Updated on Jan 21, 2025

LumApps Privacy Policy

This Privacy Policy sets out how LumApps uses and protects your personal data. It will help you understand what personal data we collect, why we collect it and what rights you have.

This Privacy Policy applies to:

your use of the LumApps website www.lumapps.com (“Website”);
your use of a LumApps portal called the ‘Hive’: https://hive.lumapps.com/portal/ (“Portal”);
when you register to receive a newsletter, to attend an event or where you share your personal data with us during a sales promotion, campaign or by completing any LumApps’ survey (for example to give us feedback); and
the processing of your personal data by LumApps collected through a third party or public website in connection with:
- - a job application or a LumApps job posting.
  - legitimate purposes, including marketing and promotional activities. In such cases, you will be duly informed of the source of the data collection, and you will retain the right to object to the processing of your data in accordance with applicable data protection regulations.
a job application or a LumApps job posting.
legitimate purposes, including marketing and promotional activities. In such cases, you will be duly informed of the source of the data collection, and you will retain the right to object to the processing of your data in accordance with applicable data protection regulations.

This Privacy Policy applies where LumApps processes your Personal Data as a ‘data controller’. This Privacy Policy does not apply where LumApps processes Personal Data in its capacity as a ‘data processor’.

In this Privacy Policy, references to “we”, “us” or “LumApps” are references to LumApps SAS and its affiliates. See here a full list of the defined terms used in this Privacy Policy.

1. WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU AND WHAT ARE THE SOURCES?

We collect your personal data when you use our Website or Portals, during sales promotion, or a campaign, when you register to our events or to receive Newsletters, to manage your account, when you download the Mobile App, or otherwise when you interact with us. Below are examples of the sources and categories of the personal data we collect on you.

A. The sources from which we obtain your personal data:

- How we collect personal data. In most cases, the personal data that we process is provided to us by you directly. You provide us with personal data either in person at our events or via the contact form on our Website or Portal.
- External or public sources. We may also obtain contact information from public sources, including content made public at social media websites, to make an initial contact with a relevant individual at a client or other company. Partners, such with which we offer co-branded services or engage in joint marketing activities.
- Automated technologies. When you visit our Website or the Portal, some data is created and generated during the use of our Website or Portal such as cookies, server logs and other similar technologies.

B. Personal data LumApps may collect about you

We may process the following contact information relating to you: name; title and name of the company represented; contact information (such as email address, postal address, and phone number); technology used; communication between you and LumApps; marketing opt-in’s / opt-out’s; publicly available information about you.
Analytics Data: The logging systems on our Website and Portals automatically log certain Analytics Data when you visit our Website or Portals. We use Analytics Data to operate and improve our services and may also use it to provide you with personalized information about LumApps. Although we do not normally use Analytics Data to identify you as an individual, you can sometimes be recognized from it, either alone or when combined or linked with your company and your contact information. In such situations, Analytics Data can also be considered personal data under applicable laws and we will treat such data as personal data. We may automatically collect the following Analytics Data when you visit or interact with our Website or Portals: IP address; geographical location; browser type; referral source; length of visits; pages viewed; heat mapping.

2. HOW DO WE USE AND PROCESS YOUR PERSONAL DATA AND WHAT LEGAL BASIS DO WE HAVE?

We will always use and process your personal data in accordance with the applicable laws.
For certain purposes, it is appropriate for us to obtain your prior consent. Where we rely on consent, you may at any time withdraw the specific consent by contacting us at privacy@lumapps.com.

Where we are relying on a basis other than consent, we process your personal data mainly to pursue our legitimate interest to (i) maintain and develop business relationships and to run and develop our business; (ii) to comply with our contractual obligations; and (iii) to comply with our legal obligations.

The legal basis for each purpose is as follow:

Purposes	CATEGORIES OF PERSONAL DATA PROCESSED	Legal basis
Use of our Website: Tracking the use of our website and activities, keeping our website up to date and relevant, developing our business, and informing our marketing strategy.	IP address Device and usage data	Consent
Registration: Register to be in LumApps contact list directly in person (e.g. during an event) or on our Website or Portals, to receive a Demo, Analyst reports, Checklists, Guides, Webinars, White papers, or products and services related information.	Name Job title Contact information (email address, postal address, and telephone number)	Consent
Your Testimonial: We may publish your testimonials and quotes on our Website or Portals. LumApps obtains consent from each customer and the featured individual, prior to posting their personal information and testimonial.	Name Job title Video footage or photographs	Consent
Manage your account: Processing of your contact business information for managing and billing your account, to provide you with important real-time information about our products, training, or services, to send you the information you have requested, to deal with your inquiries, and to ask you to leave a review or feedback on us.	Name Job title Contact information (email address, postal address, and telephone number)	Legitimate Interest
Prospecting: direct marketing and contacting publicly sourced prospects.	Name Job title Contact information (email address, postal address, and telephone number)	Legitimate interest (or consent if required by local laws)
To protect our business: In order to administer and protect our business, prevention of fraud, deal with any misuse of our Website or Portals, comply with our security policies at our locations, to handle claims and legal processes.	IP address Device and usage data	Legitimate Interest or Compliance with a Legal Obligation
Download the Mobile App: In order for you to download the Mobile App on your mobile device from an application store.	Name Job title Contact information (email address, postal address, and telephone number)	Consent
Use of our Portals: Tracking the use of the Portals and activities, keeping the Portals up to date and relevant, providing access to content, and informing our marketing strategy.	Name Job title Contact information (email address, postal address, and telephone number)	Consent

3. YOUR RIGHTS

You can execute and use any of your rights listed below, by contacting us by sending email at privacy@lumapps.com. In such a case, we ask you to provide us your name, contact details, as well as something that we can use to reasonably verify your identity. Once you have contacted us about this right, we will either comply with your request or explain the reasons we can’t comply.You have the following rights:

Access to your personal data: upon your request, we can confirm whether we are processing your personal data and what data we have about you.
Request information about how we process your Personal Data.
Rectify your personal data: you can ask us to correct or amend any inaccurate or incomplete personal data that we hold.
Erasure of your personal data: you have a right to ask us to remove your personal data from our database and the database of third parties. Please note there are situations where LumApps is unable to delete your data, for example when it’s still necessary to process the data for the purpose we collected it for, we have an overriding interest in continuing to process the data, for example where we need the data to protect our services from fraud, LumApps has a legal obligation to keep the data, or LumApps needs the data to establish, exercise or defend legal claims.
Restriction of processing of your personal data: you can ask us to restrict (suppress) or “block” processing of your personal data, for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data. This may, however, lead to fewer possibilities to use our services.
Data portability: if we process your personal data based on your consent, you have the right to require the transfer of the data you have provided us.
Object to processing your personal data: If we process your personal data based on public interest or our legitimate interest, you have the right to object to the processing of your data. Unless certain exemptions apply (such as there are compelling legitimate grounds, or the processing relates to a legal claim and we tell you about this) we will stop processing your personal data.
Withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.

‍

4. HOW TO EXERCISE YOUR RIGHTS

To exercise your rights, you may contact us at:

LumApps SAS
75 rue François Mermet, Tassin-la-Demi-Lune 69160
privacy@lumapps.com

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests.

‍

5. HOW DO WE SHARE YOUR PERSONAL DATA?

We will keep your personal data confidential except where disclosure is required or permitted by applicable laws. Only authorized personnel within LumApps have access to the data.

We may disclose your personal data to third parties to carry out our usual business practices. Disclosures will only be so that we can process your personal data for the purposes set out above. LumApps may share your personal data to the following third parties:

Our service providers;
Our affiliates;
Third Parties involved in a corporate transaction with us.
Commercial and technology partners
Professional advisers

We may also disclose or transfer personal data to fulfill legal obligations or when a legal authority requires a disclosure. We may also disclose personal data if we are a party of a business sale, such as a merger or an acquisition.

6. CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

Personal data must be accurate and current and we take all reasonable precautions to ensure that this is the case but we do not undertake to check or verify the accuracy of personal data provided by you. Please keep us informed if your personal data changes during your relationship with us by contacting us. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient, or incomplete personal data that you provide us.

7. INTERNATIONAL TRANSFER OF PERSONAL DATA

It is possible that personal data we collect from you may be transferred, stored and/or processed outside the European Economic Area (EEA), specifically in the United States. If personal data is transferred outside the European Union (EU), we make sure that (i) the transferee is located in a country with adequate safeguards (as decided by the EU commission from time to time), or (ii) the transfer occurs by using model clauses published by the EU commission.

8. DATA STORAGE PERIOD

We will not store personal data for a longer period than is necessary for the purpose described in this Privacy Policy, any contractual terms, or as required by law. The length of time that we hold your personal data may vary based on its purpose and will be reviewed regularly. For example, the personal data of potential clients is retained for a period not exceeding three (3) years from the last contact with the concerned person.

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.

9. SECURITY

LumApps collects and stores personal data in accordance with general industry standards and practices and has implemented appropriate technical and organizational measures taking into account the nature of the data processing. LumApps uses Google Cloud infrastructure, Google Infrastructure Security Design, and Google Cloud Platform. Access to personal data is also protected with user-specific logins, passwords, and user rights. Our premises are also safe and secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions.

10. CALIFORNIA RIGHTS

This Section provides details about the personal information we collect about California Residents. This Section fully incorporates all of the above stated Privacy Policy as if fully set forth below and your rights under the California Consumer Privacy Act (or “CCPA“) are intended to supplement the rights set forth therein.

Right to Opt-Out or unsubscribe. “Do Not Sell My Personal Information” and/or “opt-out” from “selling” of your Personal Information, are rights that you can exercise. You also have the right to opt-out from the subsequent “selling” of your Personal Information by a third party that received personal information after an initial “selling”. LumApps shares your information with service providers and other authorized third-parties as set forth in this Privacy Policy. To the extent that any such third party is not considered a service provider under the CCPA or the CCPA is interpreted in a way that any action of LumApps is a “sale”, is “selling”, or otherwise deriving an economic benefit from the sharing of your personal information as described in this Privacy Policy and to the extent that you wish us not to share such information, please submit your request using the methods listed below. You understand that the opt-out can only stop the “selling” of Personal Information, and it does not impact other uses of their information.

Right to not be discriminated against: LumApps will not discriminate against you for exercising any of the consumer’s rights under this Privacy Policy.

Authorized Agent: You have the right to designate an authorized agent to make any CCPA request on your behalf. LumApps reserves the right to ask for proof that such agent is in fact authorized by you.

For the exercise of the rights granted to California Residents, please note that LumApps may need to identify you and to ask for additional information in order to be able to fulfill your request. You can make your request at privacy@lumapps.com. In both instances, you may be required to provide your email address on file with us among other information. Upon verification of your identity, we will fulfill your request. However, we will not provide any information that we reasonably believe may be subject to fraudulent action.

11. CHILDREN’S POLICY

We do not collect data from children under 13. If we learn, we have collected personal data of a child under 13, or equivalent minimum age of jurisdiction outside the above circumstances, we will take the proper steps to remove this data. If you believe, at any time, that we have collected data from a child under 13, or if a parent or guardian needs to access, correct, or delete their child’s personal data, please reach out to privacy@lumapps.com.

‍

12. LINKS TO OTHER WEBSITES AND SERVICES

Our Website or Portal may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from our Website or Portal. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Policy does not apply to any personal information that you provide to these other websites and services.

13. PRIVACY POLICY UPDATES

We may update this Privacy Policy from time to time as it may deem necessary. If we make any substantial changes to this Privacy Policy and the way in which we use your personal data we will post these changes on this page. Therefore, please visit this page and read this Privacy Policy from time to time.

14. HOW TO CONTACT US

If you wish to correct your personal data held by us or to opt-out at any time from receiving marketing correspondence from us or to alter your marketing preferences, please contact privacy@lumapps.com.If you need to contact us in connection with our use or processing of your personal data, or gain access to it our contact details are:

LumApps SAS

75 rue François Mermet, Tassin-la-Demi-Lune 69160

‍privacy@lumapps.com

15. FAIR RESOLUTION COMMITMENT

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA, you have the right to lodge a complaint with the competent supervisory authority.

16. DEFINITIONS

Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Data Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; and

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

LumApps Legal Pages