Compliance at Laritor

Effective Date: July 26, 2025
Last Updated: July 26, 2025

At Laritor, we take privacy, data protection, and security seriously. While we are a growing company, we have implemented thoughtful processes and safeguards to comply with global data protection regulations and build trust with our customers.

We comply with the core principles and rights established under the European Union’s GDPR:

• Lawful basis for processing (e.g. contract, consent, legitimate interest)
• Transparency through our Privacy Policy
• Right to access, rectify, delete, restrict, and object to processing
• Commitment to notifying users of data breaches within 72 hours
• Minimization of data collected and retention of logs for only 30–60 days

We have not yet appointed a formal Data Protection Officer (DPO), but we have designated an internal privacy contact to handle any GDPR-related requests at [email protected].

We are currently evaluating our need to appoint an EU/UK representative under Article 27, and plan to do so as we expand into those regions.

For California residents, we support the rights outlined in the CCPA:

• Right to know what personal information we collect
• Right to request deletion of personal data
• Right to opt-out of the sale or sharing of data (we do not sell data)
• Non-retaliation for exercising your rights

You can email [email protected] with any CCPA-related inquiries.

We are actively monitoring regulatory developments in:

• UK GDPR
• Brazil’s LGPD
• India’s Digital Personal Data Protection Act
• Canada’s PIPEDA

Where applicable, we aim to align with these frameworks and support individual rights.

We implement strong security controls across our systems, including:

• HTTPS and TLS encryption for all data in transit
• Role-based access controls and audit logs
• Multi-factor authentication (MFA) for internal systems
• Daily backups with short retention
• Data stored in secure environments

Learn more on our Security Page

We use carefully selected vendors to provide critical infrastructure. Each subprocessor is reviewed for security, reliability, and compliance with applicable laws.

You can view the full list on our Subprocessors page.

We are a very small team, but we believe strong privacy and security practices should scale with us — not be an afterthought.

• We respond to all data access, deletion, or correction requests within 30 days
• We limit retention of customer logs and monitoring data
• We log access to production systems and periodically review permissions
• We offer clear documentation for integrating Laritor securely

If you’re a legal, compliance, or security team and would like to evaluate Laritor for your organization, or request additional documentation (e.g., Data Processing Agreement, breach policy), please reach out.

Email: [email protected]
Company: Dudi Labs LLP
Location: 12-132/1, NGOS Colony, Siddipet, Telangana, India - 502103.