Ontoz

Legal

Privacy Policy

Last Updated: April 2026

1. Introduction

Welcome to Lending Labs. This Privacy Policy describes how Lending Labs (“we,” “us,” or “our”) collects, uses, and protects information when you visit our website at lendinglabs.io (the “Website”) or interact with us through inquiries, demo requests, or other communications.

We are committed to protecting your privacy and ensuring the security of your personal data in compliance with applicable data protection laws globally, including:

  • Digital Personal Data Protection Act, 2023 (DPDP Act) — India
  • Information Technology Act, 2000 and IT Rules, 2011 — India
  • General Data Protection Regulation (GDPR) — European Union
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) — United States
  • Personal Data Protection Act 2012 (PDPA) — Singapore
  • Personal Data Protection Act 2010 (PDPA) — Malaysia
  • Law No. 27 of 2022 on Personal Data Protection (PDP Law) — Indonesia

By visiting our Website or providing us with your information, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

2. About Our Software

Important Note: Lending Labs provides on-premise software solutions that are deployed and operated within our customers' own environments. We do not host, process, or have access to customer data that flows through our software. Our customers maintain full control and ownership of their data.

This Privacy Policy applies only to information we collect through our Website and business communications, not to data processed by our software in customer environments.

3. Information We Collect

We collect limited information to respond to your inquiries and provide information about our products and services.

3.1 Information You Provide Directly

  • Contact information when you request a demo or consultation (name, email address, phone number, company name, job title)
  • Information you provide when contacting us via email or contact forms
  • Newsletter subscription information (email address)
  • Any information you choose to share in correspondence with us

3.2 Information Collected Automatically

  • Device information (IP address, browser type, operating system)
  • Website usage information (pages visited, time spent, referring URLs)
  • Log data (access times, error logs)
  • Cookies and similar tracking technologies (as detailed in Section 7)

4. How We Use Your Information

  • Responding to your inquiries and demo requests
  • Providing information about our products and services
  • Sending newsletters and marketing communications (with your consent)
  • Improving our Website and understanding visitor behavior
  • Maintaining records of our business communications
  • Complying with legal obligations and protecting our legal rights

5. Legal Basis for Processing

Consent: When you provide your contact information for demo requests, newsletters, or other communications, you consent to our use of that information for the stated purposes.

Legitimate Interests: We process certain data based on our legitimate business interests, such as analyzing website traffic and improving our services, provided these interests do not override your fundamental rights (applicable under GDPR).

Legal Obligation: When we must process your data to comply with applicable laws and regulations.

6. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

6.1 Service Providers

We may engage third-party service providers for email delivery, website hosting, analytics, and CRM systems. These providers have access only to perform specific tasks and are obligated to protect your information.

6.2 Business Partners

With your consent, we may share your information with our authorized business partners or resellers if you have expressed interest in their services.

6.3 Legal Requirements

We may disclose your information when required by law or when necessary to comply with legal processes, protect our rights or safety, or prevent fraud.

6.4 Business Transactions

In connection with any merger, sale of company assets, financing, or acquisition, your information may be transferred as part of that transaction.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and understand how visitors use our site.

Types of Cookies We Use

  • Essential Cookies: Necessary for the basic operation of our Website, such as security and network management.
  • Analytics Cookies: Help us understand how visitors interact with our Website by collecting information anonymously (e.g., Google Analytics).
  • Marketing Cookies: Used to track visitors across websites to display relevant advertisements and measure campaign effectiveness.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our Website.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data. Our security measures include:

  • Encryption of data in transit using SSL/TLS
  • Secure storage of contact information
  • Access controls limiting data access to authorized personnel only
  • Regular security assessments and updates
  • Employee training on data protection practices

While we strive to protect your personal data, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but will notify you of any data breaches as required by applicable laws.

9. Your Rights and Choices

Depending on your location, you have various rights regarding your personal data:

Under Indian Law (DPDP Act)

Right to access, correct, erase, and port your personal data; right to withdraw consent; right to nominate another individual to exercise rights in the event of death or incapacity.

Under GDPR (EU/EEA)

Right of access, rectification, erasure (right to be forgotten), restriction of processing, data portability, objection to processing, and the right to lodge a complaint with a supervisory authority.

Under CCPA/CPRA (California)

Right to know, delete, opt-out of sale or sharing, correct inaccurate data, limit use of sensitive personal information, and non-discrimination for exercising your rights. Note: We do not sell personal information.

Under Singapore, Malaysia, and Indonesia Laws

Right to access, correct, and withdraw consent for collection, use, or disclosure of personal data.

To exercise any of these rights, please contact us at info@lendinglabs.io. We will respond within the timeframes required by applicable law (typically 30 days).

10. Data Retention

  • Lead and contact information: Retained for 3 years from last interaction, or until you request deletion
  • Marketing communications data: Retained until you unsubscribe
  • Email correspondence: Retained for 5 years for business record purposes
  • Website analytics data: Retained for up to 26 months

11. International Data Transfers

While our primary operations are based in India, we may transfer your data to jurisdictions outside your country of residence. When we transfer data internationally, we implement appropriate safeguards including Standard Contractual Clauses for EU data and compliance with PDPA and PDP Law requirements for Singapore, Malaysia, and Indonesia.

By using our Website and providing your information, you consent to such transfers subject to the protections described in this Privacy Policy.

12. Third-Party Links

Our Website may contain links to third-party websites. This Privacy Policy does not apply to such third-party sites. We encourage you to review the privacy policies of any third-party websites you visit.

13. Contact Us and Data Protection Officers

Lending Labs — Data Protection Officer

Email: info@lendinglabs.io

We will respond to your inquiry within 30 days of receipt, or as required by applicable law in your jurisdiction.

14. Grievance Redressal and Complaints

India (DPDP Act & IT Act)

Grievance Officer email: grievance@lendinglabs.io. Complaints are acknowledged within 24 hours and resolved within 30 days. If unsatisfied, you may file a complaint with the Data Protection Board of India.

European Union (GDPR)

You have the right to lodge a complaint with your local data protection supervisory authority at edpb.europa.eu.

Singapore (PDPA)

You may file a complaint with the Personal Data Protection Commission at pdpc.gov.sg.

Malaysia (PDPA)

You may file a complaint with the Personal Data Protection Commissioner at pdp.gov.my.

15. Children's Privacy

Our Website is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

16. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Privacy Policy with a revised “Last Updated” date and by sending an email notification if you have subscribed to our communications. Your continued use of our Website after any changes constitutes your acceptance of the updated Privacy Policy.

17. Consent

By visiting our Website or providing us with your information, you consent to the collection, use, and disclosure of your personal data as described in this Privacy Policy. If you do not agree, please do not use our Website or provide us with your information.

This Privacy Policy forms part of our Terms of Service.

Last Updated: April 2026 — © 2026 Lendingops Labs Private Limited. All rights reserved.

Join the Waitlist