Privacy Policy

1. Introduction

Welcome to LUMORIA ("we," "us," or "our"). We are committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and share information when you visit our website, engage our media production services, or interact with our advertisements.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, LUMORIA is the Data Controller.

2. The Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together follows:

  • Identity Data: First name, last name, username, or similar identifier.
  • Contact Data: Billing address, email address, and telephone numbers.
  • Financial Data: Payment card details (processed securely via third-party providers) and bank account details.
  • Transaction Data: Details about payments to and from you and other details of services you have purchased from us.
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
  • Marketing & Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Collect Your Data

We use different methods to collect data from and about you:

  • Direct Interactions: You may give us your Identity, Contact, and Financial Data by filling in forms (via Typeform or our website) or by corresponding with us by email (Zoho Mail) or phone.
  • Automated Technologies: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and pixels (specifically the Meta Pixel).

4. How We Use Your Data & Our Tech Stack

We process your data using specific third-party tools to deliver our services. Below is how we utilize these providers:

Client Management & Marketing (GoHighLevel)

We use GoHighLevel as our Customer Relationship Management (CRM) and marketing automation platform. When you fill out a form or contact us, your data is stored here to help us manage your project, send appointment reminders, and deliver email marketing campaigns (only if you have consented).

Forms & Surveys (Typeform)

We use Typeform to collect project briefs, feedback, and intake information. Data entered into these forms is processed securely and often integrated directly into our CRM.

Design & Collaboration (Figma)

During the production process, we may use Figma for collaborative design and storyboarding. If your project involves specific assets or feedback containing personal data, it may be processed within this environment.

Invoicing & Communication (Zoho)

  • Zoho Books: We use this for accounting, invoicing, and maintaining financial records in compliance with UK tax laws (HMRC).
  • Zoho Mail: Our business email communications are hosted and processed via Zoho.

Payments (Square)

We use Square to process payments. We do not store your full credit/debit card details on our own servers. Your payment data is encrypted and processed directly by Square, which adheres to PCI-DSS (Payment Card Industry Data Security Standard).

Advertising & Analytics (Meta Ads)

We use Meta (Facebook/Instagram) Ads to market our services. We use the Meta Pixel on our website to:

  • Measure the effectiveness of our ads.
  • Optimize ad delivery to people likely to take action.
  • Create custom audiences for retargeting (showing ads to people who have visited our site).

5. International Transfers

Many of our external third parties (such as GoHighLevel, Figma, and Meta) are based outside the UK. Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (such as the UK International Data Transfer Agreement).

6. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting (Zoho Books), or reporting requirements. By law, we have to keep basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for six years after they cease being customers for tax purposes.

7. Your Legal Rights

Under the UK GDPR, you have rights regarding your personal data, including the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data ("the right to be forgotten").
  • Object to processing of your personal data (specifically regarding direct marketing).
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Withdraw consent at any time.

8. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us:

LUMORIA

80 Craddock StreetCardiff, Wales

CF11 6EW

Email: ayan@lumoriamedia.com

We take media seriously.

Privacy Policy

1. Introduction

Welcome to LUMORIA ("we," "us," or "our"). We are committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and share information when you visit our website, engage our media production services, or interact with our advertisements.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, LUMORIA is the Data Controller.

2. The Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together follows:

  • Identity Data: First name, last name, username, or similar identifier.
  • Contact Data: Billing address, email address, and telephone numbers.
  • Financial Data: Payment card details (processed securely via third-party providers) and bank account details.
  • Transaction Data: Details about payments to and from you and other details of services you have purchased from us.
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
  • Marketing & Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Collect Your Data

We use different methods to collect data from and about you:

  • Direct Interactions: You may give us your Identity, Contact, and Financial Data by filling in forms (via Typeform or our website) or by corresponding with us by email (Zoho Mail) or phone.
  • Automated Technologies: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and pixels (specifically the Meta Pixel).

4. How We Use Your Data & Our Tech Stack

We process your data using specific third-party tools to deliver our services. Below is how we utilize these providers:

Client Management & Marketing (GoHighLevel)

We use GoHighLevel as our Customer Relationship Management (CRM) and marketing automation platform. When you fill out a form or contact us, your data is stored here to help us manage your project, send appointment reminders, and deliver email marketing campaigns (only if you have consented).

Forms & Surveys (Typeform)

We use Typeform to collect project briefs, feedback, and intake information. Data entered into these forms is processed securely and often integrated directly into our CRM.

Design & Collaboration (Figma)

During the production process, we may use Figma for collaborative design and storyboarding. If your project involves specific assets or feedback containing personal data, it may be processed within this environment.

Invoicing & Communication (Zoho)

  • Zoho Books: We use this for accounting, invoicing, and maintaining financial records in compliance with UK tax laws (HMRC).
  • Zoho Mail: Our business email communications are hosted and processed via Zoho.

Payments (Square)

We use Square to process payments. We do not store your full credit/debit card details on our own servers. Your payment data is encrypted and processed directly by Square, which adheres to PCI-DSS (Payment Card Industry Data Security Standard).

Advertising & Analytics (Meta Ads)

We use Meta (Facebook/Instagram) Ads to market our services. We use the Meta Pixel on our website to:

  • Measure the effectiveness of our ads.
  • Optimize ad delivery to people likely to take action.
  • Create custom audiences for retargeting (showing ads to people who have visited our site).

5. International Transfers

Many of our external third parties (such as GoHighLevel, Figma, and Meta) are based outside the UK. Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (such as the UK International Data Transfer Agreement).

6. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting (Zoho Books), or reporting requirements. By law, we have to keep basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for six years after they cease being customers for tax purposes.

7. Your Legal Rights

Under the UK GDPR, you have rights regarding your personal data, including the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data ("the right to be forgotten").
  • Object to processing of your personal data (specifically regarding direct marketing).
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Withdraw consent at any time.

8. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us:

LUMORIAEmail: ayan@lumoriamedia.com