Privacy Policy

1. Introduction

Welcome to Lamdesk, a product of Lam Technologies Private Limited ("Company," "we," "our," or "us"), a company incorporated under the laws of India. We are committed to protecting your privacy and ensuring the security of your personal information in compliance with applicable data protection laws worldwide.

This Privacy Policy explains how we collect, use, disclose, store, and safeguard your information when you access or use the Lamdesk platform, website (lamdesk.com), mobile applications, APIs, widgets, and all related services (collectively, the "Services").

This Privacy Policy applies to all users of the Services globally, including customers, end-users, contacts managed within customer accounts, website visitors, and any individuals whose data is processed through the Services.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you are using the Services on behalf of an organization, you represent that you are authorized to accept this policy on its behalf.

2. Definitions

For the purposes of this Privacy Policy:

• "Personal Data" means any information that relates to an identified or identifiable natural person, including name, email address, phone number, IP address, device identifiers, and any other data defined as personal data/personal information under applicable law.
• "Processing" means any operation performed on Personal Data, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
• "Data Controller" means the entity that determines the purposes and means of processing Personal Data.
• "Data Processor" means the entity that processes Personal Data on behalf of the Data Controller.
• "Customer" means a business or individual that subscribes to or uses the Lamdesk platform.
• "End User" means a Customer's employee or authorized representative who accesses the Services under the Customer's account.
• "Contact" means a third party whose data is uploaded, managed, or processed within a Customer's Lamdesk account.
• "Service Data" means all data (including Personal Data) that Customers or End Users submit, upload, or generate through the Services.
• "Sensitive Personal Data" means special categories of data as defined under applicable law (e.g., racial or ethnic origin, health data, biometric data, financial data, etc.).

3. Data Controller & Processor Roles

Lam Technologies Private Limited acts as the Data Controller for Personal Data we collect directly from you (e.g., account registration, website visits, support interactions).

When our Customers use the Services to process their end-users' or Contacts' data, the Customer is typically the Data Controller and Lam Technologies Private Limited acts as a Data Processor. In such cases, the Customer's privacy policy governs how Contact data is collected and used, and we process such data only in accordance with the Customer's instructions and our Data Processing Agreement (DPA).

4. Information We Collect

4.1 Information You Provide Directly

We collect information that you voluntarily provide when you:

• Register for an account: Full name, email address, phone number, company name, job title, industry, company size, and account credentials (password is stored in hashed form only).
• Set up your workspace: Team member invitations, organizational preferences, business hours, routing rules, and workflow configurations.
• Use communication features: Messages, emails, call recordings, voicemails, chat transcripts, and any content you send or receive through the Services.
• Connect third-party accounts: Authentication tokens and profile information from Facebook, Instagram, WhatsApp, Google/Gmail, Telegram, LinkedIn, and other connected platforms.
• Import or create data: Contacts, leads, customer records, notes, tags, custom field data, and any business data you enter into the platform.
• Subscribe or make payments: Billing name, billing address, and payment method details (processed securely through PCI DSS-compliant third-party payment processors — we do not store full card numbers).
• Contact support: Information in support tickets, feedback forms, live chat messages, and email communications.
• Participate in surveys or promotions: Feedback, preferences, opinions, and contest/sweepstakes entries.

4.2 Information Collected Automatically

When you access our Services, we automatically collect:

• Device & browser information: IP address, browser type and version, operating system, device type, device identifiers (e.g., advertising ID), screen resolution, and language settings.
• Usage data: Pages and features accessed, time spent on pages, click patterns, navigation paths, search queries within the platform, feature usage frequency, and error reports.
• Log data: Access timestamps, referring URLs, HTTP request details, API call logs, and server-side event logs.
• Location data: Approximate geographic location derived from IP address. We do not collect precise GPS location without explicit consent.
• Cookies and similar technologies: Session identifiers, authentication tokens, preference settings, and analytics data. See Section 12 and our Cookie Policy for details.

4.3 Information from Third-Party Sources

We may receive information from external sources, including:

• Connected platform APIs: When you connect WhatsApp Business, Facebook Pages, Instagram, Gmail, Telegram, or other platforms, we receive profile information, messaging data, page/account details, and other data as authorized through the platform's API permissions.
• OAuth and social sign-in providers: If you use Google, Facebook, or other OAuth providers to sign in, we receive your name, email address, and profile picture.
• Data enrichment services: Business contact details and firmographic data from reputable third-party data providers (where lawfully obtained and with valid legal basis).
• Publicly available sources: Information from public websites, social media profiles, and government registries to enrich business contacts.
• Integration partners: Data synced from CRM, ERP, e-commerce, or other business tools you choose to integrate with Lamdesk.

4.4 Sensitive Data

We do not intentionally collect Sensitive Personal Data (such as racial or ethnic origin, political opinions, religious beliefs, health data, genetic or biometric data, sexual orientation, or criminal records) unless you voluntarily provide such data through the Services (e.g., in customer notes or custom fields). If you store Sensitive Personal Data in Lamdesk, you are responsible for ensuring you have a valid legal basis to do so and for informing your data subjects accordingly.

5. Legal Basis for Processing

We process your Personal Data only when we have a valid legal basis. The legal bases we rely on include:

6. How We Use Your Information

6.1 Service Delivery & Operations

• Providing, operating, maintaining, and improving the Lamdesk platform and all its features
• Processing and managing customer accounts, subscriptions, and billing
• Enabling omnichannel communication across WhatsApp, Instagram, Facebook, Gmail, Telegram, Live Chat, and Voice
• Facilitating contact management, lead tracking, campaign execution, and workflow automation
• Powering AI-driven features including AI agents, smart replies, content generation, sentiment analysis, and automated routing
• Providing customer support and responding to inquiries

6.2 Communication

• Sending transactional emails (account confirmations, password resets, billing receipts)
• Delivering service-related announcements, security alerts, and maintenance notices
• Sending marketing and promotional communications (only with your consent; you may opt out at any time)
• Conducting surveys and collecting feedback to improve the Services

6.3 Analytics, Research & Improvement

• Analyzing usage patterns, feature adoption, and platform performance
• Conducting A/B testing and product research
• Generating aggregated, de-identified analytics and benchmarks
• Training and improving AI/ML models using anonymized and aggregated data (never using identifiable customer data without consent)

6.4 Security, Fraud Prevention & Compliance

• Detecting, preventing, and addressing security threats, fraud, abuse, and unauthorized access
• Monitoring platform integrity and enforcing our Terms of Service and Acceptable Use Policy
• Complying with applicable laws, legal processes, and regulatory requirements
• Maintaining audit logs for security and compliance purposes

7. Information Sharing & Disclosure

We do not sell, rent, or trade your Personal Data to third parties for their own marketing purposes.

We may share your information in the following limited circumstances:

7.1 Service Providers & Sub-Processors

We engage trusted third-party service providers who process data on our behalf under strict contractual obligations (including Data Processing Agreements where required). These include:

• Cloud infrastructure: Hosting, storage, and computing services (e.g., AWS, Google Cloud, MongoDB Atlas)
• Payment processing: PCI DSS-compliant payment processors (e.g., Razorpay, Stripe)
• Email delivery: Transactional and marketing email services
• Analytics: Usage analytics and performance monitoring
• AI/ML services: AI inference and language model providers for AI-powered features
• Customer support tools: Helpdesk and ticketing systems
• Security: DDoS protection, web application firewall, and intrusion detection services

7.2 Connected Third-Party Platforms

When you integrate third-party platforms with Lamdesk (e.g., Meta/Facebook, Google, WhatsApp), data is shared with those platforms as necessary to enable the integration. Such sharing is governed by both this Privacy Policy and the respective platform's terms and privacy policy.

7.3 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Services of any change in ownership or use of your Personal Data, as well as any choices you may have.

7.4 Legal Requirements

We may disclose your information when we believe in good faith that disclosure is necessary to:

• Comply with applicable laws, regulations, legal processes, or enforceable governmental requests
• Enforce our Terms of Service, including investigation of potential violations
• Detect, prevent, or address fraud, security, or technical issues
• Protect against harm to the rights, property, or safety of Lam Technologies Private Limited, our users, or the public, as required or permitted by law

7.5 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7.6 Aggregated & De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you, for research, industry analysis, benchmarking, or other purposes.

8. Third-Party Platform Integrations

Lamdesk integrates with various third-party platforms to enable omnichannel communication. Below is how we handle data for each major integration:

8.1 Meta Platforms (Facebook, Instagram, WhatsApp)

When you connect your Meta accounts (Facebook Pages, Instagram Business, WhatsApp Business API), we access and process the following data as authorized through Meta's API permissions:

• Facebook: Page information, page posts and comments, messaging conversations, user profile information (name, profile picture) of people who interact with your pages, page insights and analytics.
• Instagram: Business account profile information, media and comments, direct messages (with user-initiated conversations), story mentions, and Instagram insights.
• WhatsApp Business API: Business profile information, phone number details, message templates, conversation messages (sent and received), media attachments, delivery/read receipts, and WhatsApp Business Account information.

How we use Meta data:

• To display and manage conversations from Facebook, Instagram, and WhatsApp in the unified Lamdesk inbox
• To enable your team to respond to customer inquiries across Meta platforms
• To provide analytics and insights on your social media engagement
• To facilitate automated workflows and AI-powered responses as configured by you

What we do NOT do with Meta data:

• We do not sell Meta platform data to third parties
• We do not use Meta data for advertising, marketing, or data brokering purposes outside the Services
• We do not transfer or share Meta data with third parties except as required to provide the Services or as required by law
• We do not use Meta data to build or augment user profiles for advertising
• We do not use Meta data after a user disconnects their account (data is deleted or anonymized upon disconnection or upon request)

8.2 Google APIs (Gmail, Google OAuth)

When you connect your Google/Gmail account, we access the following data based on the permissions you grant:

• Gmail: Email messages (headers, body, attachments) in connected mailboxes, email labels and folder structure, contact information from email headers for thread management.
• Google profile: Name, email address, and profile picture (via OAuth for sign-in).

Google API Limited Use Disclosure:

• We only use Gmail data to provide the email integration features you have configured (reading, sending, and organizing emails within Lamdesk)
• We do not use Gmail data for advertising purposes
• We do not allow humans to read your Gmail data except: (a) with your explicit affirmative consent, (b) as necessary for security purposes (investigating abuse, bugs, etc.), (c) to comply with applicable law, or (d) when data is aggregated and anonymized for internal operations
• We do not transfer Gmail data to third parties except as necessary to provide and improve the Services, as required by law, or as part of a merger/acquisition (with notice)
• All access to Gmail data is limited to what is necessary for the features you use

8.3 Telegram

When you connect a Telegram bot, we access bot token information, incoming messages, user profile data (name, username, chat ID), and media attachments. This data is used solely to display and manage Telegram conversations in the Lamdesk inbox.

8.4 Voice/Telephony Services

When you use Lamdesk Voice features, we process call metadata (caller/recipient numbers, call duration, timestamps), call recordings (if enabled by you with appropriate consent), voicemail transcriptions, and call logs. Call recording and voicemail features are subject to applicable consent requirements in your jurisdiction.

8.5 Live Chat Widget

When a visitor interacts with the Lamdesk Live Chat widget embedded on your website, we collect the visitor's name, email (if provided), IP address, browser/device information, page URL, and the content of the chat conversation. This data is stored as part of the customer's Lamdesk account.

9. Data Retention

We retain your Personal Data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

When data is no longer needed, we securely delete or anonymize it. Anonymized data (which can no longer identify any individual) may be retained indefinitely for statistical and analytical purposes.

10. Data Security

We implement comprehensive technical and organizational measures to protect your Personal Data against unauthorized access, alteration, disclosure, or destruction:

10.1 Technical Measures

• Encryption in transit: All data transmitted between your browser/app and our servers is encrypted using TLS 1.2+ (TLS 1.3 preferred)
• Encryption at rest: All stored data is encrypted using AES-256 encryption
• Password security: User passwords are hashed using bcrypt with appropriate salt rounds; we never store plaintext passwords
• Access controls: Role-based access control (RBAC) with the principle of least privilege
• Multi-factor authentication (MFA): Available for all user accounts
• API security: API keys, JWT tokens, rate limiting, and webhook signature validation
• Network security: Firewalls, intrusion detection/prevention systems, and DDoS protection

10.2 Organizational Measures

• Security training: Regular security awareness training for all employees
• Background checks: Conducted for employees with access to customer data
• Confidentiality agreements: All employees and contractors are bound by confidentiality obligations
• Incident response: Documented incident response plan with defined escalation procedures
• Vendor assessment: Security assessments of all third-party service providers
• Regular audits: Periodic security assessments and vulnerability scans

10.3 Breach Notification

In the event of a Personal Data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (as required by GDPR and other applicable laws)
• Notify affected individuals without undue delay when the breach is likely to result in a high risk to their rights and freedoms
• Document all breaches and remediation actions taken
• Notify affected Customers so they can fulfill their own notification obligations

11. Your Privacy Rights

Depending on your location and applicable law, you have certain rights in relation to your Personal Data. We are committed to honoring these rights:

11.1 Universal Rights

• Right of Access: Request confirmation of whether we process your Personal Data and obtain a copy of it.
• Right to Rectification: Request correction of inaccurate or incomplete Personal Data.
• Right to Erasure (Right to be Forgotten): Request deletion of your Personal Data, subject to legal obligations for retention.
• Right to Data Portability: Receive your Personal Data in a structured, commonly used, machine-readable format (e.g., JSON, CSV).
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Restrict Processing: Request restriction of processing in certain circumstances (e.g., while we verify accuracy of disputed data).
• Right to Withdraw Consent: Where processing is based on consent, withdraw consent at any time without affecting the lawfulness of prior processing.
• Right to Lodge a Complaint: File a complaint with the relevant data protection authority in your jurisdiction.

11.2 How to Exercise Your Rights

You may exercise your rights by:

• Emailing us at privacy@lamdesk.com
• Using the self-service data management tools within your Lamdesk account settings
• Submitting a request through our website contact form

We will verify your identity before processing the request and respond within 30 days (or within the timeframe required by applicable law — e.g., 45 days under CCPA, subject to extension). If we need additional time, we will notify you of the extension and the reason.

We will not discriminate against you for exercising any of your privacy rights.

11.3 Requests Regarding Customer Data

If your Personal Data is processed by Lamdesk on behalf of one of our Customers (i.e., you are a Contact in a Customer's account), please direct your privacy requests to that Customer directly, as they are the Data Controller. We will assist Customers in fulfilling such requests in accordance with our Data Processing Agreement.

12. Cookies & Tracking Technologies

We use cookies and similar technologies (pixels, web beacons, local storage) to operate, analyze, and improve our Services. For a complete description of the cookies we use and how to manage them, please see our Cookie Policy.

12.1 Types of Cookies We Use

12.2 Managing Cookies

You can manage your cookie preferences through your browser settings or our cookie consent tool (where displayed). Note that disabling certain cookies may affect the functionality of the Services. You may also opt out of interest-based advertising via:

• Digital Advertising Alliance (DAA)
• European Interactive Digital Advertising Alliance (EDAA)
• Network Advertising Initiative (NAI)

12.3 Do Not Track

Some browsers transmit "Do Not Track" (DNT) signals. Due to the lack of an industry-wide standard for DNT, we do not currently respond to DNT signals but we honor the Global Privacy Control (GPC) signal where required by applicable law.

13. International Data Transfers

Lam Technologies Private Limited is based in India. Your Personal Data may be transferred to and processed in countries other than your country of residence, including India, the United States, and other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

When we transfer Personal Data internationally, we ensure adequate protection through one or more of the following safeguards:

• Standard Contractual Clauses (SCCs): EU-approved Standard Contractual Clauses for transfers from the EEA/UK
• Adequacy decisions: Transfers to countries recognized as providing an adequate level of data protection by the European Commission, UK, or other authorities
• Data Processing Agreements (DPAs): Contractual commitments with all service providers ensuring appropriate data protection standards
• Consent: Where required and where no other mechanism is available, with your explicit consent for the transfer
• Supplementary measures: Technical measures (encryption, pseudonymization) and organizational measures to supplement transfer mechanisms where required

You may request a copy of the relevant transfer mechanism by contacting us at privacy@lamdesk.com.

14. Artificial Intelligence & Automated Decision-Making

Lamdesk uses artificial intelligence and machine learning technologies to enhance the Services. This section explains how we use AI and your rights regarding automated decisions.

14.1 How We Use AI

• AI Agents: Automated conversational agents that can respond to customer inquiries using knowledge bases and configured instructions. AI Agent responses are generated based on your configurations and training data you provide.
• Smart Replies & Content Generation: AI-suggested replies for messages, email content generation, and text improvement tools.
• Sentiment Analysis: Automated analysis of message tone and customer sentiment to assist support agents.
• Automated Routing: AI-assisted assignment of conversations to appropriate team members based on configured rules and historical data.
• Workflow Automation: AI-triggered actions based on predefined conditions and patterns.
• Voice AI: Speech-to-text transcription, call summarization, and voice-based AI interactions.

14.2 AI Data Processing Principles

• We use third-party AI providers (such as OpenAI, Google, Anthropic, and others) to power certain AI features. Data sent to these providers is governed by our agreements with them and is processed in accordance with their data handling practices.
• We do not use your identifiable Customer Data to train general-purpose AI models without your explicit consent.
• AI features process data in real-time and do not persistently store your data beyond what is needed for the specific feature function (e.g., generating a response).
• You maintain control over which AI features are enabled and can disable them at any time through your account settings.

14.3 Automated Decision-Making Rights

Under GDPR and other applicable laws, you have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significantly affects you. Lamdesk's AI features are designed to assist (not replace) human decision-making. If you believe an automated decision has significantly affected you, you may:

• Request human review of the decision
• Express your point of view and contest the decision
• Obtain a meaningful explanation of the logic involved

15. Children's Privacy

Our Services are designed for businesses and are not intended for use by individuals under the age of 16 (or the applicable minimum age in your jurisdiction, such as 13 in the United States under COPPA). We do not knowingly collect Personal Data from children under the applicable minimum age.

If you are a parent or guardian and believe that your child has provided us with Personal Data, please contact us at privacy@lamdesk.com. We will take prompt steps to delete such information from our systems and terminate any account created by a minor.

16. Region-Specific Disclosures

Depending on your location, you may have additional rights and protections under local law. This section provides jurisdiction-specific information:

16.1 European Economic Area & United Kingdom (GDPR / UK GDPR)

• Data Controller: Lam Technologies Private Limited is the Data Controller for data processed directly. See Section 3 for details on controller/processor roles.
• Legal Basis: We process your data based on the legal bases described in Section 5. For marketing emails, we rely on consent (Article 6(1)(a)).
• Your Rights: You have full GDPR data subject rights as described in Section 11, including the right to lodge a complaint with your local Data Protection Authority (DPA). The lead supervisory authority can be contacted through your national DPA.
• International Transfers: Data transfers from the EEA/UK are protected by Standard Contractual Clauses (SCCs) and supplementary measures. See Section 13.
• Data Protection Officer: You may contact our designated DPO at dpo@lamdesk.com.

16.2 California, USA (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: You can request what Personal Information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: You can request deletion of your Personal Information, subject to exceptions.
• Right to Correct: You can request correction of inaccurate Personal Information.
• Right to Opt-Out of Sale/Sharing: We do not sell your Personal Information. We do not share your Personal Information for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Personal Information: You may direct us to limit the use of your sensitive personal information to what is necessary.
• Right to Non-Discrimination: We will not discriminate against you for exercising any CCPA/CPRA rights.

Categories of Personal Information Collected (past 12 months):

• Identifiers (name, email, phone, IP address, account ID)
• Commercial information (billing records, subscription history)
• Internet/electronic activity (usage data, log data, cookies)
• Professional/employment information (job title, company name)
• Geolocation data (approximate location from IP address)
• Audio information (call recordings, if enabled)
• Inferences (preferences, characteristics derived from analytics)

To exercise your California privacy rights, email privacy@lamdesk.com with the subject "California Privacy Request" or use the self-service tools in your account settings.

16.3 Brazil (LGPD — Lei Geral de Proteção de Dados)

• You have the right to confirmation of processing, access, correction, anonymization, portability, deletion, information about sharing, and the right to withdraw consent.
• Legal bases for processing include consent, performance of contract, legitimate interest, and legal obligation under LGPD Articles 7 and 11.
• You may file a complaint with the Autoridade Nacional de Proteção de Dados (ANPD).
• Contact our Privacy Team at privacy@lamdesk.com to exercise your LGPD rights.

16.4 India (Digital Personal Data Protection Act, 2023 — DPDPA)

• As a Data Principal, you have the right to access information about processing, correction, erasure, grievance redressal, and nomination.
• We process Personal Data based on consent or legitimate uses as permitted under the DPDPA.
• We provide notice in English and other scheduled languages as required, detailing the purpose of processing and your rights.
• You may exercise your rights or lodge a complaint with the Data Protection Board of India.
• Grievance Officer: Please contact grievance@lamdesk.com for DPDPA-related complaints and grievances.

16.5 Singapore (Personal Data Protection Act — PDPA)

• You have the right to access and correction of your Personal Data held by us.
• You may withdraw consent for the collection, use, or disclosure of your Personal Data at any time by contacting us.
• We comply with the Data Protection Provisions of the PDPA and the "Do Not Call" (DNC) provisions.
• You may lodge a complaint with the Personal Data Protection Commission (PDPC).

16.6 South Africa (Protection of Personal Information Act — POPIA)

• You have the right to access, correct, delete, object to processing, and lodge a complaint with the Information Regulator.
• We process personal information in compliance with the conditions for lawful processing under POPIA.
• Our Information Officer can be contacted at privacy@lamdesk.com.

16.7 Japan (Act on the Protection of Personal Information — APPI)

• You have the right to disclosure, correction, cessation of use, and cessation of provision to third parties.
• We comply with APPI requirements for cross-border data transfers and opt-out procedures.
• You may lodge a complaint with the Personal Information Protection Commission (PPC).

16.8 South Korea (Personal Information Protection Act — PIPA)

• You have the right to access, correction, suspension of processing, and deletion of your Personal Information.
• We appoint a personal information protection officer and process data in accordance with PIPA requirements.
• You may lodge a complaint with the Personal Information Protection Commission (PIPC).

16.9 Canada (PIPEDA & Provincial Laws)

• You have the right to access your Personal Information, challenge its accuracy, and withdraw consent.
• We process data based on the consent principles of PIPEDA and applicable provincial privacy laws (e.g., Quebec's Law 25).
• You may lodge a complaint with the Office of the Privacy Commissioner of Canada.

16.10 Australia (Privacy Act 1988 & APPs)

• You have the right to access and correct your Personal Information under the Australian Privacy Principles (APPs).
• We handle your Personal Information in accordance with the Privacy Act 1988 and the APPs.
• You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

16.11 Other Jurisdictions

If you are located in a jurisdiction not listed above that has enacted data protection legislation (e.g., Thailand's PDPA, Vietnam's PDPD, UAE's PDPL, Kenya's DPA, Nigeria's NDPR, Philippines' DPA, Indonesia's PDP Law, New Zealand's Privacy Act 2020, etc.), we will comply with applicable requirements. Please contact us at privacy@lamdesk.com to exercise your rights under your local law.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

• We will update the "Last updated" date at the top of this policy
• For material changes, we will notify you via email (to the address associated with your account) and/or through a prominent notice on our Services at least 30 days before the changes take effect
• Where required by applicable law, we will obtain your consent to material changes
• We will maintain an archive of prior versions of this policy, available upon request

We encourage you to review this Privacy Policy periodically. Your continued use of the Services after any changes constitutes your acceptance of the updated policy.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through any of the following channels: