your consent to our use of cookies as described in this policy.

6. Data Storage and Security: Protecting Your Information

The security and confidentiality of your personal data is a paramount and continuous priority for Lvra Global. We implement a robust, multi-layered set of technical, administrative, and physical safeguards designed to protect your information comprehensively from unauthorized access, accidental or unlawful alteration, unauthorized disclosure, misuse, or destruction.

6.1. Secure Storage Measures: Our Defensive Layers

• Protected Servers: Your data is securely stored on advanced, purpose-built servers located in highly controlled and physically secure facilities. These facilities are regularly monitored and protected by state-of-the-art security measures, including restricted access, surveillance, and environmental controls.
• Access Control: Access to your personal data is rigorously limited to authorized personnel who have a legitimate, defined business need to access the information to perform their job functions (e.g., client service teams managing your account, technical support staff resolving issues, authorized management personnel overseeing operations). All personnel are subject to strict confidentiality obligations, sign non-disclosure agreements, and undergo regular, mandatory security awareness training to reinforce data protection best practices.
• Encryption:
  • Data in Transit: We utilize Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption protocols (the same technology that secures online banking) to protect data transmitted between your web browser and our website. This ensures that any information you send to us, such as form submissions or login credentials, is encrypted, secure, and protected from interception.
  • Data at Rest: Where appropriate and technically feasible, particularly for sensitive data categories, data may be encrypted even when stored on our servers and databases, providing an additional layer of protection against unauthorized access to the stored information.
   
• Firewalls and Intrusion Detection Systems: We deploy industry-standard, sophisticated firewalls and advanced intrusion detection/prevention systems (IDS/IPS). These systems continuously monitor network traffic, block malicious attempts to access our infrastructure, and actively prevent unauthorized access to our internal systems and sensitive data.
• Regular Security Audits and Vulnerability Assessments: We proactively and periodically conduct comprehensive security audits, external penetration testing, and internal vulnerability assessments. These measures are designed to identify and address any potential weaknesses or security gaps in our systems, applications, and infrastructure, ensuring we remain resilient against evolving cyber threats.
• Data Backup and Recovery: We implement comprehensive data backup and recovery procedures, including regular data backups and disaster recovery plans, to prevent data loss in the unlikely event of system failures, natural disasters, or other unforeseen incidents. This ensures business continuity and data integrity.

6.2. Important Considerations: Shared Responsibility

While we employ all reasonable and commercially viable precautions to protect your information with the utmost care, it is critically important to acknowledge that no method of transmission over the Internet or method of electronic storage can guarantee 100% absolute security. The inherent nature of online data transmission means that risks cannot be entirely eliminated. Therefore, while we strive for perfection, we cannot offer an absolute guarantee of security. We continuously review, update, and enhance our security practices to adapt to evolving threats and technological advancements.

You also play a vital role in protecting your own data. If you are provided with any account credentials (e.g., usernames, passwords), it is your strict responsibility to keep them confidential, to use strong, unique passwords that are not easily guessable, and to avoid sharing them with anyone.

7. Sharing and Disclosure of Information: Our Controlled Approach

Lvra Global is steadfast in its commitment to not selling, renting, or leasing your personal data to unaffiliated third parties for their independent marketing or commercial purposes. We will only share or disclose your information under very specific, clearly defined, and limited circumstances as outlined below:

• With Your Express Consent: We may share your personal data with third parties if you have given us explicit, specific, and informed consent to do so for a particular purpose. For example, if we propose collaborating with a specialized partner on a joint project directly related to your services, we would seek your explicit permission before sharing any necessary data.
• With Trusted Service Providers and Contractors: To efficiently operate our business and deliver our services effectively, we engage carefully selected third-party companies and individuals to perform services on our behalf. These third parties may require access to your personal data solely to perform their specific contractual tasks and are strictly bound by comprehensive confidentiality obligations, data processing agreements, and privacy-protective clauses. Examples include, but are not limited to:
  • CRM (Customer Relationship Management) Systems: We utilize HubSpot and monday.com to manage our customer relationships, track sales processes, handle customer support inquiries, and organize project workflows. Information such as your contact details, communication history, and project-related data may be stored and processed within these platforms to streamline our operations and enhance our service delivery.
  • Cloud Hosting Providers: For the secure storage of data, hosting our website, and running our applications (e.g., AWS, Google Cloud).
  • Local Banks: For processing payments received via bank transfers in Sri Lanka. While we do not share your full financial details, transaction-related information necessary for processing and reconciliation will be visible to our banking partners.
  • Email Marketing Platforms: For sending our newsletters and promotional communications, but only if you have explicitly opted in (e.g., Mailchimp).
  • Analytics Providers: Such as Google Analytics, to help us understand website usage and user behavior, allowing us to improve our services and site performance.
  • Professional Advisors: Including legal counsel, accountants, auditors, or business consultants, where necessary for legal, financial, or strategic advice, bound by professional secrecy.
  • Customer Support Platforms: Tools used to manage and respond to customer inquiries and support tickets (e.g., Zendesk, Freshdesk).
   
• For Legal Reasons and Law Enforcement: We may disclose your information if we believe in good faith that it is necessary to:
  • Comply with a legal obligation, a valid governmental request (e.g., court order, subpoena), or a lawful regulatory directive, particularly those under the Sri Lankan Personal Data Protection Act (PDPA) or the Banking Act.
  • Enforce our Terms of Service, other applicable agreements, or company policies.
  • Protect the rights, property, or safety of Lvra Global, our valued clients, our dedicated employees, or the public at large.
  • Investigate or prevent actual or suspected illegal activity, fraudulent schemes, or critical security incidents.
   
• Business Transfers: In the event of a merger, acquisition, corporate restructuring, asset sale, or bankruptcy, your personal data may be transferred as part of that transaction. In such scenarios, we will ensure that the acquiring entity or new owner adheres to similar privacy commitments as outlined in this policy. We will endeavor to notify you via email or a prominent notice on our website of any such significant change in ownership or control of your personal information before it becomes effective.
• Aggregated or Anonymized Data: We may share aggregated or anonymized data (data from which your personal identity has been completely removed and cannot be reconstructed) with third parties for various purposes, such as industry analysis, demographic profiling, research, and marketing insights. This type of data cannot be used to identify you personally.

We conduct thorough due diligence and enter into appropriate data processing agreements with our third-party service providers (including HubSpot and monday.com) to ensure they meet our stringent data protection standards and comply with all applicable privacy laws and regulations, including the PDPA.

8. Third-Party Links: Navigating External Websites

Our website and various communications (e.g., emails, blog posts) may contain links to external websites or platforms that are not owned, operated, or controlled by Lvra Global. These include, but are not limited to, links to popular social media platforms, partner websites, valuable industry resources, and external articles or news sites.

Please be acutely aware that Lvra Global is not responsible for the privacy practices, content accuracy, or security measures of these external sites. Once you navigate away from our website by clicking on such a link, our Privacy Policy no longer applies. We strongly and unequivocally encourage you to review the privacy policies of any third-party websites you visit before providing any personal information to them. Your interactions with any third-party website, including any data you share, are solely at your own risk.

9. International Data Transfers: Global Reach with Privacy Safeguards

As a global digital marketing and technology solutions provider, Lvra Global may, as necessary for the provision of services and operational efficiency, store, process, or transfer your personal data to countries outside of your country of residence, including to servers located in other jurisdictions where our service providers (such as HubSpot and monday.com, which may host data in different regions) or affiliated entities operate. This implies that your data may be subject to data protection laws and regulations that are different from those in your home country.

When we transfer personal data across international borders, we take all necessary and legally required steps to ensure that your data is treated securely, with an adequate level of protection, and in strict accordance with this Privacy Policy and all applicable data protection laws, including the Sri Lankan Personal Data Protection Act (PDPA) requirements for cross-border transfers. This may include implementing robust appropriate safeguards such as:

• Standard Contractual Clauses (SCCs): Utilizing data transfer agreements approved by relevant regulatory bodies (e.g., the European Commission's Standard Contractual Clauses, or their UK equivalents), which legally commit the recipient of the data to protect it to a standard equivalent to that required in the sending jurisdiction.
• Adequacy Decisions: Relying on countries or international organizations that have been formally deemed to provide an adequate level of data protection by relevant authorities (e.g., the European Commission).
• Binding Corporate Rules (BCRs): For intra-group transfers within a corporate structure, if applicable, where a group of companies commits to a binding set of privacy rules.
• Your Explicit Consent: In specific, limited cases, international data transfers may occur based on your explicit and informed consent, particularly after being clearly informed of the possible risks of such transfers in the absence of other safeguards.

By providing your personal data to us, you implicitly consent to such transfers and processing outside of your country of residence, always subject to the comprehensive safeguards mentioned above.

10. Data Retention: How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the specific purposes for which it was originally collected, including, but not limited to, the purposes of satisfying any legal, accounting, or reporting requirements. Our data retention policy is carefully balanced to ensure we hold data only as long as required for legitimate business and legal needs.

The specific retention period for different types of personal data depends on several crucial factors:

• The purpose for which the data was collected: For example, client contact information and project data directly related to active services will be retained for the entire duration of the service contract and for a reasonable period afterward. This post-service retention allows us to facilitate seamless service renewals, address any post-service inquiries, provide historical context for future engagements, or handle warranty claims.
• Legal or regulatory obligations: Certain laws and regulations may mandate us to retain specific types of data for a minimum statutory period. Examples include financial transaction records, tax documents, and legal correspondence, which often have prescribed retention periods by government bodies.
• Dispute resolution: We may retain certain data for a longer period if it is demonstrably necessary to resolve ongoing disputes, enforce our agreements, or protect our legal rights, or defend against potential legal claims.
• Your consent: If the processing of your data is based solely on your consent (e.g., for marketing communications), we will retain the data until you withdraw your consent, unless there is another independent and valid legal basis for its continued retention.

When your personal data is no longer legitimately required for these defined purposes, or when the legal basis for processing ceases, we will securely delete or anonymize it in a manner that permanently prevents its reconstruction or identification, ensuring your privacy is maintained even after deletion.

If you wish to know more about our specific data retention periods for your particular data, or if you would like to request the deletion of your data where permissible, please contact us using the details provided in Section 15.

11. Anti-Spam Policy: Our Zero-Tolerance Stance

Lvra Global maintains a strict, zero-tolerance policy on spam. We are deeply committed to upholding ethical marketing practices and vehemently oppose the sending of unsolicited commercial messages.

• No Unsolicited Emails: We categorically do not send unsolicited commercial emails (commonly known as spam) to individuals who have not explicitly and clearly consented to receive them.
• Consent-Based Marketing: Any marketing communications we send are always based on prior, verifiable consent (e.g., an explicit opt-in to our newsletter via a double opt-in process) or a legitimate business interest where a clear, pre-existing business relationship exists.
• Easy Opt-Out: All our legitimate marketing emails prominently include a clear, easily identifiable, and functional unsubscribe link. This allows recipients to effortlessly opt out of future communications at any time with a single click, respecting your preferences and control.
• Prohibited Use of Our Platforms:
  • The use of our platforms, servers, or any services provided by Lvra Global to send unsolicited bulk messages (spam) is strictly and absolutely prohibited.
  • This prohibition includes, but is not limited to, sending emails to purchased or rented lists, utilizing deceptive headers or subject lines, or violating any and all anti-spam laws (such as the CAN-SPAM Act in the U.S. or other international anti-spam legislation).
   
• Consequences of Violation: Clients or users found to be in egregious violation of this Anti-Spam Policy will have their services immediately suspended or terminated without prior notice and without refund. Depending on the severity and measurable impact of the violation, the offending party may also incur a significant cleanup fee to cover the costs associated with mitigating damage to our reputation, IP addresses, and underlying infrastructure.

We actively and continuously monitor our systems and thoroughly investigate all reported instances of spam originating from or utilizing our services. We strongly encourage anyone who receives unsolicited emails that appear to originate from Lvra Global's services to report them to us immediately via customers@lvraglobal.com so we can take swift action.

12. Your Rights: Empowering Your Data Control

Depending on your jurisdiction and the applicable data protection laws that govern your data (e.g., GDPR, UK GDPR, Sri Lankan PDPA, CCPA), you may have specific and enforceable rights regarding your personal information. Lvra Global is deeply committed to facilitating the transparent and efficient exercise of these rights. These rights may include:

• Right to Access (Right to be Informed): You have the right to request a clear, comprehensive copy of the personal data we hold about you and to be fully informed about how we process it, including the categories of data, purposes of processing, and recipients.
• Right to Rectification (Correction): You have the right to request that we promptly correct any inaccurate, incomplete, or outdated personal data we hold about you.
• Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data under certain specific circumstances (e.g., if the data is no longer necessary for the purposes for which it was collected, if you withdraw consent and there is no other legal basis for processing, or if the data has been unlawfully processed).
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain defined conditions (e.g., if you contest the accuracy of the data, if the processing is unlawful but you oppose erasure, or if we no longer need the data for the original purpose but you require it for legal claims).
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format (e.g., CSV, JSON) and to transmit that data to another data controller without hindrance from us, where technically feasible and where processing is based on consent or contract.
• Right to Object to Processing: You have the right to object to the processing of your personal data where we are relying on a legitimate interest as the legal basis for processing, or where the processing is for direct marketing purposes (including profiling related to direct marketing).
• Right to Withdraw Consent: Where our processing of your data is based on your consent, you have the absolute right to withdraw your consent at any time. This withdrawal will not affect the lawfulness of processing that was based on consent before its withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a relevant data protection supervisory authority, particularly in the country of your habitual residence, place of work, or the place of the alleged infringement, if you believe your data protection rights have been violated.

How to Exercise Your Rights: To exercise any of these fundamental rights, please contact our dedicated privacy team by emailing us at privacy@lvraglobal.com. To ensure the security and confidentiality of your data, we may ask you to verify your identity before processing your request. We are committed to responding to all valid requests within the timeframe required by applicable law, typically within one month.

13. Children’s Privacy: Protecting Younger Users

Our website and services are not intended for use by individuals under the age of 13. We do not knowingly, intentionally, or specifically collect personal data from children under 13 years of age.

If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take immediate and decisive steps to delete that information from our records as quickly as possible. If you are a parent or guardian and believe that a child under 13 has provided us with personal information, please contact us immediately at privacy@lvraglobal.com so we can take appropriate action.

14. Changes to This Privacy Policy: Staying Informed

Lvra Global reserves the unequivocal right to update or modify this Privacy Policy from time to time to reflect changes in our operational practices, the evolution of our services, advancements in technology, or new legal and regulatory requirements.

• Notification of Changes: Any modifications or updates to this Privacy Policy will be clearly posted on this page with a revised "Last Updated" date prominently displayed at the top of the policy.
• Significant Changes: If we make significant changes to how we collect, use, or share your personal data that materially impact your privacy rights, we will endeavor to provide more prominent notice. This may include, where appropriate and feasible, sending an email notification to clients (if we have your email address on file) or displaying a prominent notice on our website's homepage or within our client portal prior to the change becoming effective.
• Review Period: We strongly encourage you to review this Privacy Policy periodically and regularly to stay informed about how we are diligently protecting your information. Your continued use of our website or services after any modifications signifies your full acknowledgment and acceptance of the updated Privacy Policy.

15. Contact Us: Your Privacy Inquiries

If you have any questions, concerns, complaints, or requests regarding this Privacy Policy, your personal data, or our data handling practices, please do not hesitate to contact us. We are here to help, committed to transparency, and dedicated to ensuring your privacy is respected.

You can reach us through the following channels, each dedicated to specific types of inquiries:

• General Inquiries & Primary Contact:
  • 📧 Email: hello@lvraglobal.com
  • This is our main point of contact for all general questions about Lvra Global, our services, or initial business inquiries.
   
• Privacy-Specific Concerns & Data Rights Requests:
  • 📧 Email: privacy@lvraglobal.com
  • This is our dedicated privacy contact email, managed by our privacy team. Please use this address for all questions related to this Privacy Policy, your data subject rights (e.g., access, rectification, erasure requests), or any privacy compliance matters.
   
• Customer Support & Service Issues:
  • 📧 Email: customers@lvraglobal.com
  • Our dedicated customer care team is available through this email to assist you with any ongoing service-related issues, technical support, account management questions, or general client assistance.
   
• Marketing & Press Inquiries:
  • 📧 Email: press@lvraglobal.com
  • For all media relations, press releases, partnership proposals related to marketing, or requests for information from the press.
   
• Sales Inquiries:
  • 📧 Email: sales@lvraglobal.com
  • If you are interested in learning more about our services, requesting a quote, or discussing potential new projects, please contact our sales team here.
   
• Website: https://lvraglobal.com/
  • You can also utilize the contact forms available directly on our website for various inquiries.
   
• Business Address: Lvra Global (Pvt) Ltd, 14 Sir Baron Jayathilake Mawatha, Colombo 01, Sri Lanka
• Phone: +94703559858

We are committed to responding to all inquiries promptly and professionally, striving to provide clear and helpful information.