We collect information to provide you with a seamless and personalised shopping experience. The types of information we may collect include:

We use the information we collect for the following purposes:

• To process and fulfill your orders, including shipping and delivery updates
• To manage your account and provide customer support
• To send transactional emails such as order confirmations and receipts
• To send marketing communications (only with your consent) — including new product launches, offers, and beauty tips from LUMÉA
• To personalise your experience and recommend products aligned with your preferences
• To analyse and improve our website, products, and services
• To comply with legal obligations and prevent fraud or misuse

You may opt out of marketing emails at any time by clicking the unsubscribe link in any email or contacting us directly.

LUMÉA does not sell your personal information to third parties. We may share your data with trusted partners only as necessary:

• Shopify — our e-commerce platform that powers our store and processes transactions
• Shipping & logistics partners — to deliver your orders (e.g., courier services)
• Payment processors — to securely handle payments
• Marketing tools — such as email service providers, only if you have opted in
• Legal authorities — when required by applicable law or court order

Our website uses cookies and similar tracking technologies to enhance your browsing experience. These include:

• Essential cookies — required for the website to function (e.g., shopping cart, login sessions)
• Analytics cookies — help us understand how visitors interact with our site (e.g., Google Analytics)
• Marketing cookies — used to deliver relevant advertisements and track campaign performance
• Preference cookies — remember your settings and preferences for future visits

You can manage or disable cookies via your browser settings at any time. Note that disabling certain cookies may affect the functionality of our store.

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Specifically:

• Order and transaction records are retained for a minimum of 5 years for accounting and legal compliance
• Account data is retained while your account remains active; you may request deletion at any time
• Marketing preferences and consent records are maintained until you opt out or withdraw consent

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request that inaccurate or incomplete data be corrected
• Deletion — request that your personal data be deleted ("right to be forgotten")
• Restriction — request that we limit how we process your data
• Portability — request your data in a structured, machine-readable format
• Objection — object to our processing your data for direct marketing purposes
• Withdraw consent — at any time, for any consent-based processing

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

We take the security of your data seriously. LUMÉA and Shopify implement industry-standard measures to protect your information, including:

• SSL/TLS encryption for all data transmitted through our website
• Secure, access-controlled servers with regular security audits
• Two-factor authentication for admin access
• PCI-DSS compliant payment processing

Our website may contain links to third-party websites, social media platforms, or partner brands. These sites have their own privacy policies, and we are not responsible for their practices. We encourage you to review the privacy policy of any site you visit through links on our platform.

LUMÉA's products and website are intended for individuals aged 18 and over. We do not knowingly collect personal information from children under the age of 13. If you believe a child has provided us with their information, please contact us so we can promptly delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we do, we will revise the "Last updated" date at the top of this page.

For significant changes, we will notify you via email or a prominent notice on our website. We encourage you to review this page periodically to stay informed.