lu

    Privacy Policy

    Last updated: August 15, 2025

    1. Introduction

    Lumos Cove ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our website, newsletter subscriptions, and any other services we provide.

    By using our services, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

    2. Information We Collect

    2.1 Information You Provide to Us

    • Newsletter Subscriptions: When you subscribe to our newsletter, we collect your email address.
    • Google OAuth Sign-up: When you sign up for early access using your Google account, we collect:
      • Email address
      • Full name (as provided by Google)
      • Google account ID
    • User-Generated Content: Any content you submit to our platform, including images, text, and other materials.

    2.2 Automatically Collected Information

    • Usage Data: Information about how you interact with our services, including pages visited, time spent on pages, and navigation patterns.
    • Device Information: Information about your device, including IP address, browser type, operating system, and device identifiers.
    • Cookies and Similar Technologies: We use cookies and similar tracking technologies to enhance your experience and collect usage information.

    3. How We Use Your Information

    We use the information we collect for the following purposes:

    • Providing Services: To provide, maintain, and improve our services on Lumos Cove.
    • Newsletter Delivery: To send you newsletters, updates, and promotional content related to wellness and our services.
    • Account Management: To manage your account, authenticate your identity, and provide customer support.
    • Analytics and Improvement: To analyze usage patterns, improve our services, and develop new features.
    • Marketing and Promotion: To promote our services and share relevant content with you.
    • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

    4. Legal Basis for Processing (GDPR)

    If you are located in the European Union (EU) or United Kingdom (UK), we process your personal data based on the following legal grounds:

    • Consent: We process your data for newsletter subscriptions and marketing communications based on your explicit consent.
    • Contract Performance: We process your data to provide our services and fulfill our contractual obligations to you.
    • Legitimate Interests: We process your data for analytics and service improvement based on our legitimate business interests, provided these interests do not override your fundamental rights and freedoms.
    • Legal Obligations: We may process your data to comply with applicable laws and regulations.

    5. Data Sharing and Disclosure

    We do not sell, trade, or otherwise transfer your personal information to third parties without your prior consent, except in the following circumstances:

    • Service Providers: We may share your information with trusted third-party service providers who assist us in operating our services, such as email delivery services and analytics providers.
    • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities.
    • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.
    • Protection of Rights: We may disclose your information to protect our rights, property, or safety, or that of our users or the public.

    Future Shopify Integration: In the future, we may integrate with Shopify services. If you choose to connect your Shopify account, we will only access and process the data you explicitly authorize us to access, and we will obtain your separate consent for such data sharing.

    6. Data Security

    We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

    • Encryption of data in transit and at rest
    • Regular security assessments and updates
    • Access controls and authentication measures
    • Secure data storage and backup procedures

    However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

    7. Data Retention

    We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

    • Newsletter Subscriptions: We retain your email address until you unsubscribe or request deletion.
    • Account Information: We retain your account information for as long as your account is active or as needed to provide services.
    • Analytics Data: We retain analytics data for up to 2 years for service improvement purposes.

    You may request deletion of your personal information at any time by contacting us. We will delete your information within 30 days of your request, subject to any legal obligations that require us to retain certain information.

    8. Your Rights (GDPR)

    If you are located in the EU or UK, you have the following rights regarding your personal data:

    • Right of Access: You can request a copy of the personal data we hold about you.
    • Right to Rectification: You can request correction of inaccurate or incomplete personal data.
    • Right to Erasure: You can request deletion of your personal data ("right to be forgotten").
    • Right to Restrict Processing: You can request restriction of processing in certain circumstances.
    • Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.
    • Right to Object: You can object to processing based on legitimate interests.
    • Right to Withdraw Consent: You can withdraw your consent at any time where processing is based on consent.

    To exercise these rights, please contact us using the information provided below. We will respond to your request within 30 days.

    9. Cookies and Tracking Technologies

    We use cookies and similar tracking technologies to enhance your experience and collect usage information. You can control cookie settings through your browser preferences. However, disabling cookies may affect the functionality of our services.

    We use the following types of cookies:

    • Essential Cookies: Required for basic functionality of our services
    • Analytics Cookies: Help us understand how visitors interact with our services
    • Functional Cookies: Remember your preferences and settings

    10. Third-Party Services

    Our services may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

    Google OAuth: When you sign up using Google OAuth, your information is processed in accordance with Google's Privacy Policy and our own privacy practices as described in this policy.

    11. International Data Transfers

    Your personal information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your information.

    12. Children's Privacy

    Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

    13. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.

    14. Contact Us

    If you have any questions about this Privacy Policy or our data practices, please contact us:

    Email: privacy@lumos.it.com

    15. Supervisory Authority

    If you are located in the EU or UK and have concerns about our data processing practices, you have the right to lodge a complaint with your local data protection supervisory authority.

    This Privacy Policy is effective as of the date listed above and applies to all users of Lumos Cove services.