Lavera Labs

Legal, Privacy, Security & Compliance Handbook
Version 1.0
Effective Date: July 7, 2026

Revision Information

VersionDateDescriptionAuthor
1.0July 7, 2026Initial publicationCompliance Team

Official Contact Emails

Table of Contents

1 Introduction & Scope 2 Definitions 3 Privacy Policy 4 Cookie Policy 5 Security Policy 6 Responsible Vulnerability Disclosure Policy 7 Data Retention Policy 8 Data Deletion Policy & Request Procedure 9 Data Correction Policy 10 Consent Withdrawal Policy 11 Grievance Redressal Policy 12 Customer Data Processing Policy 13 Data Breach Response Policy 14 User Rights Policy 15 Terms of Service 16 Acceptable Use Policy 17 API Terms of Use 18 API Fair Usage & Rate Limiting Policy 19 SaaS Terms of Service 20 Third-Party Services Policy 21 AI & Responsible Use Policy 22 Research Methodology & Attribution Policy 23 Data Sources & Attribution Statement 24 Research Ethics Policy 25 Research Disclaimer 26 Analytics Disclaimer 27 Forecasting & Statistical Limitations Statement 28 AI Model Transparency Statement 29 Transparency & Content Correction Policy 30 Intellectual Property Policy 31 Copyright Policy 32 Trademark Policy 33 Intellectual Property Complaint Procedure 34 Confidentiality Policy 35 Enterprise Security Overview 36 Website Disclaimer 37 Website Availability & Maintenance Notice 38 Browser & Device Support Notice 39 User-Generated Content Notice 40 Accessibility Statement 41 Recruitment Privacy Notice 42 Employment Policy 43 Internship Policy 44 Equal Opportunity Statement 45 Communication Policy 46 Contact Policy 47 Anti-Spam Policy 48 Complaint Handling Policy 49 Children's Privacy Policy 50 Website Footer Legal Notices 51 Cookie Banner Text 52 Contact Form Privacy Notice 53 Careers Form Privacy Notice 54 Newsletter Consent Notice 55 Security Reporting Procedure 56 Privacy Rights Request Procedure 57 Data Deletion Request Form 58 Data Correction Request Form 59 Consent Withdrawal Request Form 60 Privacy Complaint Form 61 Security Vulnerability Report Form 62 Partnership Inquiry Privacy Notice 63 Media Inquiry Privacy Notice 64 General Legal Notices 65 Governing Law & Jurisdiction Notice 66 Severability, Waiver & Entire Agreement Notice 67 Force Majeure Notice 68 Trust Center Overview 69 Data Governance Overview 70 Customer Due Diligence Information Page

CHAPTER 1: INTRODUCTION & SCOPE

1.1 About Lavera Labs

1.1.1 Lavera Labs is a Data Intelligence, Analytics, Research, Business Intelligence, Artificial Intelligence, Software Development, SaaS, API, Dashboard, Data Visualization, and Technology Company.

1.1.2 Lavera Labs primarily provides:

1.2 Purpose of This Handbook

1.2.1 This Legal, Privacy, Security & Compliance Handbook (the "Handbook") sets forth the policies, practices, and legal frameworks that govern Lavera Labs' operations, services, and interactions with users, customers, partners, employees, and other stakeholders.

1.2.2 This Handbook is designed to:

1.3 Applicable Legal Framework

1.3.1 This Handbook is prepared with reference to the following Indian legal instruments:

1.4 Scope and Application

1.4.1 This Handbook applies to:

1.4.2 This Handbook does not constitute legal advice and is provided for informational and compliance purposes.

1.5 Updates and Revisions

1.5.1 Lavera Labs seeks to review and update this Handbook periodically to reflect changes in applicable laws, regulations, industry standards, and business practices.

1.5.2 Material changes will be communicated through appropriate channels, including website notices and direct communications where required.

1.5.3 The current version of this Handbook will always be available on the Lavera Labs website.

↑ Back to top

CHAPTER 2: DEFINITIONS

2.1 Defined Terms

In this Handbook, unless the context otherwise requires:

"API" means Application Programming Interface, including any software interface, protocol, or tool that enables interaction with Lavera Labs' services or data.

"Applicable Law" means all applicable Indian laws, statutes, regulations, rules, ordinances, and governmental requirements, including but not limited to the DPDP Act, IT Act, and Indian Contract Act.

"Biometric Data" means any personal data generated from specific technical processing relating to the physical, physiological, or behavioural characteristics of a natural person.

"Consent" means a clear, affirmative action signifying agreement to the processing of personal data for specified purposes, in compliance with Section 6 of the DPDP Act.

"Data Breach" means any unauthorized access, acquisition, disclosure, alteration, destruction, or loss of personal data, whether accidental or unlawful.

"Data Fiduciary" means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data, as defined under the DPDP Act.

"Data Principal" means the natural person to whom the personal data relates, as defined under the DPDP Act.

"Data Processor" means any person who processes personal data on behalf of a Data Fiduciary.

"DPDP Act" means the Digital Personal Data Protection Act, 2023 (Act No. 22 of 2023) and any rules, regulations, or guidelines issued thereunder.

"Enterprise Solutions" means the customized data intelligence, analytics, business intelligence, and technology solutions provided by Lavera Labs to enterprise customers.

"Grievance Officer" means the individual designated by Lavera Labs to receive and address grievances from Data Principals, as required under Section 13 of the DPDP Act.

"Handbook" means this Legal, Privacy, Security & Compliance Handbook, as amended from time to time.

"Intellectual Property" means all patents, copyrights, trademarks, trade secrets, design rights, database rights, and other proprietary rights, whether registered or unregistered.

"IT Act" means the Information Technology Act, 2000 (Act No. 21 of 2000) and any rules, regulations, or guidelines issued thereunder.

"Lavera Labs" means Lavera Labs, the Data Intelligence, Analytics, Research, Business Intelligence, Artificial Intelligence, Software Development, SaaS, API, Dashboard, Data Visualization, and Technology Company.

"Personal Data" means any data about a Data Principal who is identifiable by or in relation to such data, as defined under Section 2 of the DPDP Act.

"Processing" means any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.

"Report" means any research report, analytical report, intelligence report, dashboard, visualization, forecast, or other output produced by Lavera Labs.

"SaaS" means Software as a Service, including any cloud-based software applications and platforms provided by Lavera Labs.

"Services" means all products, services, APIs, platforms, reports, and solutions offered by Lavera Labs.

"Significant Data Fiduciary" means a Data Fiduciary notified as such by the Central Government under Section 10 of the DPDP Act.

"User" means any natural or legal person who accesses, uses, or interacts with Lavera Labs' websites, services, or products.

↑ Back to top

CHAPTER 3: PRIVACY POLICY

3.1 Introduction

3.1.1 Lavera Labs respects the privacy of individuals and is committed to protecting personal data in accordance with the Digital Personal Data Protection Act, 2023 and other applicable laws.

3.1.2 This Privacy Policy explains how Lavera Labs collects, uses, discloses, and protects personal data.

3.2 Collection of Personal Data

3.2.1 Lavera Labs implements reasonable measures to collect only such personal data as is necessary for the purposes specified in this Policy.

3.2.2 Lavera Labs may collect the following categories of personal data:

3.2.3 Lavera Labs may collect personal data:

3.3 Purposes of Processing

3.3.1 Lavera Labs processes personal data for the following lawful purposes:

3.4 Lawful Basis for Processing

3.4.1 Lavera Labs processes personal data only on the following lawful bases:

3.5 Notice and Transparency

3.5.1 Lavera Labs provides a notice to Data Principals at the time of collection of personal data, containing:

3.6 Disclosure and Sharing of Personal Data

3.6.1 Lavera Labs does not sell or rent personal data to third parties.

3.6.2 Lavera Labs may disclose personal data to:

3.6.3 Lavera Labs implements reasonable measures to ensure that third-party processors provide adequate protection for personal data.

3.7 International Data Transfers

3.7.1 Lavera Labs may transfer personal data outside India in accordance with Section 16 of the DPDP Act and Applicable Law.

3.7.2 Lavera Labs implements reasonable measures to ensure that any international data transfer is subject to appropriate safeguards.

3.8 Data Security

3.8.1 Lavera Labs implements reasonable security practices and procedures, as required under Section 8 of the DPDP Act and Section 43A of the IT Act, to protect personal data from unauthorized access, disclosure, alteration, and destruction.

3.8.2 Lavera Labs maintains practices designed to ensure the confidentiality, integrity, and availability of personal data.

3.9 Data Retention

3.9.1 Lavera Labs retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by Applicable Law.

3.9.2 Upon withdrawal of Consent or when processing is no longer necessary, Lavera Labs implements reasonable measures to delete or anonymize personal data, subject to legal retention requirements.

3.10 Data Principal Rights

3.10.1 Under the DPDP Act, Data Principals have the following rights:

3.10.2 Requests to exercise these rights may be submitted to privacy@laveralabs.com.

3.11 Grievance Redressal

3.11.1 Lavera Labs has designated a Grievance Officer to address concerns regarding personal data processing.

3.11.2 Grievances may be submitted to:

3.12 Changes to This Privacy Policy

3.12.1 Lavera Labs seeks to review and update this Privacy Policy periodically.

3.12.2 Material changes will be communicated through appropriate channels.

↑ Back to top

CHAPTER 4: COOKIE POLICY

4.1 Introduction

4.1.1 Lavera Labs uses cookies and similar tracking technologies on its websites and digital properties.

4.1.2 This Cookie Policy explains what cookies are, how Lavera Labs uses them, and how Users can manage their preferences.

4.2 What Are Cookies

4.2.1 Cookies are small text files placed on a User's device when visiting a website. They help websites remember User preferences, enhance functionality, and provide analytics.

4.3 Types of Cookies Used

4.3.1 Lavera Labs uses the following categories of cookies:

4.4 Cookie Management

4.4.1 Users may manage cookie preferences through:

4.4.2 Please note that blocking certain cookies may affect website functionality.

4.5 Third-Party Cookies

4.5.1 Lavera Labs may use third-party services that place cookies on User devices.

4.5.2 Lavera Labs implements reasonable measures to ensure third-party cookies comply with applicable privacy requirements.

4.6 Cookie Banner Text

4.6.1 The standard cookie banner displayed on Lavera Labs websites states:

"We use cookies to enhance your browsing experience, analyze site traffic, and personalize content. By clicking 'Accept All,' you consent to our use of cookies. You can manage your preferences by clicking 'Cookie Settings.' For more information, please see our Cookie Policy and Privacy Policy."
↑ Back to top

CHAPTER 5: SECURITY POLICY

5.1 Introduction

5.1.1 Lavera Labs is committed to maintaining the security and integrity of its systems, data, and services.

5.1.2 This Security Policy outlines the measures Lavera Labs implements to protect against unauthorized access, disclosure, alteration, and destruction of data.

5.2 Security Framework

5.2.1 Lavera Labs maintains a security program designed to:

5.3 Security Measures

5.3.1 Lavera Labs implements reasonable security measures, including but not limited to:

5.4 Security Standards

5.4.1 Lavera Labs maintains practices designed to align with industry-recognized security standards and frameworks.

5.4.2 Lavera Labs seeks to regularly review and enhance its security measures to address evolving threats.

5.5 Data Security

5.5.1 Lavera Labs implements reasonable measures to protect personal data as required under Section 8 of the DPDP Act.

5.5.2 Lavera Labs maintains practices designed to prevent unauthorized access to or disclosure of personal data.

5.6 Third-Party Security

5.6.1 Lavera Labs implements reasonable measures to ensure that third-party service providers maintain adequate security practices.

5.6.2 Lavera Labs seeks to assess the security posture of critical third-party vendors.

5.7 Reporting Security Concerns

5.7.1 Security concerns should be reported to security@laveralabs.com.

5.7.2 Lavera Labs aims to acknowledge and address reported security concerns promptly.

↑ Back to top

CHAPTER 6: RESPONSIBLE VULNERABILITY DISCLOSURE POLICY

6.1 Introduction

6.1.1 Lavera Labs welcomes responsible disclosure of security vulnerabilities by security researchers, customers, and the public.

6.1.2 This policy establishes a framework for reporting and addressing security vulnerabilities.

6.2 Scope

6.2.1 This policy applies to:

6.2.2 This policy does not apply to third-party services or infrastructure not controlled by Lavera Labs.

6.3 Reporting Procedure

6.3.1 To report a security vulnerability:

  1. Submit a report to security@laveralabs.com
  2. Provide a clear description of the vulnerability
  3. Include steps to reproduce the vulnerability
  4. Provide any supporting evidence (screenshots, logs, proof of concept)
  5. Indicate whether the vulnerability has been disclosed to any other party

6.4 Guidelines for Researchers

6.4.1 Lavera Labs encourages researchers to:

6.4.2 Lavera Labs does not authorize or condone:

6.5 Response and Remediation

6.5.1 Lavera Labs aims to:

6.6 Recognition

6.6.1 Lavera Labs may acknowledge responsible security researchers who report valid vulnerabilities, subject to applicable privacy considerations.

↑ Back to top

CHAPTER 7: DATA RETENTION POLICY

7.1 Introduction

7.1.1 This Data Retention Policy establishes the periods for which Lavera Labs retains personal data and other information.

7.1.2 Lavera Labs retains data only for as long as necessary to fulfill the purposes for which it was collected, or as required by Applicable Law.

7.2 Retention Principles

7.2.1 Lavera Labs implements reasonable measures to ensure that:

7.3 Retention Periods

7.3.1 The following retention periods generally apply:

Data CategoryRetention PeriodBasis
Account InformationDuration of account + reasonable periodContract and legal obligations
Transaction Records7 yearsTax and regulatory requirements
Usage Logs12 monthsSecurity and analytics
Communication Records3 yearsService and dispute resolution
Recruitment Data2 yearsRecruitment and legal compliance
Research DataAs per research purposesResearch and analytics
Financial Records8 yearsTax and regulatory requirements

7.4 Data Disposal

7.4.1 When data is no longer required, Lavera Labs implements reasonable measures to securely dispose of or anonymize the data.

7.4.2 Disposal methods may include secure deletion, anonymization, or aggregation.

7.5 Exceptions

7.5.1 Data may be retained for longer periods where:

↑ Back to top

CHAPTER 8: DATA DELETION POLICY & REQUEST PROCEDURE

8.1 Introduction

8.1.1 This Data Deletion Policy & Request Procedure explains the circumstances under which Lavera Labs deletes personal data, and the process by which Data Principals may request deletion.

8.1.2 Lavera Labs recognizes the right of Data Principals to request erasure of personal data under Section 12(3) of the DPDP Act.

8.2 Circumstances for Deletion

8.2.1 Lavera Labs deletes personal data in the following circumstances:

8.3 Data Deletion Request Process

8.3.1 Data Principals may request deletion of their personal data through any of the following methods:

8.3.2 Each request must include:

8.3.3 Lavera Labs implements reasonable measures to verify the identity of the Data Principal before processing a deletion request. Additional information may be requested to confirm identity.

8.4 Response and Timelines

8.4.1 Lavera Labs aims to:

8.4.2 Where a request is complex or requires additional time, Lavera Labs may extend the response period by providing reasonable justification and an estimated timeline.

8.5 Limitations on Deletion

8.5.1 Deletion requests may be refused where:

8.5.2 Where a deletion request is refused, Lavera Labs provides the Data Principal with:

8.6 Consequences of Deletion

8.6.1 Deletion of personal data may affect the availability or functionality of certain services.

8.6.2 Lavera Labs informs the Data Principal of any significant consequences of deletion before processing the request.

8.7 Record Keeping

8.7.1 Lavera Labs maintains logs of:

8.8 Data Deletion Request Form

8.8.1 The Data Deletion Request Form (see Chapter 57) is available for Data Principals to submit deletion requests in a structured format.

↑ Back to top

CHAPTER 9: DATA CORRECTION POLICY

9.1 Introduction

9.1.1 This Data Correction Policy explains how Data Principals may request correction of inaccurate or incomplete personal data.

9.1.2 Lavera Labs recognizes the right of Data Principals to correction under Section 12 of the DPDP Act.

9.2 Correction Rights

9.2.1 Data Principals have the right to:

9.3 Correction Request Process

9.3.1 Data Principals may request correction by:

9.3.2 Correction requests should specify: the personal data to be corrected, the correct or updated information, and the basis for the correction.

9.3.3 Lavera Labs aims to respond to correction requests within 7 working days.

9.4 Verification

9.4.1 Lavera Labs implements reasonable measures to verify the identity of the Data Principal before processing correction requests.

9.4.2 Lavera Labs may request additional information to verify the accuracy of the requested correction.

9.5 Data Correction Request Form

9.5.1 The Data Correction Request Form (see Chapter 58) is available for Data Principals to submit correction requests.

↑ Back to top

CHAPTER 10: CONSENT WITHDRAWAL POLICY

10.1 Introduction

10.1.1 This Consent Withdrawal Policy explains how Data Principals may withdraw Consent for the processing of their personal data.

10.1.2 Lavera Labs recognizes the right of Data Principals to withdraw Consent at any time, with ease comparable to giving Consent.

10.2 Withdrawal of Consent

10.2.1 Data Principals may withdraw Consent for processing of personal data at any time.

10.2.2 Upon withdrawal of Consent, Lavera Labs ceases processing the personal data, unless another lawful basis for processing exists.

10.2.3 Withdrawal of Consent does not affect the lawfulness of processing based on Consent before its withdrawal.

10.3 Withdrawal Request Process

10.3.1 Data Principals may withdraw Consent by:

10.3.2 Lavera Labs aims to process withdrawal requests within 7 working days.

10.4 Consequences of Withdrawal

10.4.1 Withdrawal of Consent may affect the availability or functionality of certain services.

10.4.2 Lavera Labs informs Data Principals of the consequences of withdrawal, where appropriate.

10.5 Consent Withdrawal Request Form

10.5.1 The Consent Withdrawal Request Form (see Chapter 59) is available for Data Principals to submit withdrawal requests.

↑ Back to top

CHAPTER 11: GRIEVANCE REDRESSAL POLICY

11.1 Introduction

11.1.1 This Grievance Redressal Policy establishes the mechanism for addressing grievances relating to the processing of personal data.

11.1.2 Lavera Labs is committed to establishing an effective grievance redressal mechanism as required under Section 13 of the DPDP Act.

11.2 Grievance Officer

11.2.1 Lavera Labs has designated a Grievance Officer to receive and address grievances from Data Principals.

11.2.2 The Grievance Officer may be contacted at:

11.3 Grievance Submission

11.3.1 Grievances may be submitted by:

11.3.2 Grievance submissions should include: name and contact information of the Data Principal, clear description of the grievance, relevant details and supporting documents, and preferred resolution.

11.4 Grievance Handling Process

11.4.1 Lavera Labs' grievance handling process involves:

  1. Acknowledgment
  2. Investigation
  3. Resolution
  4. Communication
  5. Documentation

11.5 Escalation

11.5.1 If a Data Principal is dissatisfied with the response, they may request an internal review, escalate to the Data Protection Board of India, or pursue other remedies.

11.6 Record Keeping

11.6.1 Lavera Labs maintains logs of grievances received, dates of acknowledgment and resolution, communications, and grounds for approval or refusal.

↑ Back to top

CHAPTER 12: CUSTOMER DATA PROCESSING POLICY

12.1 Introduction

12.1.1 This Customer Data Processing Policy governs how Lavera Labs processes personal data on behalf of its customers (as a Data Processor) and as a Data Fiduciary.

12.1.2 This Policy applies where Lavera Labs processes personal data in the course of providing Services to customers.

12.2 Roles and Responsibilities

12.2.1 When Lavera Labs determines the purpose and means of processing personal data, Lavera Labs acts as a Data Fiduciary.

12.2.2 When Lavera Labs processes personal data on behalf of a customer, Lavera Labs acts as a Data Processor.

12.2.3 Lavera Labs implements reasonable measures to: process personal data only on documented instructions, ensure confidentiality, assist customers in responding to Data Principal requests, and implement appropriate security measures.

12.3 Customer Data

12.3.1 Customer data may include: personal data of the customer's employees, clients, or end-users; business data and intelligence; analytics and research data; and any other data provided to Lavera Labs by the customer.

12.4 Processing Instructions

12.4.1 Lavera Labs processes customer data in accordance with written instructions from the customer, the terms of the applicable service agreement, and Applicable Law.

12.4.2 Lavera Labs does not use customer data for purposes other than those specified in the service agreement, unless required by Applicable Law.

12.5 Sub-Processing

12.5.1 Lavera Labs may engage sub-processors to process customer data.

12.5.2 Lavera Labs implements reasonable measures to ensure that sub-processors provide adequate data protection guarantees, process data only on documented instructions, and comply with applicable data protection requirements.

12.5.3 Customers may request a list of sub-processors by contacting privacy@laveralabs.com.

12.6 Security of Customer Data

12.6.1 Lavera Labs implements reasonable security measures to protect customer data from unauthorized access, disclosure, alteration, and destruction.

12.6.2 Lavera Labs maintains practices designed to ensure the confidentiality, integrity, and availability of customer data.

12.7 Data Breach Notification

12.7.1 In the event of a Data Breach affecting customer data, Lavera Labs aims to notify affected customers without undue delay.

12.7.2 Lavera Labs provides reasonable assistance to customers in complying with their data breach notification obligations.

12.8 Data Return and Deletion

12.8.1 Upon termination of services, Lavera Labs implements reasonable measures to return or delete customer data in accordance with the service agreement and Applicable Law.

↑ Back to top

CHAPTER 13: DATA BREACH RESPONSE POLICY

13.1 Introduction

13.1.1 This Data Breach Response Policy establishes the procedures for responding to Data Breaches involving personal data.

13.1.2 Lavera Labs maintains practices designed to detect, respond to, and mitigate Data Breaches.

13.2 Data Breach Definition

13.2.1 A Data Breach means any unauthorized access, acquisition, disclosure, alteration, destruction, or loss of personal data, whether accidental or unlawful.

13.3 Breach Detection and Assessment

13.3.1 Lavera Labs implements reasonable measures to detect Data Breaches through security monitoring, intrusion detection, employee reporting, and third-party notifications.

13.3.2 Upon detection, Lavera Labs assesses: the nature and scope, categories of data involved, number of Data Principals affected, and potential impact.

13.4 Response Procedures

13.4.1 Response includes: containment, investigation, assessment, notification, remediation, and documentation.

13.5 Notification

13.5.1 Lavera Labs aims to notify affected Data Principals and the Data Protection Board of India as required under Applicable Law.

13.6 Record Keeping

13.6.1 Lavera Labs maintains records of all Data Breaches, including facts, effects, and remedial actions.

↑ Back to top

CHAPTER 14: USER RIGHTS POLICY

14.1 Introduction

14.1.1 This User Rights Policy summarizes the rights available to Data Principals under the DPDP Act and the processes for exercising those rights.

14.1.2 Lavera Labs respects and facilitates the exercise of Data Principal rights.

14.2 Summary of Rights

14.3 Exercising Rights

Data Principals may exercise rights by submitting a request to privacy@laveralabs.com, using the applicable request form, or contacting the Grievance Officer.

14.4 Verification

Lavera Labs verifies identity before processing requests.

14.5 Response Timeline

Lavera Labs aims to respond within 7 working days.

14.6 Fees

No fees are charged except for manifestly unfounded, excessive, or repetitive requests.

14.7 Right to Lodge Complaints

Data Principals may lodge complaints with the Lavera Labs Grievance Officer or the Data Protection Board of India.

↑ Back to top

CHAPTER 15: TERMS OF SERVICE

15.1 Introduction – These Terms of Service govern the use of Lavera Labs' Services.

15.2 Acceptance of Terms – By using the Services, Users agree to be bound.

15.3 Services Description – Lavera Labs provides research, analytics, dashboards, intelligence reports, software, APIs, AI insights, enterprise solutions, BI tools, and forecasts.

15.4 User Accounts – Users must maintain confidentiality of credentials.

15.5 Acceptable Use – Must comply with the Acceptable Use Policy.

15.6 Intellectual Property – All IP owned by or licensed to Lavera Labs.

15.7 User Content – Users retain ownership but grant a license to Lavera Labs.

15.8 Privacy – Data processed per Privacy Policy.

15.9 Payment Terms – Fees as specified.

15.10 Service Availability – No guarantee of uninterrupted service.

15.11 Disclaimer of Warranties – Services provided "as is".

15.12 Limitation of Liability – Liability limited to the amount paid, subject to Indian law.

15.13 Indemnification – Users indemnify Lavera Labs.

15.14 Termination – Lavera Labs may terminate for violations.

15.15 Governing Law – Laws of India.

15.16 Amendments – Terms may be updated.

15.17 Severability – Invalid provisions do not affect the rest.

↑ Back to top

CHAPTER 16: ACCEPTABLE USE POLICY

16.1 Introduction – Sets forth rules for using Services.

16.2 Prohibited Activities – Illegal, harmful, unauthorised access, interference, malware, misrepresentation, data mining, spam, harassment, IP infringement.

16.3 System Integrity – No reverse engineering, probing, scraping, or interfering.

16.4 Content Standards – No defamatory, obscene, discriminatory, or infringing content.

16.5 Enforcement – Lavera Labs may monitor, suspend, or remove content.

16.6 Reporting Violations – Report to support@laveralabs.com.

↑ Back to top

CHAPTER 17: API TERMS OF USE

17.1 Introduction – Governs use of Lavera Labs APIs.

17.2 API Access – Subject to these terms, the Terms of Service, and the Fair Usage Policy.

17.3 API License – Limited, non-exclusive, revocable license.

17.4 API Usage – Must follow documentation, rate limits, and security measures.

17.5 API Key Security – Users are responsible for API keys.

17.6 API Availability – No guarantee of uninterrupted service.

17.7 API Versioning – New versions may be released.

17.8 API Data – Data accessed through APIs subject to privacy and IP protections.

↑ Back to top

CHAPTER 18: API FAIR USAGE & RATE LIMITING POLICY

18.1 Introduction – Establishes usage limits.

18.2 Rate Limits – Based on requests per time, data volume, concurrent connections, etc.

18.3 Fair Usage – Ensures equitable allocation.

18.4 Exceeding Limits – May result in error responses, throttling, or suspension.

18.5 Adjustments – Limits may be adjusted.

18.6 Monitoring – Lavera Labs monitors usage.

↑ Back to top

CHAPTER 19: SAAS TERMS OF SERVICE

19.1 Introduction – Governs SaaS offerings.

19.2 SaaS Services – Dashboards, analytics, research, APIs, etc.

19.3 Subscription – Monthly or annual, self-service or enterprise.

19.4 Customer Responsibilities – Ensure authorised use, maintain security, comply with laws.

19.5 Service Levels – As per SLA or commercially reasonable availability.

19.6 Data Hosting – Locations disclosed in agreement.

19.7 Support – Technical support as specified.

19.8 Customization – Subject to separate agreement.

19.9 Termination – As per agreement.

19.10 Fees and Payment – As specified.

↑ Back to top

CHAPTER 20: THIRD-PARTY SERVICES POLICY

20.1 Introduction – Governs use of third-party services.

20.2 Third-Party Services – Cloud, payment, communication, analytics, security, CRM, etc.

20.3 Provider Selection – Select providers with adequate security and privacy.

20.4 Provider Monitoring – Monitor performance and compliance.

20.5 Data Processing by Third Parties – Ensure DPAs and security.

20.6 Provider Changes – May change with notice.

20.7 User Responsibility – Users review third-party policies.

↑ Back to top

CHAPTER 21: AI & RESPONSIBLE USE POLICY

21.1 Introduction – Governs AI development and deployment.

21.2 AI Principles – Fairness, transparency, accountability, privacy, security, reliability, human oversight.

21.3 AI Use Cases – Data intelligence, predictive modeling, NLP, anomaly detection, etc.

21.4 AI Outputs – Informational only, not professional advice, subject to limitations, reviewed where appropriate.

21.5 AI Training Data – Lawful, representative, privacy-compliant.

21.6 Bias and Fairness – Mitigate through diverse data, testing, monitoring.

21.7 Human Oversight – Maintained where appropriate.

21.8 AI Transparency – Disclosure of AI use where material.

↑ Back to top

CHAPTER 22: RESEARCH METHODOLOGY & ATTRIBUTION POLICY

22.1 Introduction – Standards for research.

22.2 Research Standards – Academic, ethical, legal, internal quality.

22.3 Research Methodology – Quantitative, qualitative, analytics, predictive, surveys, secondary.

22.4 Data Sources – Public, licensed, proprietary, customer, survey.

22.5 Attribution – Provide attribution for sources, partners, researchers.

22.6 Research Integrity – Accurate, transparent, no manipulation, proper citation.

22.7 Peer Review – Internal or external.

↑ Back to top

CHAPTER 23: DATA SOURCES & ATTRIBUTION STATEMENT

23.1 Introduction – Describes data sources.

23.2 Primary Data Sources – Public, licensed, proprietary, customer, survey.

23.3 Data Attribution – Provided in reports, dashboards.

23.4 Data Limitations – Incomplete, outdated, sampling bias, etc.

23.5 Updates – Reviewed periodically.

↑ Back to top

CHAPTER 24: RESEARCH ETHICS POLICY

24.1 Introduction – Ethical principles for research.

24.2 Ethical Principles – Respect, beneficence, justice, integrity, accountability.

24.3 Informed Consent – Obtained where human participants.

24.4 Confidentiality – Protections for participants.

24.5 Conflicts of Interest – Identified and managed.

24.6 Research Misconduct – No fabrication, falsification, plagiarism.

↑ Back to top

CHAPTER 25: RESEARCH DISCLAIMER

25.1 Introduction – Applies to all research outputs.

25.2 General Disclaimer – Provided for general informational purposes; no guarantee of completeness, reliability, accuracy; reliance at user's own risk.

25.3 No Professional Advice – Not legal, financial, investment, etc.

25.4 Limitations – Based on data and methodologies with limitations.

25.5 No Liability – Not responsible for losses except where liability cannot be excluded.

↑ Back to top

CHAPTER 26: ANALYTICS DISCLAIMER

26.1 Introduction – Applies to analytics services.

26.2 Purpose – Informational and decision-support.

26.3 Accuracy – Reasonable measures but no guarantee.

26.4 Data Limitations – Quality, methodologies, assumptions.

26.5 No Warranty – Provided "as is".

↑ Back to top

CHAPTER 27: FORECASTING & STATISTICAL LIMITATIONS STATEMENT

27.1 Introduction – Applies to forecasts and statistical analyses.

27.2 Nature of Forecasts – Inherently uncertain, based on assumptions.

27.3 Statistical Limitations – Sampling, model assumptions, data quality, unforeseen variables.

27.4 Use of Forecasts – One input among many.

27.5 Updates – May be updated.

↑ Back to top

CHAPTER 28: AI MODEL TRANSPARENCY STATEMENT

28.1 Introduction – Approach to transparency.

28.2 Model Transparency – Purpose, data, limitations, oversight.

28.3 Model Documentation – Architecture, training data, performance, limitations.

28.4 Model Updates – Reviewed and updated periodically.

↑ Back to top

CHAPTER 29: TRANSPARENCY & CONTENT CORRECTION POLICY

29.1 Introduction – Commitment to transparency and correction.

29.2 Transparency Commitment – Clear disclosure, openness.

29.3 Content Correction – Acknowledge, correct, communicate.

29.4 Reporting Errors – Report to info@laveralabs.com.

29.5 Correction Process – Review and implement.

↑ Back to top

CHAPTER 30: INTELLECTUAL PROPERTY POLICY

30.1 Introduction – Position on IP rights.

30.2 Lavera Labs' Intellectual Property – Software, reports, dashboards, APIs, content, brands, trade secrets owned/licensed.

30.3 User Intellectual Property – Users retain ownership, grant license.

30.4 Protection of Intellectual Property – Measures to protect; users must not copy, reverse engineer, remove notices, or use trademarks without permission.

30.5 Third-Party Intellectual Property – Respect third-party rights.

↑ Back to top

CHAPTER 31: COPYRIGHT POLICY

31.1 Introduction – Compliance with Copyright Act.

31.2 Copyright Ownership – Lavera Labs owns original works.

31.3 Copyright Notices – Included where appropriate.

31.4 User Content – Users retain copyright.

31.5 Copyright Infringement Claims – Claims to legal@laveralabs.com with required details.

31.6 Takedown – May remove infringing material.

↑ Back to top

CHAPTER 32: TRADEMARK POLICY

32.1 Introduction – Compliance with Trade Marks Act.

32.2 Lavera Labs Trademarks – "Lavera Labs" and related marks.

32.3 Proper Use – As adjectives, with symbols, not implying endorsement.

32.4 Prohibited Use – No misleading, modifying, disparaging, or domain name registration.

32.5 Third-Party Trademarks – Respect third-party rights.

32.6 Trademark Infringement Claims – Claims to legal@laveralabs.com.

↑ Back to top

CHAPTER 33: INTELLECTUAL PROPERTY COMPLAINT PROCEDURE

33.1 Introduction – Process for IP infringement complaints.

33.2 Submission of Complaints – To legal@laveralabs.com with identification of IP and infringing material, contact, good faith statement.

33.3 Review Process – Timely review, may request more info.

33.4 Action – Remove/disable, terminate repeat infringers.

33.5 Counter-Notice – Affected party may submit.

↑ Back to top

CHAPTER 34: CONFIDENTIALITY POLICY

34.1 Introduction – Commitment to protecting confidential information.

34.2 Confidential Information – Trade secrets, business plans, customer data, R&D, financial, technical, etc.

34.3 Protection – Reasonable measures, need-to-know basis.

34.4 Employee Obligations – Maintain confidentiality, use only for authorised purposes, return/destroy upon request.

34.5 Third-Party Confidential Information – Respect and protect.

34.6 Exceptions – Publicly available, known prior, independently developed, required by law.

↑ Back to top

CHAPTER 35: ENTERPRISE SECURITY OVERVIEW

35.1 Introduction – Security measures for enterprise customers.

35.2 Security Governance – Policies, roles, risk management, compliance.

35.3 Technical Security Controls – Network, access, encryption, application, monitoring, incident response.

35.4 Physical Security – For critical infrastructure.

35.5 Personnel Security – Background checks, training, confidentiality agreements, access revocation.

35.6 Third-Party Security – Assess and require appropriate security.

35.7 Security Certifications – Seek industry certifications, disclosed upon request.

↑ Back to top

CHAPTER 36: WEBSITE DISCLAIMER

36.1 Introduction – Applies to all websites.

36.2 General Disclaimer – Provided for general informational purposes; no guarantee of completeness, reliability, accuracy; reliance at user's own risk; not responsible for losses except where liability cannot be excluded.

36.3 No Professional Advice – Not legal, financial, investment, etc.

36.4 Website Availability – Not responsible for temporary unavailability.

36.5 External Links – Not responsible for third-party content.

36.6 Limitation of Liability – Limited to extent permitted by law.

↑ Back to top

CHAPTER 37: WEBSITE AVAILABILITY & MAINTENANCE NOTICE

37.1 Introduction – Approach to availability.

37.2 Availability – Seek high availability but no guarantee.

37.3 Maintenance – Planned maintenance with notices where possible.

37.4 Technical Issues – Not responsible for issues beyond control.

37.5 Reporting Issuessupport@laveralabs.com.

↑ Back to top

CHAPTER 38: BROWSER & DEVICE SUPPORT NOTICE

38.1 Introduction – Supported browsers and devices.

38.2 Supported Browsers – Modern Chrome, Firefox, Safari, Edge.

38.3 Supported Devices – Desktops, laptops, tablets, smartphones.

38.4 Limitations – Some features may not be available.

38.5 Reporting Issuessupport@laveralabs.com.

↑ Back to top

CHAPTER 39: USER-GENERATED CONTENT NOTICE

39.1 Introduction – Applies to content submitted by users.

39.2 User-Generated Content – Comments, feedback, surveys, forum posts.

39.3 Content Standards – Accurate, lawful, non-infringing, not harmful.

39.4 Rights in User Content – Users retain ownership, grant license to Lavera Labs.

39.5 Moderation – Lavera Labs may moderate and remove content.

↑ Back to top

CHAPTER 40: ACCESSIBILITY STATEMENT

40.1 Introduction – Commitment to accessibility.

40.2 Accessibility Standards – WCAG and applicable laws.

40.3 Accessibility Features – Keyboard navigation, screen reader, alt text, contrast, resizable text.

40.4 Feedbacksupport@laveralabs.com.

40.5 Continuous Improvement – Seek to improve.

↑ Back to top

CHAPTER 41: RECRUITMENT PRIVACY NOTICE

41.1 Introduction – Explains processing of job applicant data.

41.2 Data Collected – Contact, employment history, education, qualifications, references, CV, interview notes, background check.

41.3 Purposes – Evaluating applications, conducting interviews, background checks, communication, compliance, analytics.

41.4 Retention – 2 years or as required by law.

41.5 Applicant Rights – Access, correction, erasure – to recruitment@laveralabs.com.

41.6 Careers Form Privacy Notice – See Chapter 53.

↑ Back to top

CHAPTER 42: EMPLOYMENT POLICY

42.1 Introduction – Framework for employment.

42.2 Employment Standards – Comply with laws, merit-based.

42.3 Employee Rights – Fair treatment, safe workplace, privacy, grievance.

42.4 Employee Obligations – Diligence, compliance, confidentiality, protect assets.

42.5 Code of Conduct – Integrity, respect, compliance, confidentiality, conflict of interest.

42.6 Data Protection – Comply with Privacy Policy, protect data.

↑ Back to top

CHAPTER 43: INTERNSHIP POLICY

43.1 Introduction – Framework for internships.

43.2 Internship Program – Learning and development.

43.3 Intern Responsibilities – Perform tasks, comply with policies, maintain confidentiality.

43.4 Supervision and Mentorship – Assigned supervisor.

43.5 Data Protection – Comply with Privacy Policy.

↑ Back to top

CHAPTER 44: EQUAL OPPORTUNITY STATEMENT

44.1 Introduction – Commitment to equal opportunity.

44.2 Commitment – No discrimination on race, religion, gender, age, disability, etc.

44.3 Fair Treatment – Recruitment, compensation, training, promotion, working conditions.

44.4 Inclusive Environment – Foster inclusivity.

↑ Back to top

CHAPTER 45: COMMUNICATION POLICY

45.1 Introduction – Governs communications.

45.2 Communication Channels – Email, website, social media, direct, newsletters.

45.3 Communication Standards – Clear, prompt, professional, privacy-conscious.

45.4 Email Communications – Official emails provided.

45.5 Newsletter Consent – Requires consent, opt-out available.

↑ Back to top

CHAPTER 46: CONTACT POLICY

46.1 Introduction – Process for contacting Lavera Labs.

46.2 Contact Methods – Email, contact forms, phone.

46.3 Response Times – General: 2 working days; privacy: 7; security: 5.

46.4 Appropriate Contacts – Table mapping inquiry type to email.

↑ Back to top

CHAPTER 47: ANTI-SPAM POLICY

47.1 Introduction – Commitment to preventing spam.

47.2 Prohibited Activities – Unsolicited commercial communications, bulk messaging, phishing, harvesting.

47.3 Lavera Labs' Communications – Only with consent, business relationship, or legal basis.

47.4 Opt-Out – Marketing communications opt-out.

47.5 Reporting Spamsupport@laveralabs.com.

↑ Back to top

CHAPTER 48: COMPLAINT HANDLING POLICY

48.1 Introduction – Process for handling complaints.

48.2 Complaint Submission – Email, forms, other channels.

48.3 Complaint Handling Process – Acknowledgment, assessment, investigation, resolution, response, documentation.

48.4 Response Times – Acknowledge within 2 working days, substantive response within 7.

48.5 Escalation – Internal review, regulatory authorities, other remedies.

↑ Back to top

CHAPTER 49: CHILDREN'S PRIVACY POLICY

49.1 Introduction – Protecting children's privacy.

49.2 Age Limitations – Services not directed at children under 18.

49.3 Parental Consent – Seek verifiable parental consent where required.

49.4 Data Processing – With safeguards and enhanced protections.

49.5 Reporting – Report to privacy@laveralabs.com if collected without consent.

↑ Back to top

CHAPTER 50: WEBSITE FOOTER LEGAL NOTICES

50.1 Introduction – Specifies footer content.

50.2 Footer Content – Copyright notice, links to Privacy, Terms, Cookie policies, contact, disclaimer, governing law.

↑ Back to top

CHAPTER 51: COOKIE BANNER TEXT

51.1 Introduction – Standard cookie banner text.

51.2 Cookie Banner Text – As provided in Chapter 4.6.

51.3 Cookie Banner Options – Accept All, Settings, Reject Non-Essential, link to Cookie Policy.

↑ Back to top

CHAPTER 52: CONTACT FORM PRIVACY NOTICE

52.1 Introduction – Explains processing of contact form data.

52.2 Data Collected – Name, email, phone (optional), company, subject, message.

52.3 Purpose – Responding to inquiries.

52.4 Retention – 3 years.

52.5 Notice Text – "By submitting this form, you agree to the processing of your personal data in accordance with our Privacy Policy..."

↑ Back to top

CHAPTER 53: CAREERS FORM PRIVACY NOTICE

53.1 Introduction – Explains processing of careers form data.

53.2 Data Collected – Name, email, phone, CV, cover letter, portfolio, employment history, education.

53.3 Purpose – Evaluating applications, recruitment.

53.4 Retention – 2 years.

53.5 Notice Text – "By submitting this application, you agree to the processing of your personal data for recruitment purposes..."

↑ Back to top

CHAPTER 54: NEWSLETTER CONSENT NOTICE

54.1 Introduction – Consent process for newsletters.

54.2 Consent Text – "I consent to receiving newsletters and marketing communications..."

54.3 Confirmation – Double opt-in.

54.4 Unsubscribe – Unsubscribe link in every email.

↑ Back to top

CHAPTER 55: SECURITY REPORTING PROCEDURE

55.1 Introduction – Process for reporting security concerns.

55.2 Reportingsecurity@laveralabs.com with description, steps, evidence.

55.3 Response – Acknowledge within 5 working days, investigate, communicate.

55.4 Confidentiality – Maintain confidentiality.

55.5 Security Vulnerability Report Form – See Chapter 61.

↑ Back to top

CHAPTER 56: PRIVACY RIGHTS REQUEST PROCEDURE

56.1 Introduction – Process for exercising Data Principal rights.

56.2 Submitting Requests – To privacy@laveralabs.com specifying the right, data subject, details.

56.3 Verification – Identity verification.

56.4 Response – Within 7 working days, with legal basis for denials.

↑ Back to top

CHAPTER 57: DATA DELETION REQUEST FORM

57.1 Introduction – Form for deletion requests.

57.2 Form Content – Full name, email, phone (opt), date of birth (opt), description of data to be deleted, reason, supporting documents, consent to verification, signature.

57.3 Submission Instructions – Email to privacy@laveralabs.com or via account interface.

57.4 Processing – Aims to process within 7 working days of verification.

↑ Back to top

CHAPTER 58: DATA CORRECTION REQUEST FORM

58.1 Introduction – Form for correction requests.

58.2 Form Content – Full name, email, phone (opt), description of data to be corrected, correct information, supporting documents, signature.

58.3 Submission Instructions – Email to privacy@laveralabs.com.

↑ Back to top

CHAPTER 59: CONSENT WITHDRAWAL REQUEST FORM

59.1 Introduction – Form for withdrawing consent.

59.2 Form Content – Full name, email, phone (opt), description of consent to withdraw, effective date, signature.

59.3 Submission Instructions – Email to privacy@laveralabs.com.

↑ Back to top

CHAPTER 60: PRIVACY COMPLAINT FORM

60.1 Introduction – Form for privacy-related grievances.

60.2 Form Content – Full name, email, phone (opt), description of complaint, relevant details, supporting documents, desired resolution, signature.

60.3 Submission Instructions – Email to privacy@laveralabs.com.

↑ Back to top

CHAPTER 61: SECURITY VULNERABILITY REPORT FORM

61.1 Introduction – Form for reporting vulnerabilities.

61.2 Form Content – Reporter name (opt), email, description, steps to reproduce, impact, evidence, acknowledgment preference.

61.3 Submission Instructions – Email to security@laveralabs.com.

↑ Back to top

CHAPTER 62: PARTNERSHIP INQUIRY PRIVACY NOTICE

62.1 Introduction – Explains processing of partnership inquiry data.

62.2 Data Collected – Name, email, company, phone, partnership details.

62.3 Purpose – Evaluating partnership opportunities.

62.4 Retention – 3 years.

↑ Back to top

CHAPTER 63: MEDIA INQUIRY PRIVACY NOTICE

63.1 Introduction – Explains processing of media inquiry data.

63.2 Data Collected – Name, email, organization, phone, inquiry details, deadline.

63.3 Purpose – Responding to media inquiries.

63.4 Retention – 3 years.

↑ Back to top

CHAPTER 64: GENERAL LEGAL NOTICES

64.1 Introduction – General notices.

64.2 General Notice – Information provided "as is".

64.3 No Waiver – Failure to enforce does not waive.

64.4 Entire Agreement – Policies constitute entire agreement.

↑ Back to top

CHAPTER 65: GOVERNING LAW & JURISDICTION NOTICE

65.1 Introduction – Specifies governing law and jurisdiction.

65.2 Governing Law – Laws of India, including DPDP Act, IT Act, Indian Contract Act.

65.3 Jurisdiction – Exclusive jurisdiction of courts in India.

↑ Back to top

CHAPTER 66: SEVERABILITY, WAIVER & ENTIRE AGREEMENT NOTICE

66.1 Severability – Invalid provisions do not affect the rest.

66.2 Waiver – Failure to enforce does not waive.

66.3 Entire Agreement – Policies constitute the entire agreement.

↑ Back to top

CHAPTER 67: FORCE MAJEURE NOTICE

67.1 Introduction – Position on force majeure.

67.2 Force Majeure Events – Natural disasters, acts of God, war, pandemics, government actions, telecom failures, cyber attacks.

67.3 Effect – Not liable for delays or failures caused by force majeure; seeks to mitigate.

↑ Back to top

CHAPTER 68: TRUST CENTER OVERVIEW

68.1 Introduction – Summary of trust and compliance commitments.

68.2 Trust Commitments – Privacy, security, transparency, compliance, quality.

68.3 Key Policies – Privacy, Security, Data Breach, Grievance Redressal.

68.4 Contactprivacy@laveralabs.com.

↑ Back to top

CHAPTER 69: DATA GOVERNANCE OVERVIEW

69.1 Introduction – Describes data governance framework.

69.2 Governance Principles – Accountability, transparency, integrity, security, compliance.

69.3 Governance Framework – Policies, quality, security, lifecycle, compliance monitoring.

69.4 Data Inventory – Categories, sources, flows, processing activities.

↑ Back to top

CHAPTER 70: CUSTOMER DUE DILIGENCE INFORMATION PAGE

70.1 Introduction – Information for customer due diligence.

70.2 Information Available – This Handbook, Privacy, Security, Terms, Data Processing Agreements (upon request), security documentation.

70.3 Due Diligence Requests – To legal@laveralabs.com; prompt response.

70.4 Confidentiality – Information provided under confidentiality.

↑ Back to top