PRIVACY POLICY
Last Updated: December 5th, 2025
Effective Date: December 5th, 2025
1. INTRODUCTION
Lionrock Labs Limited (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy and ensuring the security of your personal information.
This comprehensive Privacy Policy (“Policy”) describes how we collect, use, store, process, transfer, and protect your personal information when you visit our website at https://lionrocklabs.com (the “Site”) and use our AI-powered services, including our AI Co-Pilot, educational courses, and related offerings (collectively, the “Services”).
This Policy applies to all users of our Services, including visitors, registered users, and subscribers. It explains your privacy rights under various data protection laws, including but not limited to:
The European Union General Data Protection Regulation (GDPR)
The European Union Artificial Intelligence Act
The United Kingdom Data Protection Act 2018 (as Amended)
The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)
The Virginia Consumer Data Protection Act (VCDPA)
The Colorado Privacy Act (CPA)
The Utah Consumer Privacy Act (UCPA)
The Connecticut Data Privacy Act (CTDPA)
Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
Australia’s Privacy Act 1988
South Africa’s Protection of Personal Information Act (POPIA)
And other applicable international privacy laws.
By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy and our Terms of Service.
If you do not agree with any aspect of this Policy, you must immediately discontinue your use of our Services and contact us to request deletion of your personal information.
This Policy covers the personal information we collect through:
Our primary website at https://lionrocklabs.com
Our AI Co-Pilot and related AI services
Our educational course platform
Email, text, and other electronic communications
Mobile applications (if any)
Third-party integrations and services
1.2 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.
When we make changes, we will update the “Last Updated” date at the beginning of this Policy and provide additional notice as required by applicable law, which may include email notification or prominent notices within our Services.
We encourage you to periodically review this Policy to stay informed about our privacy practices.
1.3 Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Lionrock Labs Limited
Unit 7, 8/F., Tower B
83 King Lam Street, Lai Chi Kok
Hong Kong
Email: support@lionrocklabs.com
For data protection-specific inquiries, please use the subject line “Privacy Request” in your email communication.
We collect personal information that you voluntarily provide to us when you register for our Services, express interest in obtaining information about us or our products and Services, participate in activities on the Services, or otherwise contact us.
The personal information we collect may include the following:
2.1.1 Account Registration Information
Full name and contact details
Email address for account verification and communication
Username and password for account access
Contact preferences and communication settings
Billing information necessary for payment processing
2.1.2 Payment and Transaction Information
Payment method details (processed directly by our payment processors)
Billing address and transaction history
Subscription details and order information
Tax identification information where required by law
2.1.3 User-Generated Content
Communications with our support team
Feedback, comments, and reviews of our Services
Content you upload or post, including articles, comments, photos, audio, videos, and user profile images
AI interactions including prompts, queries, and generated responses
Course progress and completion data
2.1.4 Professional Information
Business information you choose to provide
Professional background and areas of expertise you choose to provide
Business goals and objectives shared with our AI Co-Pilot
3.2.1 Automated Technologies or Interactions
As you interact with our Services, we may automatically collect technical data about your equipment, browsing actions, and patterns.
We collect this personal information by using cookies, server logs, or other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies.
3.3 Third Parties or Publicly Available Sources
We may receive personal information about you from various third parties as set out below:
Technical data from analytics providers, advertising networks, and search information providers
Contact, financial, and transaction data from providers of technical, payment, and delivery services
Identity and contact data from data brokers or aggregators (where permitted by law)
Publicly available sources including public databases and other public sources
4. HOW WE USE YOUR INFORMATION
We use your personal information for various business purposes described below, based on the legal bases permitted under applicable laws.
4.1 Primary Business Purposes
4.1.1 Service Delivery and Contract Fulfillment
To create and manage your user account
To provide our AI Co-Pilot services and process your queries
To deliver educational courses and track your progress
To process payments and manage your subscriptions
To provide customer support and respond to inquiries
To send service-related communications including confirmations, updates, and security alerts
Legal Basis: Performance of a contract, Legitimate interests
4.1.2 Business Operations and Improvement
To analyze usage patterns and improve our Services
To develop new products, features, and services
To conduct research and analysis to enhance user experience
To monitor and maintain service quality and performance
To troubleshoot technical issues and prevent service disruptions
To protect against fraud, abuse, or security risks
Legal Basis: Legitimate interests, Compliance with legal obligations
4.2 Marketing and Communications
4.2.1 Direct Marketing
To send promotional communications about our Services
To provide information about special offers and discounts
To deliver targeted advertising based on your interests
To notify you about new courses and features
To invite you to participate in surveys or market research
Legal Basis: Consent (which can be withdrawn at any time), Legitimate interests
4.2.2 Personalization and User Experience
To customize content and recommendations
To remember your preferences and settings
To create personalized learning paths
To tailor AI Co-Pilot responses to your specific needs
To optimize website layout and functionality based on user behavior
Legal Basis: Legitimate interests, Consent (which can be withdrawn at any time)
4.3 Legal and Compliance Purposes
4.3.1 Legal Obligations
To comply with applicable laws and regulations
To respond to legal requests and court orders
To protect our legal rights and interests
To enforce our Terms of Service and other agreements
To maintain appropriate business records
Legal Basis: Legal obligation, Legitimate interests
4.3.2 Business Transfers
In connection with mergers, acquisitions, or asset sales
During due diligence processes for business transactions
To facilitate corporate restructuring or financing
To protect the interests of our company and stakeholders
Legal Basis: Legitimate interests
4.4 AI-Specific Processing
4.4.1 AI Co-Pilot Operations
To process your queries and generate responses using DeepSeek API
To improve AI model performance and accuracy
To train and fine-tune our AI systems (using anonymized data)
To analyze usage patterns for service optimization
To ensure AI safety and prevent misuse
Legal Basis: Performance of contract, Legitimate interests
4.4.2 Data Retention for AI Services
Conversation history is retained for 30 days for service functionality
Anonymized interaction data may be retained for model improvement
Personal identifiers are separated from AI training data
Regular data purging occurs according to our retention schedule
4.4.3 AI & Data Processing Disclosure
This section provides specific information on how we process personal data in relation to our AI-powered services, including the “AI Co-Pilot,” in accordance with the European Union’s Artificial Intelligence Act (AI Act) and the General Data Protection Regulation (GDPR).
1. AI Co-Pilot & Data Processing
Our “AI Co-Pilot” is a custom interface that integrates with a third-party AI provider, DeepSeek, via its API. When you use the AI Co-Pilot, your interactions (including your prompts, queries, and any personal data you include) are processed to provide you with AI-generated content and assistance.
2. Legal Basis for Processing (GDPR Compliance)
We process your personal data for the AI Co-Pilot and related services based on the following legal grounds:
Performance of a Contract: Processing is necessary to provide you with the AI Co-Pilot service as part of your membership/subscription.
Legitimate Interest: We have a legitimate interest in improving our service’s accuracy, functionality, and user experience (e.g., through anonymized analysis of interaction patterns).
Your Consent: For certain non-essential data processing, such as using cookies for analytics, we will rely on the consent you provide through our cookie banner.
3. Data Collection Technologies & Sources
We collect information through:
Cookies and Server Logs: We use these to remember your preferences, understand how you use our service, and for technical functionality. For more details, please see our Cookie Policy.
Third-Party Cookies: When you visit other websites that use our cookies, we may receive technical data about your browser and device. This helps us measure the effectiveness of our advertising campaigns.
Direct Interactions: The primary source of data for the AI Co-Pilot is the information you directly provide when using the chat interface.
4. Data Sharing with Third-Party AI Providers
To function, the AI Co-Pilot transmits your prompts and queries to DeepSeek. This company acts as a Data Processor on our behalf. We have implemented a Data Processing Agreement (DPA) with DeepSeek to ensure they process your data in compliance with EU law, providing appropriate safeguards for data security and confidentiality.
We strongly advise you not to submit any Sensitive Personal Data (e.g., related to health, ethnicity, sexual orientation, religious beliefs, etc.) or highly confidential information to the AI Co-Pilot.
5. Risk Assessment & Transparency under the AI Act
In alignment with the principles of the EU AI Act:
Risk Classification: We classify our AI Co-Pilot as a limited-risk application. It is a supportive tool designed to augment your productivity and is not used for automated decision-making with legal or similarly significant effects.
Transparency: You have the right to know you are interacting with an AI system. This disclosure serves that purpose. The AI’s outputs are generative and should be verified by you, the user, as they may not always be accurate.
Human Oversight: The use of the AI Co-Pilot is always under your control and supervision. You are responsible for reviewing, editing, and approving all outputs before any external use.
Always consult with your own financial, professional, and legal advisors before making any business, career, or financial decisions.
6. Data Retention
We retain the data associated with your AI Co-Pilot interactions only for a period of thirty (30) days to ensure service functionality and for support purposes. After this period, your conversation history is automatically and permanently deleted from our systems. We would only retain your data for a longer period if necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
7. Your Data Subject Rights (GDPR)
Under GDPR, you have the right to:
● Access, correct, or delete your personal data.
● Restrict or object to our processing of your data.
● Data portability (to receive your data in a structured, machine-readable format).
● Withdraw your consent, without affecting the lawfulness of processing based on consent before its withdrawal.
To exercise these rights, please contact us at support@lionrocklabs.com.
8. Changes to This Disclosure
We may update this AI Act and Data Processing Disclosure to reflect changes in our practices, the AI Act’s final requirements, or other regulations. We will notify you of any material changes by posting the new policy on this site.
9. Please read our Terms of Service and Cookie Policy for more important and related information.
Legal Basis: Legitimate interests, Performance of contract
5. LEGAL BASES FOR PROCESSING (GDPR/UK GDPR)
We rely on the following legal bases for processing your personal information under the GDPR and UK GDPR:
5.1 Consent
We process your personal information when you have given us specific consent for one or more specific purposes. You have the right to withdraw your consent at any time by contacting us or using the privacy controls in your account settings.
Examples of consent-based processing:
● Marketing communications and promotional emails
● Certain types of cookies and tracking technologies
● Participation in voluntary surveys or research
5.2 Performance of a Contract
We process your personal information when it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Examples of contract-based processing:
● Creating and managing your user account
● Providing access to our AI Co-Pilot and courses
● Processing payments and managing subscriptions
● Providing customer support and service communications
5.3 Legitimate Interests
We process your personal information when we have legitimate business interests that are not overridden by your data protection rights. We conduct legitimate interests assessments to ensure our interests are balanced with your rights.
Examples of legitimate interests processing:
● Service improvement and product development
● Security and fraud prevention
● Business analytics and reporting
● Marketing and business development (within reasonable limits)
● Network and information security
5.4 Legal Obligation
We process your personal information when it is necessary for compliance with a legal obligation to which we are subject.
Examples of legal obligation processing:
● Tax reporting and accounting records
● Response to legal requests and court orders
● Regulatory compliance and reporting
● Fraud prevention and detection
6.1 Other Tracking Technologies
● Web Beacons: Small graphic images that may be included in our Services and emails
● Pixels: Code embedded on webpages that tracks user interactions
● SDKs: Software development kits used in mobile applications
● Local Storage: HTML5 local storage and similar technologies
● Fingerprinting: Device fingerprinting technologies for security and fraud prevention
6.2 Google Services
We use various Google services that involve tracking technologies:
6.3 Google Analytics
● Remarketing with Google Analytics
● Google Display Network Impression Reporting
● Google Analytics Demographic and Interest Reporting
● Integrated services that require Google Analytics to collect data via advertising cookies and identifiers
6.4 Google API Services
● We do not currently use Google API Services.
7.1 Your Choices Regarding Tracking Technologies
7.2 Cookie Management
You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our Services, though your access to some functionality and areas may be restricted.
7.3 Global Privacy Control
We respond to and honor the Global Privacy Control (GPC) signal. If you have the GPC enabled on your browser, we will treat it as a valid request to opt-out of the sale or sharing of your personal information for targeted advertising purposes.
7.4 Industry Opt-Out Tools
● Digital Advertising Alliance: You can opt out of receiving targeted ads from DAA participant companies
● Network Advertising Initiative: You can opt out of receiving targeted ads from NAI participant companies
● Your Online Choices: European-based opt-out platform for interest-based advertising
7.5 Do Not Track Signals
Some web browsers offer a “Do Not Track” (DNT) signal that indicates your preference regarding tracking and cross-site tracking. While we respect DNT signals, we currently do not respond to DNT signals because no uniform technology standard for recognizing and implementing DNT signals has been developed.
8. US State Privacy Rights
8.1 California Privacy Rights
Under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information.
6. DISCLOSURE OF INFORMATION
6.1 Categories of Recipients
We may share your personal information with the following categories of third parties:
6.1.1 Service Providers and Processors
We engage carefully selected third-party service providers to perform functions and provide services to us, including:
AI and Technology Providers:
● DeepSeek: For processing AI queries and generating responses through their API
● Vimeo: For video hosting services
Payment and Financial Services:
● Stripe: For payment processing, subscription management, and financial transactions
Analytics and Marketing Services:
● Google Analytics: For website analytics and user behavior tracking
● PostHog: For product analytics and user interaction analysis
● Google Tag Manager: For managing tracking codes and marketing tags
Infrastructure and Hosting Providers:
● Hostinger: For web hosting and server infrastructure
● WordPress.com: For content management and website operations
● DigitalOcean: For application hosting and database management
Communication and Support Services:
● Customer relationship management (CRM) systems
● Email service providers for transactional and marketing communications
● Customer support and helpdesk platforms
Others:
● WPForms
● Tutor LMS + Add-ons
● Paid Memberships Pro
● WooCommerce
● SureMail (SMTP)
● JWT Authentication for WP-API
● Google Analytics 4 (GA4)
6.1.2 Business Transfers
In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, we may share your personal information with prospective or actual purchasers, their representatives, and other participants in the transaction.
6.1.3 Legal Requirements
We may disclose your personal information to third parties when we believe disclosure is necessary:
● To comply with applicable law, regulation, or legal process
● To respond to valid governmental requests or court orders
● To protect the rights, property, or safety of Lionrock Labs Limited, our users, or the public
● To enforce our Terms of Service and other agreements
● To investigate and defend against third-party claims or allegations
6.1.4 Professional Advisors
We may share your personal information with professional advisors including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
6.2 International Data Transfers
6.2.1 Transfer Mechanisms
● Technical measures including encryption and pseudonymization
● Organizational measures including data processing agreements
● Regular assessments of third-party data protection practices
Each third party organization is engaged on the basis of formal written agreements which include the use of proportionate technical and organizational security measures such as Data Minimisation and Anonymisation.
6.2.2 Transfer Locations
Your personal information may be transferred to and processed in the following countries or territories:
● Hong Kong SAR: Where our offices/global headquarters are located
● Indonesia: Where our primary servers are located
● USA and EU: Where many of our service providers are based
● PRC: Where DeepSeek’s servers are located
6.3 Data Processing Agreements
We have implemented comprehensive data processing agreements with all third-party service providers that process personal information on our behalf. These agreements:
● Restrict processing to specified purposes
● Require appropriate security measures
● Prohibit use of personal information for other purposes
● Require notification of data breaches
● Ensure compliance with applicable data protection laws
7. TRACKING TECHNOLOGIES AND COOKIES
7.1 Types of Tracking Technologies We Use
We use various tracking technologies to collect and store information about your use of our Services:
7.1.1 Cookies
● Essential Cookies: Required for basic site functionality and security
● Performance Cookies: Collect information about how visitors use our website
● Functionality Cookies: Enable enhanced functionality and personalization
● Targeting Cookies: Used to deliver relevant advertising and track campaign performance
● Social Media Cookies: Enable social media sharing and integration
Please visit our Cookie Policy page for our most up-to-date policies regarding our use of cookies.
8. RIGHT TO KNOW
You have the right to request that we disclose certain information about our collection and use of your personal information over the past 12 months, including:
-
The categories of personal information we have collected about you
-
The categories of sources for the personal information we have collected about you
-
Our business or commercial purpose for collecting or selling that personal information
-
The categories of third parties with whom we share that personal information
-
The specific pieces of personal information we have collected about you
8.1.1 Right to Delete
You have the right to request that we delete any of your personal information that we have collected from you and retained, subject to certain exceptions.
8.1.2 Right to Correct
You have the right to request correction of inaccurate personal information that we maintain about you.
8.1.3 Right to Opt-Out
You have the right to direct us not to sell or share your personal information for cross-context behavioral advertising purposes.
8.1.4 Right to Limit Use
You have the right to limit the use and disclosure of your sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer.
8.1.5 Right to Non-Discrimination
We will not discriminate against you for exercising any of your CCPA/CPRA rights.
8.2 CCPA/CPRA Disclosure
8.2.1 Categories of Personal Information Collected
In the preceding 12 months, we have collected the following categories of personal information:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email address, IP address | YES |
| Personal information categories listed in the California Customer Records statute | Name, contact information | YES |
| Protected classification characteristics under California or federal law | Age, gender | NO |
| Commercial information | Purchase history, products purchased | YES |
| Biometric information | Genetic, physiological, behavioral characteristics | NO |
| Internet or other similar network activity | Browsing history, search history | YES |
| Geolocation data | Physical location or movements (IP-based) | Limited |
| Sensory data | Audio, electronic, visual, thermal, olfactory | NO |
| Professional or employment-related information | Current or past job history | NO |
| Non-public education information | Education records | NO |
| Inferences drawn from other personal information | Profile reflecting preferences | YES |
8.2.2 Disclosure and Sale of Personal Information
In the preceding 12 months, we have not sold or shared personal information for cross-context behavioral advertising purposes. We have disclosed personal information for business purposes as described in Section 6 of this Policy.
8.3 Other US State Privacy Laws
We comply with other comprehensive state privacy laws, including:
8.3.1 Virginia VCDPA
● Right to access, correct, delete, and obtain a copy of personal data
● Right to opt out of targeted advertising, sale of personal data, and profiling
● Right to appeal our response to your request
8.3.2 Colorado CPA
● Similar rights to Virginia with additional requirements for universal opt-out mechanisms
● Specific requirements for data protection assessments
8.3.3 Connecticut CTDPA
● Rights similar to Virginia and Colorado with specific timing requirements for responses
● Requirements for data minimization and purpose limitation
8.3.4 Utah UCPA
● More limited rights compared to other states
● Focus on opt-out rights for targeted advertising and sale of personal data
8.3.5 Nevada Privacy Law
● Right to opt out of sale of covered information
● Specific verification requirements for requests
9. INTERNATIONAL DATA TRANSFERS
9.1 Transfer Impact Assessments
We conduct Transfer Impact Assessments (TIAs) for international data transfers to ensure that:
● The laws and practices of the destination country do not impinge on the effectiveness of our transfer mechanisms
● Appropriate supplementary measures are implemented where necessary
● Continuous monitoring of legal developments in destination countries occurs
9.2 Your Rights Regarding International Transfers
You have the right to obtain information about the appropriate safeguards we have in place for international data transfers by contacting us using the details provided in Section 1.3.
10. DATA SECURITY
10.1 Security Measures
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure.
10.1.1 Technical Security Measures
● Encryption: We use encryption in transit (TLS 1.2+) and at rest (AES-256)
● Access Controls: Role-based access controls and principle of least privilege
● Network Security: Firewalls, intrusion detection, and prevention systems
● Vulnerability Management: Regular security scanning and patching
● Data Backup: Regular backups and disaster recovery procedures
● Secure Development: Security-focused software development lifecycle
10.1.2 Organizational Security Measures
● Security Policies: Comprehensive information security policies and procedures
● Employee Training: Regular security awareness and data protection training
● Confidentiality Agreements: Binding confidentiality obligations on employees
● Incident Response: Documented incident response and breach notification procedures
● Vendor Management: Security assessments of third-party service providers
10.2 Data Breach Response
In the event of a personal data breach, we will:
● Notify affected individuals and relevant supervisory authorities as required by law
● Investigate the breach and take steps to mitigate its effects
● Implement measures to prevent similar breaches in the future
● Comply with all legal breach notification requirements
11. DATA RETENTION
11.1 Retention Periods
We will only retain your personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.
11.1.1 Specific Retention Periods
● Account Information: Retained for the duration of your account plus 3 years for business records
● AI Conversation History: Retained for 30 days for service functionality, then permanently deleted
● Financial Records: Retained for 7 years for tax and accounting purposes
● Marketing Data: Retained until you opt-out or for 3 years after last engagement
● Analytics Data: Aggregated and anonymized after 26 months
11.2 Criteria for Determining Retention Periods
In determining the appropriate retention period for personal information, we consider the:
● Amount, nature, and sensitivity of the personal information
● Potential risk of harm from unauthorized use or disclosure
● Purposes for which we process your personal information
● Whether we can achieve those purposes through other means
● Applicable legal, regulatory, tax, accounting, or other requirements
11.3 Data Deletion
Upon expiration of the applicable retention period, we will securely delete or anonymize your personal information in accordance with our data destruction policies and procedures.
12. YOUR DATA PROTECTION RIGHTS (for European Union and United Kingdom citizens)
12.1 Comprehensive Rights Overview
Depending on your location and applicable data protection laws, you may have the following rights:
12.1.1 Right to Access
You have the right to request copies of your personal information and information about how we process it.
12.1.2 Right to Rectification
You have the right to request correction of inaccurate or incomplete personal information.
12.1.3 Right to Erasure
You have the right to request deletion of your personal information in certain circumstances.
12.1.4 Right to Restrict Processing
You have the right to request restriction of processing of your personal information in certain circumstances.
12.1.5 Right to Data Portability
You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
12.1.6 Right to Object
You have the right to object to processing of your personal information in certain circumstances, including for direct marketing purposes.
12.1.7 Right to Withdraw Consent
Where we rely on consent as the legal basis for processing, you have the right to withdraw your consent at any time.
12.1.8 Right to Lodge Complaints
You have the right to lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work, or place of the alleged infringement.
12.2 Exercising Your Rights
12.2.1 How to Submit Requests
You can exercise your rights by:
● Using the privacy controls in your account settings
● Emailing us at support@lionrocklabs.com
● Using our automated request portal (if available)
12.2.2 Verification Process
We may need to verify your identity before processing your request, which may require additional information depending on the nature of your request and the sensitivity of the information involved.
12.2.3 Response Timing
We will respond to all legitimate requests within the timeframe required by applicable law, typically within 30 days.
12.2.4 Appeals Process
If we decline to take action on your request, you may appeal our decision by contacting us using the details in Section 1.3 and specifying that you wish to appeal.
12.3 Marketing Preferences
12.3.1 Email Marketing
You can unsubscribe from our marketing email list by:
● Clicking the unsubscribe link in the emails we send
● Contacting us using the details provided in Section 1.3
● Updating your preferences in your account settings
12.3.2 Targeted Advertising
You can opt out of targeted advertising by:
● Using industry opt-out tools mentioned in Section 7.3.3
● Adjusting your browser or device settings
● Using the Global Privacy Control signal
13. CHILDREN’S PRIVACY
13.1 Age Restrictions
Our Services are not intended for users under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us using the details in Section 1.3.
13.2 Age Verification
We implement reasonable measures to verify that users are 18 years or older, including:
● Requiring date of birth during registration where appropriate
● Implementing age-screening mechanisms
● Monitoring for potential underage usage
14. THIRD-PARTY WEBSITES AND SERVICES
14.1 External Links
Our Services may contain links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
Although we take reasonable care to ensure the quality of our partners, we accept no liability for any losses arising from any engagement with such third parties, all such interaction being solely at your own risk.
14.2 Third-Party Integrations
When you use third-party integrations with our Services, their own privacy policies will apply to your interactions with their services. We encourage you to read the privacy policies of every website and service you visit.
15. BUSINESS TRANSFERS
15.1 Change of Control
In the event that Lionrock Labs Limited is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.
15.2 Successor Obligations
The recipient of your personal information following such a transaction would be bound by the terms of this Privacy Policy and would be required to use your personal information in a manner consistent with this Policy, or to provide you with notice and an opportunity to consent to any different use.
16. CONTACT INFORMATION
16.1 General Inquiries
If you have questions or comments about this Privacy Policy, you may contact us at:
Lionrock Labs Limited
Unit 7, 8/F., Tower B
83 King Lam Street, Lai Chi Kok
Hong Kong
Email: support@lionrocklabs.com
16.2 Data Protection Authority
If you have concerns about our data practices, you have the right to lodge a complaint with your local supervisory authority. However, we encourage you to contact us first so we can attempt to resolve your concerns.
16.3 Representative in the European Union
Not applicable: This business primarily provides services online.
16.4 Data Protection Officer
We are not required to appoint a Data Protection Officer. However, please direct any and all data queries to:
Lionrock Labs Limited, Unit 7, 8/F., Tower B, 83 King Lam Street, Lai Chi Kok, Hong Kong.
17. DEFINITIONS
Personal Information: Any information relating to an identified or identifiable natural person.
Processing: Any operation or set of operations performed on personal information.
Data Controller: The entity that determines the purposes and means of processing personal information.
Data Processor: The entity that processes personal information on behalf of the controller.
Consent: Freely given, specific, informed, and unambiguous indication of agreement to processing.
Legitimate Interests: The interests of our business in conducting and managing our business.
18. GOVERNING LAW AND JURISDICTION
This Privacy Policy shall be governed by and construed in accordance with the laws of Hong Kong SAR, without regard to its conflict of law principles. Any disputes arising under this Policy shall be subject to the exclusive jurisdiction of the courts of Hong Kong SAR.