| Version | Date | Description | Author |
|---|---|---|---|
| 1.0 | July 7, 2026 | Initial publication | Compliance Team |
Official Contact Emails
1.1.1 Lavera Labs is a Data Intelligence, Analytics, Research, Business Intelligence, Artificial Intelligence, Software Development, SaaS, API, Dashboard, Data Visualization, and Technology Company.
1.1.2 Lavera Labs primarily provides:
1.2.1 This Legal, Privacy, Security & Compliance Handbook (the "Handbook") sets forth the policies, practices, and legal frameworks that govern Lavera Labs' operations, services, and interactions with users, customers, partners, employees, and other stakeholders.
1.2.2 This Handbook is designed to:
1.3.1 This Handbook is prepared with reference to the following Indian legal instruments:
1.4.1 This Handbook applies to:
1.4.2 This Handbook does not constitute legal advice and is provided for informational and compliance purposes.
1.5.1 Lavera Labs seeks to review and update this Handbook periodically to reflect changes in applicable laws, regulations, industry standards, and business practices.
1.5.2 Material changes will be communicated through appropriate channels, including website notices and direct communications where required.
1.5.3 The current version of this Handbook will always be available on the Lavera Labs website.
In this Handbook, unless the context otherwise requires:
"API" means Application Programming Interface, including any software interface, protocol, or tool that enables interaction with Lavera Labs' services or data.
"Applicable Law" means all applicable Indian laws, statutes, regulations, rules, ordinances, and governmental requirements, including but not limited to the DPDP Act, IT Act, and Indian Contract Act.
"Biometric Data" means any personal data generated from specific technical processing relating to the physical, physiological, or behavioural characteristics of a natural person.
"Consent" means a clear, affirmative action signifying agreement to the processing of personal data for specified purposes, in compliance with Section 6 of the DPDP Act.
"Data Breach" means any unauthorized access, acquisition, disclosure, alteration, destruction, or loss of personal data, whether accidental or unlawful.
"Data Fiduciary" means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data, as defined under the DPDP Act.
"Data Principal" means the natural person to whom the personal data relates, as defined under the DPDP Act.
"Data Processor" means any person who processes personal data on behalf of a Data Fiduciary.
"DPDP Act" means the Digital Personal Data Protection Act, 2023 (Act No. 22 of 2023) and any rules, regulations, or guidelines issued thereunder.
"Enterprise Solutions" means the customized data intelligence, analytics, business intelligence, and technology solutions provided by Lavera Labs to enterprise customers.
"Grievance Officer" means the individual designated by Lavera Labs to receive and address grievances from Data Principals, as required under Section 13 of the DPDP Act.
"Handbook" means this Legal, Privacy, Security & Compliance Handbook, as amended from time to time.
"Intellectual Property" means all patents, copyrights, trademarks, trade secrets, design rights, database rights, and other proprietary rights, whether registered or unregistered.
"IT Act" means the Information Technology Act, 2000 (Act No. 21 of 2000) and any rules, regulations, or guidelines issued thereunder.
"Lavera Labs" means Lavera Labs, the Data Intelligence, Analytics, Research, Business Intelligence, Artificial Intelligence, Software Development, SaaS, API, Dashboard, Data Visualization, and Technology Company.
"Personal Data" means any data about a Data Principal who is identifiable by or in relation to such data, as defined under Section 2 of the DPDP Act.
"Processing" means any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
"Report" means any research report, analytical report, intelligence report, dashboard, visualization, forecast, or other output produced by Lavera Labs.
"SaaS" means Software as a Service, including any cloud-based software applications and platforms provided by Lavera Labs.
"Services" means all products, services, APIs, platforms, reports, and solutions offered by Lavera Labs.
"Significant Data Fiduciary" means a Data Fiduciary notified as such by the Central Government under Section 10 of the DPDP Act.
"User" means any natural or legal person who accesses, uses, or interacts with Lavera Labs' websites, services, or products.
3.1.1 Lavera Labs respects the privacy of individuals and is committed to protecting personal data in accordance with the Digital Personal Data Protection Act, 2023 and other applicable laws.
3.1.2 This Privacy Policy explains how Lavera Labs collects, uses, discloses, and protects personal data.
3.2.1 Lavera Labs implements reasonable measures to collect only such personal data as is necessary for the purposes specified in this Policy.
3.2.2 Lavera Labs may collect the following categories of personal data:
3.2.3 Lavera Labs may collect personal data:
3.3.1 Lavera Labs processes personal data for the following lawful purposes:
3.4.1 Lavera Labs processes personal data only on the following lawful bases:
3.5.1 Lavera Labs provides a notice to Data Principals at the time of collection of personal data, containing:
3.6.1 Lavera Labs does not sell or rent personal data to third parties.
3.6.2 Lavera Labs may disclose personal data to:
3.6.3 Lavera Labs implements reasonable measures to ensure that third-party processors provide adequate protection for personal data.
3.7.1 Lavera Labs may transfer personal data outside India in accordance with Section 16 of the DPDP Act and Applicable Law.
3.7.2 Lavera Labs implements reasonable measures to ensure that any international data transfer is subject to appropriate safeguards.
3.8.1 Lavera Labs implements reasonable security practices and procedures, as required under Section 8 of the DPDP Act and Section 43A of the IT Act, to protect personal data from unauthorized access, disclosure, alteration, and destruction.
3.8.2 Lavera Labs maintains practices designed to ensure the confidentiality, integrity, and availability of personal data.
3.9.1 Lavera Labs retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by Applicable Law.
3.9.2 Upon withdrawal of Consent or when processing is no longer necessary, Lavera Labs implements reasonable measures to delete or anonymize personal data, subject to legal retention requirements.
3.10.1 Under the DPDP Act, Data Principals have the following rights:
3.10.2 Requests to exercise these rights may be submitted to privacy@laveralabs.com.
3.11.1 Lavera Labs has designated a Grievance Officer to address concerns regarding personal data processing.
3.11.2 Grievances may be submitted to:
3.12.1 Lavera Labs seeks to review and update this Privacy Policy periodically.
3.12.2 Material changes will be communicated through appropriate channels.
4.1.1 Lavera Labs uses cookies and similar tracking technologies on its websites and digital properties.
4.1.2 This Cookie Policy explains what cookies are, how Lavera Labs uses them, and how Users can manage their preferences.
4.2.1 Cookies are small text files placed on a User's device when visiting a website. They help websites remember User preferences, enhance functionality, and provide analytics.
4.3.1 Lavera Labs uses the following categories of cookies:
4.4.1 Users may manage cookie preferences through:
4.4.2 Please note that blocking certain cookies may affect website functionality.
4.5.1 Lavera Labs may use third-party services that place cookies on User devices.
4.5.2 Lavera Labs implements reasonable measures to ensure third-party cookies comply with applicable privacy requirements.
4.6.1 The standard cookie banner displayed on Lavera Labs websites states:
"We use cookies to enhance your browsing experience, analyze site traffic, and personalize content. By clicking 'Accept All,' you consent to our use of cookies. You can manage your preferences by clicking 'Cookie Settings.' For more information, please see our Cookie Policy and Privacy Policy."
5.1.1 Lavera Labs is committed to maintaining the security and integrity of its systems, data, and services.
5.1.2 This Security Policy outlines the measures Lavera Labs implements to protect against unauthorized access, disclosure, alteration, and destruction of data.
5.2.1 Lavera Labs maintains a security program designed to:
5.3.1 Lavera Labs implements reasonable security measures, including but not limited to:
5.4.1 Lavera Labs maintains practices designed to align with industry-recognized security standards and frameworks.
5.4.2 Lavera Labs seeks to regularly review and enhance its security measures to address evolving threats.
5.5.1 Lavera Labs implements reasonable measures to protect personal data as required under Section 8 of the DPDP Act.
5.5.2 Lavera Labs maintains practices designed to prevent unauthorized access to or disclosure of personal data.
5.6.1 Lavera Labs implements reasonable measures to ensure that third-party service providers maintain adequate security practices.
5.6.2 Lavera Labs seeks to assess the security posture of critical third-party vendors.
5.7.1 Security concerns should be reported to security@laveralabs.com.
5.7.2 Lavera Labs aims to acknowledge and address reported security concerns promptly.
6.1.1 Lavera Labs welcomes responsible disclosure of security vulnerabilities by security researchers, customers, and the public.
6.1.2 This policy establishes a framework for reporting and addressing security vulnerabilities.
6.2.1 This policy applies to:
6.2.2 This policy does not apply to third-party services or infrastructure not controlled by Lavera Labs.
6.3.1 To report a security vulnerability:
6.4.1 Lavera Labs encourages researchers to:
6.4.2 Lavera Labs does not authorize or condone:
6.5.1 Lavera Labs aims to:
6.6.1 Lavera Labs may acknowledge responsible security researchers who report valid vulnerabilities, subject to applicable privacy considerations.
7.1.1 This Data Retention Policy establishes the periods for which Lavera Labs retains personal data and other information.
7.1.2 Lavera Labs retains data only for as long as necessary to fulfill the purposes for which it was collected, or as required by Applicable Law.
7.2.1 Lavera Labs implements reasonable measures to ensure that:
7.3.1 The following retention periods generally apply:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account Information | Duration of account + reasonable period | Contract and legal obligations |
| Transaction Records | 7 years | Tax and regulatory requirements |
| Usage Logs | 12 months | Security and analytics |
| Communication Records | 3 years | Service and dispute resolution |
| Recruitment Data | 2 years | Recruitment and legal compliance |
| Research Data | As per research purposes | Research and analytics |
| Financial Records | 8 years | Tax and regulatory requirements |
7.4.1 When data is no longer required, Lavera Labs implements reasonable measures to securely dispose of or anonymize the data.
7.4.2 Disposal methods may include secure deletion, anonymization, or aggregation.
7.5.1 Data may be retained for longer periods where:
8.1.1 This Data Deletion Policy & Request Procedure explains the circumstances under which Lavera Labs deletes personal data, and the process by which Data Principals may request deletion.
8.1.2 Lavera Labs recognizes the right of Data Principals to request erasure of personal data under Section 12(3) of the DPDP Act.
8.2.1 Lavera Labs deletes personal data in the following circumstances:
8.3.1 Data Principals may request deletion of their personal data through any of the following methods:
8.3.2 Each request must include:
8.3.3 Lavera Labs implements reasonable measures to verify the identity of the Data Principal before processing a deletion request. Additional information may be requested to confirm identity.
8.4.1 Lavera Labs aims to:
8.4.2 Where a request is complex or requires additional time, Lavera Labs may extend the response period by providing reasonable justification and an estimated timeline.
8.5.1 Deletion requests may be refused where:
8.5.2 Where a deletion request is refused, Lavera Labs provides the Data Principal with:
8.6.1 Deletion of personal data may affect the availability or functionality of certain services.
8.6.2 Lavera Labs informs the Data Principal of any significant consequences of deletion before processing the request.
8.7.1 Lavera Labs maintains logs of:
8.8.1 The Data Deletion Request Form (see Chapter 57) is available for Data Principals to submit deletion requests in a structured format.
9.1.1 This Data Correction Policy explains how Data Principals may request correction of inaccurate or incomplete personal data.
9.1.2 Lavera Labs recognizes the right of Data Principals to correction under Section 12 of the DPDP Act.
9.2.1 Data Principals have the right to:
9.3.1 Data Principals may request correction by:
9.3.2 Correction requests should specify: the personal data to be corrected, the correct or updated information, and the basis for the correction.
9.3.3 Lavera Labs aims to respond to correction requests within 7 working days.
9.4.1 Lavera Labs implements reasonable measures to verify the identity of the Data Principal before processing correction requests.
9.4.2 Lavera Labs may request additional information to verify the accuracy of the requested correction.
9.5.1 The Data Correction Request Form (see Chapter 58) is available for Data Principals to submit correction requests.
10.1.1 This Consent Withdrawal Policy explains how Data Principals may withdraw Consent for the processing of their personal data.
10.1.2 Lavera Labs recognizes the right of Data Principals to withdraw Consent at any time, with ease comparable to giving Consent.
10.2.1 Data Principals may withdraw Consent for processing of personal data at any time.
10.2.2 Upon withdrawal of Consent, Lavera Labs ceases processing the personal data, unless another lawful basis for processing exists.
10.2.3 Withdrawal of Consent does not affect the lawfulness of processing based on Consent before its withdrawal.
10.3.1 Data Principals may withdraw Consent by:
10.3.2 Lavera Labs aims to process withdrawal requests within 7 working days.
10.4.1 Withdrawal of Consent may affect the availability or functionality of certain services.
10.4.2 Lavera Labs informs Data Principals of the consequences of withdrawal, where appropriate.
10.5.1 The Consent Withdrawal Request Form (see Chapter 59) is available for Data Principals to submit withdrawal requests.
11.1.1 This Grievance Redressal Policy establishes the mechanism for addressing grievances relating to the processing of personal data.
11.1.2 Lavera Labs is committed to establishing an effective grievance redressal mechanism as required under Section 13 of the DPDP Act.
11.2.1 Lavera Labs has designated a Grievance Officer to receive and address grievances from Data Principals.
11.2.2 The Grievance Officer may be contacted at:
11.3.1 Grievances may be submitted by:
11.3.2 Grievance submissions should include: name and contact information of the Data Principal, clear description of the grievance, relevant details and supporting documents, and preferred resolution.
11.4.1 Lavera Labs' grievance handling process involves:
11.5.1 If a Data Principal is dissatisfied with the response, they may request an internal review, escalate to the Data Protection Board of India, or pursue other remedies.
11.6.1 Lavera Labs maintains logs of grievances received, dates of acknowledgment and resolution, communications, and grounds for approval or refusal.
12.1.1 This Customer Data Processing Policy governs how Lavera Labs processes personal data on behalf of its customers (as a Data Processor) and as a Data Fiduciary.
12.1.2 This Policy applies where Lavera Labs processes personal data in the course of providing Services to customers.
12.2.1 When Lavera Labs determines the purpose and means of processing personal data, Lavera Labs acts as a Data Fiduciary.
12.2.2 When Lavera Labs processes personal data on behalf of a customer, Lavera Labs acts as a Data Processor.
12.2.3 Lavera Labs implements reasonable measures to: process personal data only on documented instructions, ensure confidentiality, assist customers in responding to Data Principal requests, and implement appropriate security measures.
12.3.1 Customer data may include: personal data of the customer's employees, clients, or end-users; business data and intelligence; analytics and research data; and any other data provided to Lavera Labs by the customer.
12.4.1 Lavera Labs processes customer data in accordance with written instructions from the customer, the terms of the applicable service agreement, and Applicable Law.
12.4.2 Lavera Labs does not use customer data for purposes other than those specified in the service agreement, unless required by Applicable Law.
12.5.1 Lavera Labs may engage sub-processors to process customer data.
12.5.2 Lavera Labs implements reasonable measures to ensure that sub-processors provide adequate data protection guarantees, process data only on documented instructions, and comply with applicable data protection requirements.
12.5.3 Customers may request a list of sub-processors by contacting privacy@laveralabs.com.
12.6.1 Lavera Labs implements reasonable security measures to protect customer data from unauthorized access, disclosure, alteration, and destruction.
12.6.2 Lavera Labs maintains practices designed to ensure the confidentiality, integrity, and availability of customer data.
12.7.1 In the event of a Data Breach affecting customer data, Lavera Labs aims to notify affected customers without undue delay.
12.7.2 Lavera Labs provides reasonable assistance to customers in complying with their data breach notification obligations.
12.8.1 Upon termination of services, Lavera Labs implements reasonable measures to return or delete customer data in accordance with the service agreement and Applicable Law.
13.1.1 This Data Breach Response Policy establishes the procedures for responding to Data Breaches involving personal data.
13.1.2 Lavera Labs maintains practices designed to detect, respond to, and mitigate Data Breaches.
13.2.1 A Data Breach means any unauthorized access, acquisition, disclosure, alteration, destruction, or loss of personal data, whether accidental or unlawful.
13.3.1 Lavera Labs implements reasonable measures to detect Data Breaches through security monitoring, intrusion detection, employee reporting, and third-party notifications.
13.3.2 Upon detection, Lavera Labs assesses: the nature and scope, categories of data involved, number of Data Principals affected, and potential impact.
13.4.1 Response includes: containment, investigation, assessment, notification, remediation, and documentation.
13.5.1 Lavera Labs aims to notify affected Data Principals and the Data Protection Board of India as required under Applicable Law.
13.6.1 Lavera Labs maintains records of all Data Breaches, including facts, effects, and remedial actions.
14.1.1 This User Rights Policy summarizes the rights available to Data Principals under the DPDP Act and the processes for exercising those rights.
14.1.2 Lavera Labs respects and facilitates the exercise of Data Principal rights.
Data Principals may exercise rights by submitting a request to privacy@laveralabs.com, using the applicable request form, or contacting the Grievance Officer.
Lavera Labs verifies identity before processing requests.
Lavera Labs aims to respond within 7 working days.
No fees are charged except for manifestly unfounded, excessive, or repetitive requests.
Data Principals may lodge complaints with the Lavera Labs Grievance Officer or the Data Protection Board of India.
15.1 Introduction – These Terms of Service govern the use of Lavera Labs' Services.
15.2 Acceptance of Terms – By using the Services, Users agree to be bound.
15.3 Services Description – Lavera Labs provides research, analytics, dashboards, intelligence reports, software, APIs, AI insights, enterprise solutions, BI tools, and forecasts.
15.4 User Accounts – Users must maintain confidentiality of credentials.
15.5 Acceptable Use – Must comply with the Acceptable Use Policy.
15.6 Intellectual Property – All IP owned by or licensed to Lavera Labs.
15.7 User Content – Users retain ownership but grant a license to Lavera Labs.
15.8 Privacy – Data processed per Privacy Policy.
15.9 Payment Terms – Fees as specified.
15.10 Service Availability – No guarantee of uninterrupted service.
15.11 Disclaimer of Warranties – Services provided "as is".
15.12 Limitation of Liability – Liability limited to the amount paid, subject to Indian law.
15.13 Indemnification – Users indemnify Lavera Labs.
15.14 Termination – Lavera Labs may terminate for violations.
15.15 Governing Law – Laws of India.
15.16 Amendments – Terms may be updated.
15.17 Severability – Invalid provisions do not affect the rest.
16.1 Introduction – Sets forth rules for using Services.
16.2 Prohibited Activities – Illegal, harmful, unauthorised access, interference, malware, misrepresentation, data mining, spam, harassment, IP infringement.
16.3 System Integrity – No reverse engineering, probing, scraping, or interfering.
16.4 Content Standards – No defamatory, obscene, discriminatory, or infringing content.
16.5 Enforcement – Lavera Labs may monitor, suspend, or remove content.
16.6 Reporting Violations – Report to support@laveralabs.com.
17.1 Introduction – Governs use of Lavera Labs APIs.
17.2 API Access – Subject to these terms, the Terms of Service, and the Fair Usage Policy.
17.3 API License – Limited, non-exclusive, revocable license.
17.4 API Usage – Must follow documentation, rate limits, and security measures.
17.5 API Key Security – Users are responsible for API keys.
17.6 API Availability – No guarantee of uninterrupted service.
17.7 API Versioning – New versions may be released.
17.8 API Data – Data accessed through APIs subject to privacy and IP protections.
18.1 Introduction – Establishes usage limits.
18.2 Rate Limits – Based on requests per time, data volume, concurrent connections, etc.
18.3 Fair Usage – Ensures equitable allocation.
18.4 Exceeding Limits – May result in error responses, throttling, or suspension.
18.5 Adjustments – Limits may be adjusted.
18.6 Monitoring – Lavera Labs monitors usage.
19.1 Introduction – Governs SaaS offerings.
19.2 SaaS Services – Dashboards, analytics, research, APIs, etc.
19.3 Subscription – Monthly or annual, self-service or enterprise.
19.4 Customer Responsibilities – Ensure authorised use, maintain security, comply with laws.
19.5 Service Levels – As per SLA or commercially reasonable availability.
19.6 Data Hosting – Locations disclosed in agreement.
19.7 Support – Technical support as specified.
19.8 Customization – Subject to separate agreement.
19.9 Termination – As per agreement.
19.10 Fees and Payment – As specified.
20.1 Introduction – Governs use of third-party services.
20.2 Third-Party Services – Cloud, payment, communication, analytics, security, CRM, etc.
20.3 Provider Selection – Select providers with adequate security and privacy.
20.4 Provider Monitoring – Monitor performance and compliance.
20.5 Data Processing by Third Parties – Ensure DPAs and security.
20.6 Provider Changes – May change with notice.
20.7 User Responsibility – Users review third-party policies.
21.1 Introduction – Governs AI development and deployment.
21.2 AI Principles – Fairness, transparency, accountability, privacy, security, reliability, human oversight.
21.3 AI Use Cases – Data intelligence, predictive modeling, NLP, anomaly detection, etc.
21.4 AI Outputs – Informational only, not professional advice, subject to limitations, reviewed where appropriate.
21.5 AI Training Data – Lawful, representative, privacy-compliant.
21.6 Bias and Fairness – Mitigate through diverse data, testing, monitoring.
21.7 Human Oversight – Maintained where appropriate.
21.8 AI Transparency – Disclosure of AI use where material.
22.1 Introduction – Standards for research.
22.2 Research Standards – Academic, ethical, legal, internal quality.
22.3 Research Methodology – Quantitative, qualitative, analytics, predictive, surveys, secondary.
22.4 Data Sources – Public, licensed, proprietary, customer, survey.
22.5 Attribution – Provide attribution for sources, partners, researchers.
22.6 Research Integrity – Accurate, transparent, no manipulation, proper citation.
22.7 Peer Review – Internal or external.
23.1 Introduction – Describes data sources.
23.2 Primary Data Sources – Public, licensed, proprietary, customer, survey.
23.3 Data Attribution – Provided in reports, dashboards.
23.4 Data Limitations – Incomplete, outdated, sampling bias, etc.
23.5 Updates – Reviewed periodically.
24.1 Introduction – Ethical principles for research.
24.2 Ethical Principles – Respect, beneficence, justice, integrity, accountability.
24.3 Informed Consent – Obtained where human participants.
24.4 Confidentiality – Protections for participants.
24.5 Conflicts of Interest – Identified and managed.
24.6 Research Misconduct – No fabrication, falsification, plagiarism.
25.1 Introduction – Applies to all research outputs.
25.2 General Disclaimer – Provided for general informational purposes; no guarantee of completeness, reliability, accuracy; reliance at user's own risk.
25.3 No Professional Advice – Not legal, financial, investment, etc.
25.4 Limitations – Based on data and methodologies with limitations.
25.5 No Liability – Not responsible for losses except where liability cannot be excluded.
26.1 Introduction – Applies to analytics services.
26.2 Purpose – Informational and decision-support.
26.3 Accuracy – Reasonable measures but no guarantee.
26.4 Data Limitations – Quality, methodologies, assumptions.
26.5 No Warranty – Provided "as is".
27.1 Introduction – Applies to forecasts and statistical analyses.
27.2 Nature of Forecasts – Inherently uncertain, based on assumptions.
27.3 Statistical Limitations – Sampling, model assumptions, data quality, unforeseen variables.
27.4 Use of Forecasts – One input among many.
27.5 Updates – May be updated.
28.1 Introduction – Approach to transparency.
28.2 Model Transparency – Purpose, data, limitations, oversight.
28.3 Model Documentation – Architecture, training data, performance, limitations.
28.4 Model Updates – Reviewed and updated periodically.
29.1 Introduction – Commitment to transparency and correction.
29.2 Transparency Commitment – Clear disclosure, openness.
29.3 Content Correction – Acknowledge, correct, communicate.
29.4 Reporting Errors – Report to info@laveralabs.com.
29.5 Correction Process – Review and implement.
30.1 Introduction – Position on IP rights.
30.2 Lavera Labs' Intellectual Property – Software, reports, dashboards, APIs, content, brands, trade secrets owned/licensed.
30.3 User Intellectual Property – Users retain ownership, grant license.
30.4 Protection of Intellectual Property – Measures to protect; users must not copy, reverse engineer, remove notices, or use trademarks without permission.
30.5 Third-Party Intellectual Property – Respect third-party rights.
31.1 Introduction – Compliance with Copyright Act.
31.2 Copyright Ownership – Lavera Labs owns original works.
31.3 Copyright Notices – Included where appropriate.
31.4 User Content – Users retain copyright.
31.5 Copyright Infringement Claims – Claims to legal@laveralabs.com with required details.
31.6 Takedown – May remove infringing material.
32.1 Introduction – Compliance with Trade Marks Act.
32.2 Lavera Labs Trademarks – "Lavera Labs" and related marks.
32.3 Proper Use – As adjectives, with symbols, not implying endorsement.
32.4 Prohibited Use – No misleading, modifying, disparaging, or domain name registration.
32.5 Third-Party Trademarks – Respect third-party rights.
32.6 Trademark Infringement Claims – Claims to legal@laveralabs.com.
33.1 Introduction – Process for IP infringement complaints.
33.2 Submission of Complaints – To legal@laveralabs.com with identification of IP and infringing material, contact, good faith statement.
33.3 Review Process – Timely review, may request more info.
33.4 Action – Remove/disable, terminate repeat infringers.
33.5 Counter-Notice – Affected party may submit.
34.1 Introduction – Commitment to protecting confidential information.
34.2 Confidential Information – Trade secrets, business plans, customer data, R&D, financial, technical, etc.
34.3 Protection – Reasonable measures, need-to-know basis.
34.4 Employee Obligations – Maintain confidentiality, use only for authorised purposes, return/destroy upon request.
34.5 Third-Party Confidential Information – Respect and protect.
34.6 Exceptions – Publicly available, known prior, independently developed, required by law.
35.1 Introduction – Security measures for enterprise customers.
35.2 Security Governance – Policies, roles, risk management, compliance.
35.3 Technical Security Controls – Network, access, encryption, application, monitoring, incident response.
35.4 Physical Security – For critical infrastructure.
35.5 Personnel Security – Background checks, training, confidentiality agreements, access revocation.
35.6 Third-Party Security – Assess and require appropriate security.
35.7 Security Certifications – Seek industry certifications, disclosed upon request.
36.1 Introduction – Applies to all websites.
36.2 General Disclaimer – Provided for general informational purposes; no guarantee of completeness, reliability, accuracy; reliance at user's own risk; not responsible for losses except where liability cannot be excluded.
36.3 No Professional Advice – Not legal, financial, investment, etc.
36.4 Website Availability – Not responsible for temporary unavailability.
36.5 External Links – Not responsible for third-party content.
36.6 Limitation of Liability – Limited to extent permitted by law.
37.1 Introduction – Approach to availability.
37.2 Availability – Seek high availability but no guarantee.
37.3 Maintenance – Planned maintenance with notices where possible.
37.4 Technical Issues – Not responsible for issues beyond control.
37.5 Reporting Issues – support@laveralabs.com.
38.1 Introduction – Supported browsers and devices.
38.2 Supported Browsers – Modern Chrome, Firefox, Safari, Edge.
38.3 Supported Devices – Desktops, laptops, tablets, smartphones.
38.4 Limitations – Some features may not be available.
38.5 Reporting Issues – support@laveralabs.com.
39.1 Introduction – Applies to content submitted by users.
39.2 User-Generated Content – Comments, feedback, surveys, forum posts.
39.3 Content Standards – Accurate, lawful, non-infringing, not harmful.
39.4 Rights in User Content – Users retain ownership, grant license to Lavera Labs.
39.5 Moderation – Lavera Labs may moderate and remove content.
40.1 Introduction – Commitment to accessibility.
40.2 Accessibility Standards – WCAG and applicable laws.
40.3 Accessibility Features – Keyboard navigation, screen reader, alt text, contrast, resizable text.
40.4 Feedback – support@laveralabs.com.
40.5 Continuous Improvement – Seek to improve.
41.1 Introduction – Explains processing of job applicant data.
41.2 Data Collected – Contact, employment history, education, qualifications, references, CV, interview notes, background check.
41.3 Purposes – Evaluating applications, conducting interviews, background checks, communication, compliance, analytics.
41.4 Retention – 2 years or as required by law.
41.5 Applicant Rights – Access, correction, erasure – to recruitment@laveralabs.com.
41.6 Careers Form Privacy Notice – See Chapter 53.
42.1 Introduction – Framework for employment.
42.2 Employment Standards – Comply with laws, merit-based.
42.3 Employee Rights – Fair treatment, safe workplace, privacy, grievance.
42.4 Employee Obligations – Diligence, compliance, confidentiality, protect assets.
42.5 Code of Conduct – Integrity, respect, compliance, confidentiality, conflict of interest.
42.6 Data Protection – Comply with Privacy Policy, protect data.
43.1 Introduction – Framework for internships.
43.2 Internship Program – Learning and development.
43.3 Intern Responsibilities – Perform tasks, comply with policies, maintain confidentiality.
43.4 Supervision and Mentorship – Assigned supervisor.
43.5 Data Protection – Comply with Privacy Policy.
44.1 Introduction – Commitment to equal opportunity.
44.2 Commitment – No discrimination on race, religion, gender, age, disability, etc.
44.3 Fair Treatment – Recruitment, compensation, training, promotion, working conditions.
44.4 Inclusive Environment – Foster inclusivity.
45.1 Introduction – Governs communications.
45.2 Communication Channels – Email, website, social media, direct, newsletters.
45.3 Communication Standards – Clear, prompt, professional, privacy-conscious.
45.4 Email Communications – Official emails provided.
45.5 Newsletter Consent – Requires consent, opt-out available.
46.1 Introduction – Process for contacting Lavera Labs.
46.2 Contact Methods – Email, contact forms, phone.
46.3 Response Times – General: 2 working days; privacy: 7; security: 5.
46.4 Appropriate Contacts – Table mapping inquiry type to email.
47.1 Introduction – Commitment to preventing spam.
47.2 Prohibited Activities – Unsolicited commercial communications, bulk messaging, phishing, harvesting.
47.3 Lavera Labs' Communications – Only with consent, business relationship, or legal basis.
47.4 Opt-Out – Marketing communications opt-out.
47.5 Reporting Spam – support@laveralabs.com.
48.1 Introduction – Process for handling complaints.
48.2 Complaint Submission – Email, forms, other channels.
48.3 Complaint Handling Process – Acknowledgment, assessment, investigation, resolution, response, documentation.
48.4 Response Times – Acknowledge within 2 working days, substantive response within 7.
48.5 Escalation – Internal review, regulatory authorities, other remedies.
49.1 Introduction – Protecting children's privacy.
49.2 Age Limitations – Services not directed at children under 18.
49.3 Parental Consent – Seek verifiable parental consent where required.
49.4 Data Processing – With safeguards and enhanced protections.
49.5 Reporting – Report to privacy@laveralabs.com if collected without consent.
50.1 Introduction – Specifies footer content.
50.2 Footer Content – Copyright notice, links to Privacy, Terms, Cookie policies, contact, disclaimer, governing law.
51.1 Introduction – Standard cookie banner text.
51.2 Cookie Banner Text – As provided in Chapter 4.6.
51.3 Cookie Banner Options – Accept All, Settings, Reject Non-Essential, link to Cookie Policy.
52.1 Introduction – Explains processing of contact form data.
52.2 Data Collected – Name, email, phone (optional), company, subject, message.
52.3 Purpose – Responding to inquiries.
52.4 Retention – 3 years.
52.5 Notice Text – "By submitting this form, you agree to the processing of your personal data in accordance with our Privacy Policy..."
53.1 Introduction – Explains processing of careers form data.
53.2 Data Collected – Name, email, phone, CV, cover letter, portfolio, employment history, education.
53.3 Purpose – Evaluating applications, recruitment.
53.4 Retention – 2 years.
53.5 Notice Text – "By submitting this application, you agree to the processing of your personal data for recruitment purposes..."
54.1 Introduction – Consent process for newsletters.
54.2 Consent Text – "I consent to receiving newsletters and marketing communications..."
54.3 Confirmation – Double opt-in.
54.4 Unsubscribe – Unsubscribe link in every email.
55.1 Introduction – Process for reporting security concerns.
55.2 Reporting – security@laveralabs.com with description, steps, evidence.
55.3 Response – Acknowledge within 5 working days, investigate, communicate.
55.4 Confidentiality – Maintain confidentiality.
55.5 Security Vulnerability Report Form – See Chapter 61.
56.1 Introduction – Process for exercising Data Principal rights.
56.2 Submitting Requests – To privacy@laveralabs.com specifying the right, data subject, details.
56.3 Verification – Identity verification.
56.4 Response – Within 7 working days, with legal basis for denials.
57.1 Introduction – Form for deletion requests.
57.2 Form Content – Full name, email, phone (opt), date of birth (opt), description of data to be deleted, reason, supporting documents, consent to verification, signature.
57.3 Submission Instructions – Email to privacy@laveralabs.com or via account interface.
57.4 Processing – Aims to process within 7 working days of verification.
58.1 Introduction – Form for correction requests.
58.2 Form Content – Full name, email, phone (opt), description of data to be corrected, correct information, supporting documents, signature.
58.3 Submission Instructions – Email to privacy@laveralabs.com.
59.1 Introduction – Form for withdrawing consent.
59.2 Form Content – Full name, email, phone (opt), description of consent to withdraw, effective date, signature.
59.3 Submission Instructions – Email to privacy@laveralabs.com.
60.1 Introduction – Form for privacy-related grievances.
60.2 Form Content – Full name, email, phone (opt), description of complaint, relevant details, supporting documents, desired resolution, signature.
60.3 Submission Instructions – Email to privacy@laveralabs.com.
61.1 Introduction – Form for reporting vulnerabilities.
61.2 Form Content – Reporter name (opt), email, description, steps to reproduce, impact, evidence, acknowledgment preference.
61.3 Submission Instructions – Email to security@laveralabs.com.
62.1 Introduction – Explains processing of partnership inquiry data.
62.2 Data Collected – Name, email, company, phone, partnership details.
62.3 Purpose – Evaluating partnership opportunities.
62.4 Retention – 3 years.
63.1 Introduction – Explains processing of media inquiry data.
63.2 Data Collected – Name, email, organization, phone, inquiry details, deadline.
63.3 Purpose – Responding to media inquiries.
63.4 Retention – 3 years.
64.1 Introduction – General notices.
64.2 General Notice – Information provided "as is".
64.3 No Waiver – Failure to enforce does not waive.
64.4 Entire Agreement – Policies constitute entire agreement.
65.1 Introduction – Specifies governing law and jurisdiction.
65.2 Governing Law – Laws of India, including DPDP Act, IT Act, Indian Contract Act.
65.3 Jurisdiction – Exclusive jurisdiction of courts in India.
66.1 Severability – Invalid provisions do not affect the rest.
66.2 Waiver – Failure to enforce does not waive.
66.3 Entire Agreement – Policies constitute the entire agreement.
67.1 Introduction – Position on force majeure.
67.2 Force Majeure Events – Natural disasters, acts of God, war, pandemics, government actions, telecom failures, cyber attacks.
67.3 Effect – Not liable for delays or failures caused by force majeure; seeks to mitigate.
68.1 Introduction – Summary of trust and compliance commitments.
68.2 Trust Commitments – Privacy, security, transparency, compliance, quality.
68.3 Key Policies – Privacy, Security, Data Breach, Grievance Redressal.
68.4 Contact – privacy@laveralabs.com.
69.1 Introduction – Describes data governance framework.
69.2 Governance Principles – Accountability, transparency, integrity, security, compliance.
69.3 Governance Framework – Policies, quality, security, lifecycle, compliance monitoring.
69.4 Data Inventory – Categories, sources, flows, processing activities.
70.1 Introduction – Information for customer due diligence.
70.2 Information Available – This Handbook, Privacy, Security, Terms, Data Processing Agreements (upon request), security documentation.
70.3 Due Diligence Requests – To legal@laveralabs.com; prompt response.
70.4 Confidentiality – Information provided under confidentiality.