Lunvi Labs

Privacy Policy

Last updated: 27 Oct 2025
Controller: Lunvi Labs (“we”, “us”, “our”)

Lunvi Labs provides server-side event delivery (Meta Conversions API, GA4 Measurement Protocol v2, Event Router, etc.). Our platform focuses on privacy-first tracking: regional hosting, consent enforcement, and minimized identifiers. This Privacy Policy explains what data we collect, how we use it, and the rights you have.

1. What data we collect

We collect two categories of data:

Lead / contact data you submit

When you request an upgrade, demo, or contact us, you may send us: company name, work email, phone number, billing / tax details, and free-text notes. We use this to respond, open or manage your account / plan, and handle billing conversations.

Technical / analytics data

We measure basic product interest on lunvilabs.com — e.g. which pricing plan was viewed, which form was submitted, approximate page usage, and aggregated performance metrics for our endpoints. We currently use Google Analytics 4 with IP anonymization and Consent Mode v2–style behavior. We do not try to personally identify you from this analytics data.

2. How we use this data

3. Cookies, consent, measurement

We aim to send conversion / analytics events using consent-aware, server-side calls instead of browser trackers wherever possible. In practice:

4. Sharing data with processors / vendors

We use infrastructure and service vendors (for example managed hosting, logging/alerting, email delivery, analytics with consent controls). These vendors act as processors and help us deliver uptime, debugging, and notifications. Where required, we sign Data Processing Agreements (DPAs) and maintain a subprocessors list.

We don’t sell personal data, and we don’t share customer data with ad platforms for unrelated targeting. If you ask us to push events to a destination (Meta, GA4, TikTok, etc.), we act as your conduit and will forward only the payloads you configure.

5. Data location & transfers

For some plans (Growth, Enterprise) we can route data to EU infrastructure / residency regions. If data is transferred outside that region, we use contractual and technical safeguards (for example encryption in transit & at rest, TLS / AES-256, and access scoping).

6. Retention & deletion

We keep lead / contact data while we’re actively working with you (sales cycle, onboarding, billing) and for a reasonable audit / tax record period afterward. We keep technical event logs and debugger trails long enough to troubleshoot reliability, compliance, and billing disputes. On valid request, and where legally allowed, we’ll delete or anonymize data tied to you or your organization.

7. Your rights

Depending on where you’re located (for example GDPR / KVKK regions), you may have rights such as access, correction, deletion, restriction, objection, and data portability. You can also object to marketing-style contact.

To exercise these rights, contact us at info@lunvilabs.com. We may need to verify that you’re authorized (for example, you’re part of the customer org or you’re the account owner).

8. Security

We apply encryption in transit & at rest, role / scope isolation, per-destination secrets, audit logging, and dedicated regions for higher plans. No service is perfectly secure, but we work to keep exposure minimal, log access, and respond quickly if something looks off.

9. Changes to this policy

We may update this Privacy Policy as we improve the product, add new regions, or change our vendors. If changes are material, we’ll update the “Last updated” date above and make a reasonable effort to notify active customers.

10. Contact us

If you have questions about privacy, subprocessors, or data residency, email info@lunvilabs.com.