Privacy Policy

Last updated: 1st January 2026

Introduction

levato Ltd ("levato", "we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website levato.world and use our digital payment services.

Data Controller Information

levato Ltd is the data controller for the personal data we process. Our contact details are:

• Company: levato Ltd
• Address: 30 Dame Street, Dublin, D03 3486, Ireland
• Email: privacy@levato.world
• Phone: +353 19083703

Data We Collect

We collect various types of personal data to provide and improve our services. The data we collect includes:

Personal Information

When you contact us or use our services, we may collect:

• Name and contact details (email address, phone number, postal address)
• Company information and job title
• Payment and billing information
• Communication records and correspondence
• Account credentials and authentication data

Technical Information

We automatically collect certain technical information when you visit our website:

• IP address and location data
• Browser type and version
• Operating system and device information
• Website usage data and analytics
• Cookies and similar tracking technologies

How We Use Your Information

We process your personal data for various purposes based on different legal grounds. How we use your information depends on the services you use and your relationship with us:

Service Provision

We use of your data to:

• Provide our digital payment services and platform access
• Process payments and transactions
• Manage your account and provide customer support
• Communicate with you about our services
• Ensure compliance with legal and regulatory requirements

Business Operations

• Improve our services and develop new features
• Conduct analytics and research
• Prevent fraud and enhance security
• Marketing and promotional activities (with your consent)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract: To perform our contractual obligations and provide services
• Legitimate Interests: For business operations, security, and service improvement
• Legal Obligation: To comply with regulatory and legal requirements
• Consent: For marketing communications and optional services

Data Sharing and Disclosure

We may share your personal data with:

• Service providers and business partners who assist in delivering our services
• Financial institutions and payment processors for transaction processing
• Legal and regulatory authorities when required by law
• Professional advisers including lawyers, accountants, and auditors
• Third parties in connection with business transfers or restructuring

Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Specific data retention periods depend on the type of data and our business relationship with you. Generally, we retain customer data for the duration of the business relationship plus seven years for legal and regulatory compliance purposes. Website analytics and marketing data is typically retained for shorter periods as outlined in our Cookie Policy.

International Data Transfers

As levato operates within the European Union, your personal data is primarily processed within the EU/EEA. If we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses, or other approved transfer mechanisms under GDPR.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Request transfer of your data
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

• Email: privacy@levato.world
• Phone: +353 19083703
• Post: Data Protection Officer, levato Ltd, 30 Dame Street, Dublin, D03 3486, Ireland

Supervisory Authority

You have the right to lodge a complaint with the Irish Data Protection Commission if you believe we have not handled your personal data in accordance with data protection law. Contact details: www.dataprotection.ie

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.