INTRODUCTION
Lavea Content Lab (“Lavea,” “we,” “us,” or “our”) is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at https://laveacontentlab.com/ or engage with our services.
Please read it carefully. If you disagree with its terms, please discontinue use of our site.
Lavea Content Lab is registered and operates from the Philippines. We work remotely and may serve clients and website visitors from different countries. This Privacy Policy is intended to explain our privacy practices and help us comply with applicable privacy laws, including the Philippine Data Privacy Act of 2012 and, where applicable, other international privacy requirements.
Depending on your location, you may have additional privacy rights under local law. We will respond to applicable privacy requests in accordance with the laws that apply to us.
As the personal information controller for data collected through this website, we are responsible for deciding how and why your personal data is processed.
If you have questions or concerns about this policy or our privacy practices, please contact us at info@laveacontentlab.com.
We collect information that you provide directly to us, information collected automatically when you use our website, and information from third-party sources.
INFORMATION YOU PROVIDE DIRECTLY
– Identity data: First name, last name, job title, and company name
– Contact data: Email address, phone number, and business address
– Communications: Messages, enquiries, and feedback submitted through our contact forms, email, or booking tools
– Client account data: Information you provide when onboarding as a client, including business details and project information
– Payment-related data: Billing name and address used to process invoices. Payment card and transfer details are processed directly by our third-party payment providers (Wise and PayPal) and are not stored on our servers
INFORMATION COLLECTED AUTOMATICALLY
When you visit our website, we automatically collect certain technical and behavioural data, including:
– Device and technical data: IP address, browser type and version, operating system, device identifiers, and time zone settings
– Usage data: Pages visited, links clicked, time spent on pages, referral URLs, and navigation paths
– Analytics data: Aggregated and individual data collected through analytics tools such as Google Analytics, including session data and conversion events
– Cookie data: Data stored through cookies and similar tracking technologies as described in Section 04
INFORMATION FROM THIRD PARTIES
– Data from scheduling tools (Calendly) when you book a discovery call via https://calendly.com/laveacontentlab-info/30min
– Publicly available professional information from platforms such as LinkedIn, Facebook, and Instagram when you interact with our social content
– Analytics and advertising platform data from providers such as Google and Meta
We do not knowingly collect sensitive personal information (such as racial origin, health data, or political opinions) through this website. If such data is incidentally shared in a contact form message, it will be handled with the utmost care and deleted unless strictly necessary.
We use the information we collect for specific, legitimate purposes only. We will not use your data in ways incompatible with these purposes without first notifying you.
– To respond to enquiries and provide services: Processing contact form submissions, booking discovery calls, and delivering contracted services to clients
– To manage our business relationship: Sending service-related communications, proposals, invoices, and project updates
– To process payments: Coordinating with our third-party payment processors (Wise and PayPal) to manage billing and financial records
– To improve our website and services: Analysing usage data and visitor behaviour to enhance the performance, content, and usability of our website
– To send marketing communications: Where you have given consent, sending newsletters, educational content, and updates about Lavea’s services
– To comply with legal obligations: Meeting our legal, accounting, tax, and regulatory obligations under laws that apply to us
– To protect our rights: Detecting, preventing, and addressing fraud, security issues, and other harmful or unlawful activity
We will never sell your personal data to third parties. We will never use your data for purposes unrelated to our legitimate business activities without your explicit consent.
Where required by applicable privacy law, we rely on one or more of the following lawful bases when processing your personal data:
– Contractual necessity: Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract
– Legitimate interests: Processing is necessary for our legitimate business interests — such as improving our website, conducting analytics, and communicating about our services — provided those interests are not overridden by your rights
– Consent: Where required by law, we will obtain your clear, informed consent before processing your data — for example, before sending marketing emails or placing non-essential cookies
– Legal obligation: Processing is necessary to comply with a legal or regulatory obligation applicable in your jurisdiction or ours
This policy is intended to help us comply with applicable privacy requirements, including:
– Philippine Data Privacy Act of 2012 (RA 10173) — our primary governing law
– EU General Data Protection Regulation (GDPR) — for clients and visitors in the European Economic Area
– UK General Data Protection Regulation (UK GDPR) — for clients and visitors in the United Kingdom
– Australian Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs) — for clients and visitors in Australia
– California Consumer Privacy Act (CCPA / CPRA) — for clients and visitors in California, USA
– Other applicable national or regional privacy laws — where such laws apply to how we handle your data
Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing before its withdrawal. To withdraw consent, please contact us at info@laveacontentlab.com or use the unsubscribe link in any marketing email.
Our website uses cookies and similar technologies to distinguish you from other users, remember your preferences, and improve your experience. Cookies are small text files placed on your device by your browser when you visit a website.
Our website is built on WordPress using Elementor and is hosted on Hostinger. Cookie consent notices are managed through the tools provided by these platforms.
COOKIE CATEGORIES
Strictly Necessary Cookies
Purpose: Enable core website functionality. The site cannot function properly without these.
Examples: WordPress session cookies, Elementor functional cookies, Hostinger server cookies
Consent Required: No
Analytics & Performance Cookies
Purpose: Measure how visitors use our site and identify areas for improvement.
Examples: Google Analytics (_ga, _gid)
Consent Required: Yes
Functional Cookies
Purpose: Remember your preferences and settings to personalise your experience.
Examples: Language, region, Calendly booking tool preferences
Consent Required: Yes
Marketing & Advertising Cookies
Purpose: Track visits across websites to deliver relevant advertising.
Examples: Meta Pixel, Google Ads tags
Consent Required: Yes
When you first visit our website, a cookie consent notice will ask for your preferences. You may accept all cookies, reject non-essential cookies, or manage your preferences at any time. You may also control cookies through your browser settings, though restricting cookies may affect the functionality of our website.
For more information about cookies, visit www.allaboutcookies.org.
We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:
SERVICE PROVIDERS AND TECHNOLOGY PARTNERS
We share data with trusted third-party providers who assist us in operating our website and delivering our services. These providers are contractually obligated to protect your data and may only process it on our instructions. This includes:
– Website hosting: Hostinger (hostinger.com)
– Website platform: WordPress with Elementor
– Payment processors: Wise (wise.com) and PayPal (paypal.com), who handle payment and transfer data under their own privacy policies
– Analytics providers: Google Analytics (analytics.google.com)
– Scheduling tools: Calendly (calendly.com/laveacontentlab-info/30min)
– Project management and collaboration tools used internally by our team
These third-party providers may be located in countries other than your own, including the Philippines, the United States, and other jurisdictions. We take reasonable steps to ensure that all such providers maintain adequate data protection standards regardless of their location.
LEGAL AND COMPLIANCE DISCLOSURES
We may disclose your information where required by law, court order, governmental authority, or regulatory body in any jurisdiction — including the Philippines, the country where you are located, or the country where one of our service providers operates — or where necessary to protect our legal rights, prevent fraud, or ensure the safety of our team or the public.
BUSINESS TRANSFERS
In the event of a merger, acquisition, restructuring, or sale of all or part of Lavea Content Lab’s assets, your personal data may be transferred as part of that transaction. We will notify you before your personal data becomes subject to a different privacy policy.
We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including meeting any legal, regulatory, accounting, or reporting obligations in any jurisdiction that applies.
– Contact enquiries: Retained for up to 24 months from last contact, after which they are securely deleted or anonymised
– Client data: Retained for the duration of the client relationship and for up to 7 years thereafter for legal and accounting purposes
– Payment records: Retained for up to 7 years to comply with financial and tax regulations
– Analytics data: Aggregated and anonymised data may be retained indefinitely; identifiable user-level data is retained as configured in our analytics platform (default 14 months for Google Analytics)
– Marketing data: Retained until you withdraw consent or opt out, after which your data is promptly removed from our active marketing lists
When personal data is no longer required, we ensure it is securely deleted or anonymised in a manner that prevents reconstruction of the original data.
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against accidental loss, unauthorised access, alteration, disclosure, or destruction. These include:
– SSL/TLS encryption for all data transmitted between your browser and our website
– Access controls ensuring that only authorised team members can access personal data on a need-to-know basis
– Secure, password-protected systems with multi-factor authentication where applicable
– Regular review of our data collection, storage, and processing practices
– Third-party service providers (including Hostinger, Wise, and PayPal) who maintain their own security standards under their respective policies
While we implement these safeguards, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.
In the event of a personal data breach, we will take appropriate steps to investigate, contain, and respond to the incident. Where required by law, we will notify affected individuals and/or the relevant data protection authority.
Regardless of where you are located, you have the right to expect that your personal data is handled responsibly, transparently, and securely. Depending on the laws of your country or region, you may also have specific enforceable rights as set out below.
YOUR GENERAL PRIVACY RIGHTS
Depending on your location and the laws that apply, you may have some or all of the following rights:
Right of Access — Request a copy of the personal data we hold about you and information about how it is used.
Right to Rectification / Correction — Request correction of inaccurate or incomplete personal data.
Right to Erasure / Deletion — Request deletion of your personal data where there is no overriding reason for us to retain it.
Right to Restrict Processing — Request that we limit how we use your data in certain circumstances.
Right to Object — Object to our processing of your data based on legitimate interests or for direct marketing at any time.
Right to Withdraw Consent — Withdraw consent at any time where processing is based on consent, without affecting prior lawful processing.
Right to Complain — Lodge a complaint with the data protection authority in your country if you believe your rights have been violated.
PHILIPPINE RESIDENTS — Data Privacy Act of 2012 (RA 10173)
You have all the general rights listed above. You may also lodge a formal complaint with:
National Privacy Commission (NPC)
Website: www.privacy.gov.ph
Address: 5th Floor Delegation Building, PICC Complex, Roxas Boulevard, Pasay City, Metro Manila
UK RESIDENTS — UK General Data Protection Regulation (UK GDPR)
You have all the general rights listed above, plus the right to data portability (receiving your data in a structured, machine-readable format). You may lodge a complaint with:
Information Commissioner’s Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113
EEA RESIDENTS — EU General Data Protection Regulation (GDPR)
You have all the general rights listed above, including the right to data portability and the right not to be subject to solely automated decision-making. You may lodge a complaint with the data protection supervisory authority in your EU member state.
AUSTRALIAN RESIDENTS — Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs)
Your personal data is handled in accordance with the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). You have the right to access, correct, and complain about the handling of your personal information.
Under APP 8, before disclosing your personal information to an overseas recipient (including our team in the Philippines), we take reasonable steps to ensure your data is handled consistently with the APPs. You may lodge a complaint with:
Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
CALIFORNIA RESIDENTS — California Consumer Privacy Act (CCPA / CPRA)
You have the right to know, delete, correct, and opt out of the sale or sharing of your personal information. We do not sell personal information as defined under the CCPA. You also have the right to non-discrimination for exercising your privacy rights.
RESIDENTS OF OTHER COUNTRIES
If you are located in a country not specifically listed above, you may still have privacy rights under your local law. You may contact us at info@laveacontentlab.com, and we will review your request in accordance with applicable legal requirements.
To exercise any of your rights, please submit a written request to info@laveacontentlab.com. We will verify your identity before processing any request and aim to respond within the following timeframes:
– Philippine DPA: 15 business days
– UK GDPR / EU GDPR: 30 calendar days (extendable by a further 2 months for complex requests)
– Australian Privacy Act: 30 calendar days
– CCPA: 45 calendar days (extendable by a further 45 days where necessary)
– All other requests: 30 calendar day
Lavea Content Lab is based in the Philippines and serves clients remotely across the world. Personal data provided to us — whether through our website, contact forms, discovery calls, or client engagements — may be transferred to, stored in, and processed in the Philippines.
We take reasonable steps to ensure that international transfers of personal data are handled securely and in accordance with applicable privacy requirements.
HOW WE PROTECT TRANSFERRED DATA
– We apply the security measures described in Section 07 to all personal data, regardless of where it is processed.
– Where required by your local law (such as the UK GDPR, EU GDPR, or Australian APPs), we rely on appropriate transfer mechanisms such as Standard Contractual Clauses (SCCs), adequacy decisions, or contractual obligations that require overseas recipients to apply equivalent protections.
– For Australian clients, we comply with APP 8 by taking reasonable steps to ensure that personal data disclosed to overseas recipients — including our team and third-party tools — is treated in accordance with the Australian Privacy Principles.
– For EEA and UK clients, personal data transferred outside the UK or EEA is protected by appropriate safeguards in accordance with the UK GDPR or EU GDPR.
THIRD-PARTY SERVICE PROVIDERS
Our third-party service providers — including Hostinger, Google Analytics, Wise, PayPal, and Calendly — may process data in their own jurisdictions. Each of these providers operates under their own privacy policies and data transfer frameworks. We encourage you to review their policies:
– Hostinger: hostinger.com/privacy-policy
– Google: policies.google.com/privacy
– PayPal: paypal.com/uk/legalhub/privacy-full
– Wise: wise.com/gb/legal/privacy-policy
– Calendly: calendly.com/pages/privacy
If you have questions about how your personal data is handled when transferred internationally, please contact us at info@laveacontentlab.com.
Our website may contain links to third-party websites, plug-ins, and applications including our social media pages on Facebook, Instagram, and LinkedIn. Clicking those links or enabling those connections may allow third parties to collect or share data about you.
We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit. This Privacy Policy applies solely to information collected by Lavea Content Lab through our own website and services.
Our website and services are intended for business professionals and are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors.
If we become aware that we have collected personal data from a minor without appropriate parental or guardian consent, we will take immediate steps to delete that information. If you believe we may have inadvertently collected data from a minor, please contact us immediately at info@laveacontentlab.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or other operational reasons.
When we make material changes, we will update the “Last Updated” date at the top of this page and, where required by law, notify you by email or through a prominent notice on our website.
We encourage you to review this policy periodically to stay informed about how we are protecting your information.
If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us.
Lavea Content Lab
Email: info@laveacontentlab.com
Website: https://laveacontentlab.com/
Book a call: https://calendly.com/laveacontentlab-info/30min
We aim to respond to all privacy-related enquiries within 15 business days, or within the timeframe required by your applicable local law.
Copyright 2026 © Lavea Content Lab. All Rights Reserved.