Our online store is hosted by Magento and the payment platforms we use are PayPal and SagePay. Magento provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Magento's data storage, database and the SagePay application. They store your data on a secure server behind a firewall. Your personal data will also be stored in our MailChimp account until you unsubscribe from our mailing list.
What personal data do we collect?
When you provide us with personally identifiable information through this website, we respect your privacy. We will only use the personal information you provide when you fill in appropriate sections of our website to administer your account and to provide the products you have requested from us. By providing information like your name, email address, postal address and telephone number you agree to us contacting you with regards to the information you have requested.
Payment: When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
Sample request: When you provide a sample request to us to send you samples of our frames we will use this information to contact you on your request and provide you a service to get the samples to you. Your information is stored on our internal database and also added to our mailchimp account until you unsubscribe from our mailing list.
Subscribing to our website: You are opting in to our mailing list and you personal information will be used solely by us to send you information about new products, our news and other updates.
What do we do with your information?
Your information will enable us to process and supply the products or services you have requested. It will also enable us to process payment and to contact you where necessary concerning your orders and requests.
In particular, we use your information to notify you occasionally about important changes or developments to the website or our products and services.
We might also use your information, in accordance with your preferences, to let you know by email (or sometimes by other means) about other products and services which we offer which may be of interest to you. We also might contact you for your views on our products and services.
You have the right to object to any direct marketing we send you by contacting us via firstname.lastname@example.org.
We may also use aggregate information and statistics including "Cookies" for the purpose of monitoring website usage in-order to help us develop the website and our services and may provide such aggregate information to third parties. These statistics will not include any data that cane used to identify any individual.
If, at some time in the future, we wish to use your personal data in ways other than those out in this private notice, then we will notify you about this and seek your permission to do so.
Except where we are relying on your consent (which we will make clear), or where we are using your personal data either under a legal obligation or to fulfil our contract with you, we will be using your data in the manner stated above because we believe it is necessary in the legitimate interests of out business.
Disclosure of personal data
We do not sell, share or disclose your personal data to any third party for marketing purposes.
From time to time we may use other companies and individuals to provide services to us, such as delivering orders or processing credit card payments. These companies will be provided and have access to the personal data needed to perform their functions and not for any other purposes. They must process such data in accordance with this privacy notice and the GDPR.
We may disclose your personal data to any third party if we believe in good faith that such disclosure is necessary to (a) comply with the law or legal process (b) prevent fraud (c) protect the rights and property of Lumitrix Ltd. (d) to enforce our conditions of use or (e) protect against misuse or unauthorised use of website.
If, in future, a third party acquires Lumitrix Ltd or substantially all of its assets (whether merger, acquisition, organisation or otherwise) customer data, including personal information, may well be one of the transferred assets.
Storing and retaining data
We will retain your personal data for as long as it is necessary for the required service to be provided to you, and for a reasonable period thereafter (based on your Marketing preferences, and legal obligations or limitation periods) where it is still necessary for any lawful purpose. All retained personal data is subject to the controls of our internal data protection policy (which is required to be adhered to by Lumitrix Ltd) and will be securely disposed of when it is no longer necessary for a lawful purpose.
We take security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
How do I withdraw my consent?
If you have changed your mind about how we contact you, you may withdraw your consent for us to send you marketing communications (or any other activity where we are relying on your consent) at any time, by contacting us at email@example.com
Under the GDPR, you have the right to:
- require us to correct the personal data we hold about you if it is inaccurate;
- request that we erase your personal data (in certain circumstances);
- request that we restrict our data processing activities (in certain circumstances);
- receive from us copies of the personal data we hold about you, including for the purpose of transmitting it in a commonly used format to another data controller;
- object, on grounds relating to your particular situation, to any of our particular processing activities; and
- object to automated individual decision-making or profiling (i.e. where a significant decision is made about the individual without human intervention). Lumitrix does not currently do this.
None of these rights are unqualified and exceptions may well apply. In general we will seek to respond within one month of any such request. If you have any concerns about how we are processing your personal data, you can contact the Information Commissioner at www.ico.org.uk
Questions or complaints
By submitting your personal data you acknowledge and understand that we will use that data as set out in this policy. If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us at firstname.lastname@example.org or by mail at Lumitrix Ltd, 25 Barlby Road, London, W10 6AN.