This Privacy Notice describes how LTVera, Inc. (together with its affiliates, “LTVera,” “we,” or “us”) collects, stores, uses, and discloses personal data when you interact with us, including when you visit or interact with our websites, participate in our events, interact with our ads, emails, sales and marketing channels, and integrations, and when you use our post-purchase decisioning platform (collectively, the “Services”).
Please review this Privacy Notice carefully and use the information here to make informed choices. By accessing the Services, registering for an account, or otherwise interacting with us, you agree to the terms of this Privacy Notice. If you do not agree, please do not use the Services or provide us with any information.
Our Services are designed for businesses and are not intended for personal or household use. Accordingly, we treat the personal data covered by this Privacy Notice as relating to individuals acting as business representatives rather than in their personal capacity. You are not legally required to provide personal data, but without it we may not be able to provide the full range of our Services.
1. Data collection & processing
When we use the term “personal data,” we mean information that identifies, relates to, or could reasonably be linked to an individual. It does not include aggregated or de-identified information that cannot reasonably be linked to an individual. We collect the following categories of personal data, relating to the following data subjects:
Customer (Merchant) Data
Personal data we process on behalf of our business customers as part of operating the platform. We process this data under the customer’s instruction and our data processing terms with them. This Privacy Notice, which describes LTVera’s own practices, does not govern that processing; to learn about a customer’s own practices, contact them directly.
User Data
Personal data about our customers’ people who engage with us regarding their account, and who use the platform on the customer’s behalf, such as account administrators, users, billing contacts, and authorized signatories, along with their business needs and preferences.
Prospect Data
Personal data relating to visitors of our websites, event participants, and other prospective customers, users, or partners who interact with our Services.
Specifically, we collect or generate the following through the Services:
- Usage, login, and device information: connectivity, technical, and aggregated usage data such as user agent, IP address and approximate location derived from it, device data (type, OS, device ID, browser, locale, language), activity logs, session recordings, website chat data, login credentials, cookies and pixels, and inferred data generated from use of the Services.
- Contact and business information: name, email, phone, position, workplace and professional information, our communications with you (including call and video recordings and transcriptions), feedback and testimonials, contractual and billing details, and identified needs, preferences, and insights relevant to our engagement, including interest and purchase history and other commercial information.
- Personal data contained in Customer Data provided by, or processed on behalf of, our customers under their instruction.
For the purposes of the California Consumer Privacy Act (“CCPA”), in the last 12 months we have collected the following categories: Identifiers; Customer Records Information; Internet or other electronic network activity information; Professional or employment-related information; Geolocation Data; Commercial Information; Inferences; and Audio, electronic, and visual information. We collect this personal information automatically when you use the Services, from customers and users, and from service providers.
2. Data uses & lawful bases for processing
We use personal data for the following business and commercial purposes: to provide, operate, secure, support, and improve the Services; to build, train, and improve our models; to process payments and billing; to communicate with you, including service and promotional communications; to personalize and analyze use of the Services; to develop new products and services; to comply with legal obligations; and to protect our rights and the security and integrity of our Services.
Where data protection laws such as the GDPR apply, we rely on the following lawful bases: performance of a contract; our legitimate interests in operating, securing, and improving our Services and marketing to business contacts; compliance with legal obligations; and your consent, where required (for example, for certain cookies or marketing). Where consent is the applicable basis, your acceptance of our Terms of Use and this Privacy Notice is treated as consent to the processing described here, unless the law requires a different form of consent. To revoke consent, contact us at [email protected].
3. Data storage & transfer
We and our authorized service providers maintain, store, and process personal data in the United States and in other locations as reasonably necessary to provide the Services, for our internal business purposes, or as required by law.
While privacy laws vary between jurisdictions, LTVera is committed to protecting personal data in accordance with this Privacy Notice and customary industry standards. Where we transfer personal data from the EEA, the UK, or Switzerland to countries that are not deemed to provide an adequate level of protection, we rely on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission and the UK Information Commissioner’s Office. You can request a copy by contacting us as described in Section 12.
4. How long we retain your personal data
We retain personal data for as long as we reasonably need it to maintain our relationship and provide the Services, to comply with our legal and contractual obligations, and to protect against potential disputes, in accordance with applicable law. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm, the purposes of processing, and legal requirements. Except as required by law or our agreements with you, we are not obligated to retain personal data for any particular period and may securely delete, anonymize, or restrict access to it at any time.
5. How we disclose your personal data
We disclose personal data in the following ways:
- Service providers: third parties that perform services on our behalf, such as hosting and infrastructure, content delivery, data security, billing and payment processing, fraud prevention, analytics, email delivery, session and activity recording, support and CRM, and our legal, financial, and compliance advisors. They may access personal data only as needed for their role and may use it only as set out in our agreements with them.
- Partners: selected business, channel, and agency partners and resellers, to whom we may disclose relevant contact, business, and usage details so they can engage with you. Aspects of your engagement with a partner that are not directed by LTVera are governed by the partner’s own terms and policies.
- Service integrations: when you connect third-party services (such as your commerce platform, email and SMS tools, subscription apps, and ad platforms), data, which may include Customer Data and User Data, is exchanged between those services and the platform as needed for the integration. We do not receive or store your passwords for these services, though we typically require an API key to integrate.
- Business customers: our customers can access the personal data we process on their behalf and data relating to their users.
- Public feedback: if you submit a public review or testimonial, we may store and display it; contact us to remove it.
- Legal compliance: we may disclose personal data in response to lawful requests or where we believe in good faith it is necessary to comply with law, investigate wrongdoing, or protect our legitimate interests, including the security of our Services.
- Protecting rights and safety: to protect the rights, property, or safety of LTVera, our users and customers, or the public.
- Affiliates and corporate transactions: within our group, and in connection with a merger, acquisition, financing, or sale of assets, including during negotiations or in insolvency.
- Advertising: if the Services display third-party advertisements, when you interact with an ad we may share limited information (such as your company name, the time of the interaction, and whether you clicked through) with the advertiser to measure performance.
We may also share data with your approval, where legally obligated, or once it has been rendered non-identifiable and anonymous. For the purposes of the CCPA, in the past 12 months we may have disclosed the categories listed in Section 1 to service providers, partners, and affiliates, for legal compliance, and to protect rights and safety, in pursuit of the purposes described in Section 2.
6. Cookies, tracking, and Do Not Track
We and our service providers use cookies, pixels, tags, and similar technologies to provide the Services, ensure they work properly, analyze performance and marketing, and personalize your experience. We use both session cookies (removed when you close your browser) and persistent cookies (which remain longer, for example to remember your login).
We use Google Analytics to understand how the Services are used; you can learn about its practices at google.com/policies/privacy/partners and opt out at tools.google.com/dlpage/gaoptout. We do not change our practices in response to a browser “Do Not Track” signal, but you can manage cookies through your browser settings, and we honor the Global Privacy Control (GPC) for opting out of sale or sharing. Disabling cookies may limit your use of the Services. Depending on your location, you can also use the “Your Privacy Choices” control in our Services.
7. Communications
We engage in service and promotional communications by email, phone, SMS, and notifications.
Service communications include important information about the Services, such as changes or updates, billing issues, and login or password notices. You cannot opt out of certain service communications that are integral to your use of the Services.
Promotional communications tell you about new features, offerings, and events, subject to consent where required. You can opt out at any time by emailing [email protected] or following the unsubscribe instructions in the message.
8. Data security
We have implemented industry-standard physical, procedural, and technical security measures designed to protect your personal data and minimize the risk of loss, theft, or unauthorized access or use. However, we cannot guarantee that the Services will be immune from wrongdoing, malfunction, or unauthorized access. If you believe your information is no longer secure, please contact us at [email protected].
9. Your data subject rights
Subject to applicable law and certain exceptions, you may have the right to: request access to and information about the personal data we collect, its sources, the purposes of collection, and the categories of third parties with whom we share it; request correction or deletion of your personal data; restrict or object to processing, including directing us not to sell or share your personal data; port your personal data; and receive equal service and pricing (freedom from discrimination). Under frameworks such as the GDPR, you may also lodge a complaint with your supervisory authority.
To exercise your rights, contact us at [email protected]. We will not charge a fee unless your request is excessive, repetitive, or manifestly unfounded. To protect your privacy, we may ask you to verify your identity before fulfilling a request, and we may retain that verification information for compliance and auditing. We may redact personal data relating to others, and we may decline a deletion request or retain certain data where permitted or required by law, explaining our reasoning. You may also use an authorized agent, with proof of authorization, to submit a request on your behalf.
10. Data controller / processor
Data protection laws such as the GDPR and CCPA distinguish between the “controller” (or “business”), which determines the purposes and means of processing, and the “processor” (or “service provider”), which processes data on the controller’s behalf.
- LTVera is the controller of Prospect Data; our service providers act as our processors.
- LTVera is the processor of Customer Data, which we process on behalf of our customers (each a controller); our service providers act as sub-processors.
- LTVera is both a controller and processor of User Data, depending on whether it is processed for our own purposes or as part of Customer Data on a customer’s behalf.
Our customers are solely responsible for deciding how they use the Services and for ensuring that individuals whose data they process through the Services have received adequate notice and, where required, given informed consent, and that all applicable legal requirements are met. Customers are also responsible for handling data subject requests from their own users.
11. Opt-out of sale / sharing for targeted advertising
Under some US privacy laws, including the CCPA, our disclosure of certain internet activity and device information with third parties through cookies may be considered a “sale” or “sharing” of personal information for targeted advertising. In the last 12 months we may have “sold” or “shared” Internet or Other Electronic Network Activity Information, Geolocation Data, and Commercial Information with our analytics and advertising partners. We have not knowingly sold or shared the personal information of individuals under the age of 16.
You can opt out of cookies that may result in a sale or sharing by using the “Your Privacy Choices” control on our website and selecting “Do Not Sell or Share My Personal Information,” and by enabling the Global Privacy Control (GPC) in each browser you use.
12. Additional notices & contact details
Updates and amendments. We may update this Privacy Notice from time to time by posting an amended version on our Services, effective as of the date published. We will provide notice of material changes through the Services or other available means. Where required, we will ask for your consent before you continue to access the Services after an update.
External links. Our Services may link to other websites or services whose privacy practices we do not control. We encourage you to read the privacy policies of every site you visit. This Privacy Notice applies only to our Services.
Children. Our Services are not directed to minors, and we do not knowingly collect personal data from them. If we learn that we have collected such data, we will take steps to delete it. If you believe we hold data about a minor, contact us at [email protected].
Contacting us. If you have questions or concerns about this Privacy Notice or your personal data, please contact our privacy team at [email protected]. If you are in the EEA or UK and have questions about how we handle your personal data, you can also reach us at that address.