Cookie and Privacy Policy
Last Updated: August 13, 2025
This Cookie and Privacy Policy explains how lotus365.com (“lotus365”, “we”, “us”, or “our”) collects, uses, discloses, and protects information when you visit or use our website, services, and any related pages (collectively, the “Site”). We are committed to transparency and safeguarding your privacy.
Who We Are (Controller):
lottuss365.com
Registered office: [Your business address]
Email: [privacy@365login.com] (for privacy requests)
Data Protection Officer (if appointed): [Lotus365 Official Team / 7412 883720]
1) Cookie Policy
1.1 What Are Cookies?
Cookies are small text files placed on your device (computer, tablet, smartphone) when you visit a website. They help the site recognize your device, remember your preferences, and improve your overall experience. Cookies cannot access information stored elsewhere on your device.
1.2 How We Use Cookies
We use first-party and (where enabled) third-party cookies for the following purposes:
- Strictly Necessary Cookies – essential to make the Site work (e.g., page navigation, security, session management). The Site cannot function properly without these.
- Performance & Analytics Cookies – help us understand how visitors use the Site (e.g., pages viewed, time on site) so we can improve content and performance.
- Functionality Cookies – remember choices (e.g., language, region) to provide more personalized features.
- Advertising & Targeting Cookies – (if enabled) record your visit to the Site, pages visited, and links followed to deliver or measure relevant advertising and limit repetition.
Note: Advertising cookies are non-essential and require your consent where applicable.
1.3 Third-Party Cookies
Where enabled, we may use third-party services (e.g., analytics, ad tech, anti-bot/CDN, session replay) that set cookies in your browser. These providers have their own privacy practices. See Section 1.6 Cookie Table for examples.
1.4 Your Choices (Consent, Opt-Out & Browser Controls)
- Cookie Banner/Settings: On your first visit, you can accept or reject non-essential cookies via our cookie banner. You can change or withdraw consent anytime via [Manage Cookie Preferences].
- Browser Controls: You can set your browser to block or delete cookies. If you block essential cookies, some parts of the Site may not work.
- Global Privacy Control (GPC): Where required by law (e.g., California), we treat a valid GPC signal as an opt-out of sale/sharing of personal information or as a preference limiting targeted advertising.
- Do Not Track (DNT): DNT is not standardized; we honor required signals where applicable.
1.5 Cookie Retention
Cookies persist for varying periods. Session cookies expire when you close your browser; persistent cookies remain until they expire or you delete them. See durations in Section 1.6.
1.6 Cookie Table (Examples — edit to match your actual setup)
| Cookie Name | Provider | Purpose | Category | Duration |
|---|---|---|---|---|
__cf_bm | Cloudflare | Bot management / security | Strictly Necessary | 30 minutes |
PHPSESSID | 365login | Session state for logged areas/forms | Strictly Necessary | Session |
wordpress_logged_in_* | lotus365 (WordPress) | Authenticated user session | Strictly Necessary | Session |
wp-settings-*, wp-settings-time-* | lotus365 (WordPress) | UI preferences | Functionality | 1 year |
_ga, _gid, _gat | Google Analytics (if enabled) | Usage analytics | Performance & Analytics | 2 yrs / 24 hrs / 1 min |
_gcl_au | Google Ads (if enabled) | Ad conversion tracking | Advertising | 90 days |
_fbp | Meta (if enabled) | Ad measurement/retargeting | Advertising | 90 days |
_hjSession_*, _hjFirstSeen | Hotjar (if enabled) | UX analytics | Performance & Analytics | 30 min / 1 day |
cookie_consent_status | lotus365 / CMP | Stores consent choices | Strictly Necessary | 6–12 months |
Tip: Replace or remove rows to reflect your actual cookies and tools.
2) Privacy Policy
2.1 Scope
This Privacy Policy applies to personal data we process through the Site and related communications (e.g., newsletter sign-ups, contact forms). It does not cover third-party websites linked from our Site.
2.2 Information We Collect
- Information You Provide: Name, email, phone, messages in contact forms, newsletter preferences, account details if you create one, and any other information you choose to provide.
- Automatically Collected Data (Device/Usage): IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, links clicked, time stamps, approximate location (city/country), and similar telemetry.
- Cookies & Similar Technologies: As described in Section 1.
- From Third Parties (if applicable): Analytics and advertising partners, anti-fraud services, and service providers (e.g., email delivery).
2.3 Purposes & Legal Bases for Processing
We process personal data for:
- Providing the Site and Services (e.g., load pages, maintain sessions, respond to queries);
- Communications (e.g., respond to support requests, send service messages, newsletters with your consent);
- Analytics & Improvement (under consent or legitimate interests, depending on your location);
- Security & Fraud Prevention (e.g., detect bots, abuse);
- Legal Compliance (e.g., tax, regulatory requests).
Legal bases (as applicable): your consent, contract (provision of requested services), legitimate interests (site security, minimal analytics), and legal obligations. (EU/UK GDPR and similar frameworks require specifying these bases.)
2.4 Sharing & Disclosure
We may share personal data with:
- Service Providers/Processors: hosting/CDN, security/anti-bot, analytics, email/SMS, customer support tools.
- Advertising/Measurement Partners (if enabled): subject to your consent and choices.
- Affiliates and Corporate Transactions: in case of mergers, acquisitions, or asset transfers.
- Legal/Safety: to comply with law, enforce terms, or protect rights, property, or safety.
We do not sell personal information for money. Where “sale” or “sharing” is defined broadly (e.g., CPRA), your opt-out rights apply (see Section 2.9).
2.5 International Data Transfers
We may transfer your information to countries outside your own (e.g., to service providers). Where required, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions. For India, we comply with applicable cross-border rules under the Digital Personal Data Protection Act, 2023 and any government-notified restrictions. European Commissionmeity.gov.in
2.6 Data Retention
We retain personal data only as long as needed for the purposes described, including compliance with legal, accounting, or reporting requirements. Typical periods:
- Contact form data: 12–24 months;
- Newsletter lists: until you unsubscribe or after 24 months of inactivity;
- Server logs/security telemetry: 90–365 days (unless needed longer for investigations).
2.7 Security
We use administrative, organizational, and technical measures designed to protect personal data (e.g., HTTPS/SSL, access controls, encryption at rest where supported, least-privilege access). However, no method of transmission or storage is 100% secure.
2.8 Your Privacy Rights (Region-Specific)
A) India (DPDP Act, 2023):
Indian users (“Data Principals”) may have rights to access information, seek correction and erasure, withdraw consent, grievance redressal, and nominate a representative, subject to conditions. You may complain to the Data Protection Board of India regarding non-compliance. Submit requests via [privacy@365login.com]. meity.gov.inPRS Legislative Research
Verification & Authorized Agents (US):
We may require reasonable verification (e.g., email confirmation) and accept authorized agents where the law allows, with proof of authorization.
2.9 Marketing Communications
If you subscribe to our newsletter or updates, we will send you information consistent with your preferences. You may opt-out at any time via the unsubscribe link or by contacting us.
2.10 Automated Decision-Making/Profiling
We do not engage in automated decision-making that produces legal or similarly significant effects without human involvement. If we introduce such processing, we will provide required notices and choices.
2.11 Third-Party Links & Services
Our Site may contain links to third-party websites, plug-ins, or widgets. We are not responsible for their privacy practices. Review their policies before providing personal data.
2.12 Children’s Privacy
Our content is intended for audiences 18+. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal data, contact [privacy@365login.com] and we will delete it.
3) Managing Your Choices
- Cookie Preferences: Visit [Manage Cookie Preferences] to review or change your consent at any time.
- Email Preferences: Use the unsubscribe link in our emails or contact us.
- Ad Choices (where available): Use platform controls (Google/Meta) and your device settings to manage personalized ads.
4) Changes to This Policy
We may update this Policy to reflect changes in our practices or applicable laws. We will revise the “Last Updated” date above and, where required, provide additional notice.
5) Contact Us
For questions or to exercise privacy rights, contact:
Email: [privacy@365login.com]
Postal: [privacy@365login.com]