PRIVACY POLICY

Last Updated: March 4, 2026

1. SCOPE AND APPLICABLE LAWS

This Privacy Policy describes how Leonessa Global Technology CO.,LTD. (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards your information when you use our website and services (collectively, the “Services”).  Leonessa Global Technology CO.,LTD. acts as the data controller responsible for the processing of personal information described in this Privacy Policy.

If you do not agree with this Privacy Policy, please do not use our Services.

This Privacy Policy is designed to comply with applicable data protection laws, including:

- The EU General Data Protection Regulation (GDPR)

- The UK GDPR and Data Protection Act 2018

- The California Consumer Privacy Act (CCPA) as amended by CPRA

- Other applicable U.S. state privacy laws

- Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)

- Australia’s Privacy Act 1988 and the Australian Privacy Principles (APPs)

- New Zealand Privacy Act 2020

- Applicable data protection laws of Middle East jurisdictions, including those in the United Arab Emirates, Kingdom of Saudi Arabia, and the State of Qatar.

If you are located in California, Canada, Australia, New Zealand, or a jurisdiction in the Middle East with specific privacy laws, additional rights may apply to you as described below.

2. INFORMATION WE COLLECT

A. Information You Provide to Us

Our website is designed to showcase our brand and facilitate initial contact. We collect personal information that you voluntarily provide when you inquire about our services, typically through a contact form. This information may include:

- Name

- Email address

- Phone number

- Message content: Any additional information you choose to include in your inquiry.

B. Information Automatically Collected

When you access our Services, we automatically collect certain technical information, primarily for website security, performance analytics, and to improve user experience. This may include:

- IP address

- Device type and identifiers

- Browser type and version

- Operating system

- Language preferences

- Referring URLs

- Usage data and interaction data

- Approximate geographic location

This data does not directly identify you but may be considered personal data under certain laws.

C. Information from Third Parties

If you log in using social login features from:

- Facebook

- X

- TikTok

We may receive limited profile information such as:

- Name

- Email address

- Profile image

- Public account information

We use this information solely to authenticate your account and provide Services. We do not control how these platforms process your information.

3. HOW WE USE YOUR INFORMATION

We process your personal information for the following legitimate business purposes:

- To respond to your inquiries: To contact you regarding your request, answer questions, and discuss potential design or project collaborations.

- To provide and operate our Services: To manage our website and communication tools.

- To communicate with you: To send you administrative information, such as updates to our terms or policies.

- To monitor performance and improve functionality: To analyze how users interact with our website and improve its design and performance.

- To ensure security and prevent fraud: To protect our website and users from malicious activities.

We do not sell your personal information.

We do not share personal information with advertisers for independent marketing use.

4. LEGAL BASES FOR PROCESSING (EU/UK USERS)

For users in jurisdictions that require a legal basis for processing (such as the UK or EU, if applicable), we rely on:

- Contractual necessity: (e.g., to take steps at your request before entering into a potential contract)

- Legitimate interests: (e.g., for analytics, website security, and responding to inquiries initiated by you)

- Legal obligations: To comply with applicable laws.

- Consent: Where required by law, such as for certain cookies

5. COOKIES AND TRACKING TECHNOLOGIES

We use cookies, pixels, and similar tracking technologies to enhance your experience on our website. These technologies are used for:

- Essential Functions: To ensure the website operates correctly and securely.

- Security

- Performance and Analytics: To understand how visitors interact with our site, measure site performance, and improve our content. This may include tools like Google Analytics, Meta Pixel, or TikTok Pixel, which collect information about your online activity on our site.

- Internal analytics

Where required by law (e.g., in the EU, UK, and certain other regions), we obtain your consent before placing any non-essential cookies. You can control and manage cookies through your browser settings or our cookie consent banner.

6. DATA SHARING AND DISCLOSURE

We may share personal information with specific categories of service providers who assist us in operating our business, such as:

- Cloud hosting providers

- Analytics service providers

- Security and fraud detection providers

- Professional advisors (e.g., legal and accounting firms)

We may also disclose information to legal authorities when required by law or to protect our legal rights. We do not sell personal data, nor do we share it with third-party advertisers for their own marketing purposes.

7. INTERNATIONAL DATA TRANSFERS

As a global company, your information may be processed in countries outside your country of residence. For instance, your data may be:

- Stored on international cloud servers located in various regions.

- Accessed by our authorized personnel in the jurisdictions where our teams operate.

When we transfer personal information across borders, we implement appropriate safeguards in accordance with applicable laws, such as contractual safeguards, standard contractual clauses (where required), strict access controls, and encryption in transit. By using our Services, you acknowledge that your information may be processed outside your country of residence.

8. DATA RETENTION

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected. This includes:

Inquiries: We will retain your contact information and related communications for a period of up to 24 months from our last contact to manage our sales pipeline and respond to follow-up inquiries. If our discussion leads to a business relationship, we may retain your information for the duration of that relationship plus any applicable legal retention periods.

Legal and Security Purposes: To comply with legal obligations, resolve disputes, and enforce our agreements.

When personal information is no longer required, we securely delete or anonymize it.

9. SECURITY MEASURES

We implement appropriate technical and organizational safeguards, including:

- Encryption in transit

- Access controls

- Authentication mechanisms

- Secure cloud infrastructure

- Monitoring and auditing systems

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

10. CHILDREN’S PRIVACY

Our Services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13.

11. YOUR PRIVACY RIGHTS

Depending on your jurisdiction, you may have the right to:

- Access your personal data

- Correct inaccurate data

- Delete your data

- Restrict processing

- Object to processing

- Data portability

- Withdraw consent

- Opt out of certain processing activities

California Residents

Under CCPA/CPRA, California residents may:

- Request disclosure of categories and specific pieces of data collected

- Request deletion of personal data

- Correct inaccurate information

- Opt out of sale (we do not sell data)

EU/UK Residents

You have the right to lodge a complaint with your local data protection authority.

Canadian Residents

You may request access to or correction of your personal information under PIPEDA.

To exercise any rights, contact: [email protected]

Australia and New Zealand Residents

If you are located in Australia or New Zealand and believe we have not addressed your privacy concerns, you may lodge a complaint with your local privacy regulator or data protection authority in accordance with applicable law.

Middle East Jurisdictions

Users located in certain Middle East jurisdictions may have additional rights under applicable data protection laws, including rights to access, correction, or deletion of personal data, subject to local legal requirements.

12. DO-NOT-TRACK SIGNALS

We currently do not respond to Do-Not-Track (DNT) browser signals, as there is no uniform standard for responding to them. You can manage tracking preferences through your browser settings or our cookie banner.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. If we make material changes, we will notify you by posting a prominent notice on our website or through direct communication where appropriate.

14. CONTACT INFORMATION

Leonessa Global Technology CO.,LTD.

Email: [email protected]

For privacy or data protection inquiries, including requests to exercise legal rights, you may contact us in English at the email above.