Privacy policy

Last Updated: 5/21/2026

Introduction

Lumiqour LLC ("we" or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit Lumiqour.com or purchase our products and subscription-based services. It also explains your rights under applicable privacy and consumer protection laws in the United States, European Union, and United Kingdom. Lumiqour LLC is the "data controller" for purposes of EU and UK data protection law and the business or covered entity for purposes of applicable U.S. privacy laws where applicable. By using our website, you consent to the practices described in this Policy. If you do not agree with this Policy, please do not use our services. We may update this Policy periodically (see section on changes).

Personal Data We Collect

We collect information that identifies, relates to, describes, or could reasonably be linked with you ("Personal Data"). We collect this information in several ways:

  • Information You Provide Directly: When you place an order, subscribe to recurring refill services, register an account, contact customer support, or communicate with us, you may provide information such as your name, billing address, shipping address, email address, telephone number (optional), subscription preferences, payment details (payment card information is processed by our payment processors — we do not store full payment card numbers), and any special instructions or communications. If you contact us by email or through customer service channels, we may retain records of those communications. If you create an account or enroll in subscription services, we may also collect login credentials and profile-related information you voluntarily provide.
  • Information Collected Automatically: When you browse our Website, we use cookies, server logs, and similar technologies to automatically collect certain technical and device-related information. This may include your IP address, browser type, operating system, referring URLs, device identifiers, pages viewed, shopping cart activity, dates and times of access, and general Website interaction information. We currently limit automatic tracking technologies primarily to essential or functional technologies necessary for Website operation, account functionality, checkout processes, fraud prevention, and subscription management. For example, cookies may be used to remember shopping cart contents or maintain login sessions. We do not currently engage in extensive cross-site behavioral tracking or invasive advertising profiling practices.
  • Information from Third Parties: If you interact with us through social media platforms, advertising campaigns, payment providers, fulfillment providers, or future third-party login integrations, those third parties may provide us with limited information in accordance with their own privacy policies and your settings with those services. For example, advertising platforms may provide aggregate campaign analytics or attribution information relating to Website visits or purchases. We do not knowingly purchase personal information from data brokers for resale or unrelated advertising purposes.

We do not intentionally collect sensitive personal data (such as health information, biometric information, racial or ethnic origin data, or similar sensitive categories) unless voluntarily provided in connection with customer support inquiries. Our Website and services are not directed toward children under the age of 13, and we do not knowingly collect personal information from children under 13 (or under 16 in jurisdictions where a higher minimum age applies absent parental consent). If you believe a child has provided personal information to us, please contact us so that we may delete the information.

How We Use Your Personal Data

We use collected personal data for the following purposes:

  • To Fulfill Orders and Provide Services: We process your name, shipping address, billing information, payment confirmations, subscription information, and related data to process transactions, fulfill orders, administer recurring refill services, arrange shipping, and communicate regarding order confirmations, subscription renewals, shipping updates, and customer service matters. This processing is generally necessary to perform our contract with you or take steps requested by you prior to entering into a contract (including under Article 6(1)(b) GDPR where applicable).
  • Customer Service and Account Support: If you contact us with questions, refund requests, product concerns, accessibility issues, or support inquiries, we use your contact information and communications to respond, resolve issues, and improve support quality. We may also send service-related communications necessary for account administration, subscription management, security alerts, legal notices, or product-related updates.
  • Marketing Communications (Opt-In): With your consent where required by law, we may send newsletters, promotional emails, product announcements, special offers, or subscription-related promotions. We will only send marketing communications where permitted under applicable law or where you have affirmatively opted in. You may unsubscribe at any time by using unsubscribe links or contacting us directly. We do not sell your personal information to unrelated third parties for their own direct marketing purposes. Our marketing practices are intended to comply with applicable laws including CAN-SPAM, GDPR, UK GDPR, and related electronic communications regulations.
  • Subscription and Recurring Billing Management: If you enroll in subscription refill programs or recurring purchase plans, we use your data to manage recurring billing, process subscription renewals, provide renewal reminders where required, administer account access, and facilitate cancellation functionality.
  • Improving Website Functionality and Services: We may analyze aggregated, de-identified, or usage-related information to improve Website performance, troubleshoot technical issues, optimize customer experience, understand product demand, evaluate subscription usage trends, and improve operational efficiency. Where required by law, we will obtain consent before implementing additional analytics or non-essential tracking technologies.
  • Legal Compliance and Protection: We may process personal data as reasonably necessary to comply with legal obligations, accounting requirements, tax obligations, customs regulations, product safety obligations, lawful governmental requests, dispute resolution requirements, or fraud prevention efforts. We may also process information to protect our rights, customers, systems, intellectual property, personnel, or legal interests, including detecting unauthorized activity, preventing abuse, investigating violations of our Terms, or establishing and defending legal claims.

Legal Bases for Processing (EU/UK visitors): We process personal data only where a lawful basis exists under GDPR or UK GDPR. These legal bases may include:

  • Performance of a Contract: for data used to process orders, manage subscriptions, fulfill purchases, and provide products or services requested by you.
  • Consent: for marketing communications, non-essential cookies, promotional tracking technologies, or other processing activities requiring consent under applicable law.
  • Legitimate Interests: for processing reasonably necessary for our legitimate business interests, provided such interests are not overridden by your privacy rights. Examples include Website security, fraud prevention, operational analytics, customer service improvements, enforcing legal rights, and improving Website functionality. Where we rely on legitimate interests, we assess and balance those interests against applicable privacy rights.
  • Legal Obligation: where processing is required to comply with applicable laws, regulations, tax obligations, governmental requests, accounting obligations, or lawful enforcement requirements.

Cookies and Similar Technologies

Cookies: Cookies are small text files stored on your browser or device when you visit a website. We use a limited number of cookies and similar technologies on Lumiqour.com.

These may include:

  • Essential Cookies: These cookies are necessary for core Website functionality, including shopping cart operation, secure checkout, subscription management, account authentication, fraud prevention, and maintaining user sessions. Without these cookies, the Website may not function properly. Because they are strictly necessary to provide services requested by the user, consent is generally not required for these cookies under applicable law.
  • Functional Cookies: Functional cookies may be used to remember user preferences, language settings, account-related convenience features, or subscription selections in order to improve Website usability and customer experience.
  • Limited Analytics or Tracking Technologies: We currently seek to minimize the use of invasive third-party advertising or behavioral tracking technologies. If we introduce analytics technologies, advertising cookies, social media tracking tools, or other non-essential cookies in the future, we will update this Policy and implement legally compliant consent mechanisms where required under applicable laws including the EU ePrivacy Directive, UK PECR, GDPR, and similar regulations.

Do-Not-Track Signals: Our Website does not currently respond to browser "Do Not Track" signals because industry standards regarding DNT recognition remain inconsistent. However, we do not currently engage in extensive cross-site behavioral advertising practices.

Third-Party Websites: If you follow links to third-party websites or social media platforms (such as Instagram, Facebook, TikTok, or YouTube), those third parties may use their own cookies or tracking technologies. Our Privacy Policy does not govern third-party websites, and we encourage users to review the privacy policies of those external services.

Future Use of Cookies: If we expand our use of analytics, advertising technologies, personalization tools, or other non-essential tracking technologies in the future, we will implement appropriate consent banners, preference management tools, and opt-out mechanisms where legally required. Customers will continue to have the ability to reject or withdraw consent for non-essential cookies.

How We Share Your Personal Data

We value your privacy and do not sell personal information for monetary consideration or engage in unlawful sharing practices for cross-context behavioral advertising. However, we may share certain information with third parties where reasonably necessary to operate our business, provide services, or comply with legal obligations:

  • Service Providers: We use trusted third-party vendors and processors to perform functions on our behalf. Examples include: o Payment Processors: Third-party payment processors (such as Stripe, PayPal, Shopify Payments, or similar providers) process payment transactions securely. Payment card information is transmitted directly to those providers and is subject to their security standards and privacy practices. We generally receive limited payment confirmation details rather than full card information. o Shipping and Fulfillment Providers: We share customer names, shipping addresses, telephone numbers, and email addresses where necessary with shipping carriers, logistics providers, fulfillment centers, warehouses, or customs intermediaries in order to fulfill and deliver orders. o Cloud Hosting and Technology Providers: Our Website, customer data, subscription systems, and operational systems may be hosted or maintained using third-party cloud infrastructure providers, Website platforms, software vendors, security providers, and customer support tools. o Email and Communications Providers: We may use email service providers or communications vendors to distribute order confirmations, customer support communications, newsletters, marketing messages, or subscription-related notices.

All service providers processing personal information on our behalf are expected to implement reasonable confidentiality, privacy, and security protections consistent with applicable law. Where required, we maintain contractual data processing agreements with relevant providers.

  • Corporate Transactions: If Lumiqour LLC undergoes a merger, acquisition, reorganization, financing transaction, bankruptcy proceeding, sale of assets, or business transition, personal information may be transferred as part of that transaction. In such circumstances, we will seek to ensure that personal information remains protected under standards substantially consistent with this Policy.
  • Legal Compliance and Protection: We may disclose personal information to courts, regulators, law enforcement authorities, governmental agencies, or other authorized entities where reasonably necessary to comply with applicable law, legal process, subpoenas, lawful requests, fraud investigations, dispute resolution obligations, or protection of legal rights and safety interests.
  • With Your Consent: Where you have expressly consented to specific disclosures or integrations, we may share information in accordance with that consent.

We do not permit third parties to use your personal information for unrelated direct marketing purposes unless you have independently agreed to such use.

International Data Transfers

Lumiqour LLC operates internationally, and personal data may be transferred to and processed in jurisdictions outside your country of residence, including the United States and other jurisdictions where our service providers operate. If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with cross-border transfer restrictions, please be aware that personal data may be transferred to jurisdictions that may not provide the same level of legal data protection as your home country.

When transferring personal data internationally, we implement commercially reasonable safeguards intended to comply with applicable legal requirements, including GDPR Chapter V where applicable.

These safeguards may include:

  • Standard Contractual Clauses: We may implement Standard Contractual Clauses ("SCCs") or comparable contractual protections with applicable service providers and vendors where required.
  • Contractual and Technical Safeguards: We may implement data processing agreements, access controls, encryption measures, confidentiality obligations, and security protections designed to safeguard transferred data.
  • Consent or Other Legal Bases: In certain situations, transfers may occur based on your consent, contractual necessity, or other lawful transfer mechanisms permitted under applicable law.

You may contact us for additional information regarding safeguards relating to international transfers of personal data.

Data Retention

We retain personal data for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy unless a longer retention period is required or permitted by applicable law. In general:

  • Order and Transaction Data: We retain records relating to purchases, subscriptions, communications, payment confirmations, refunds, and account activity for the period reasonably necessary to comply with tax, accounting, legal, fraud prevention, warranty, and customer service obligations. Transactional records may be retained for several years where required by applicable law or legitimate business purposes.
  • Account Information: If you create an account with us, we retain your account information until you request deletion or until the account becomes inactive for an extended period. If you request account deletion, we will delete or anonymize personal information associated with the account except where retention is required by law, necessary to resolve disputes, enforce agreements, detect fraud, or protect legitimate legal interests.
  • Subscription Records: If you enroll in recurring subscription or refill programs, we may retain records relating to subscriptions, recurring billing authorizations, payment history, cancellation activity, and customer communications for legal, accounting, compliance, dispute resolution, and operational purposes.
  • Marketing Preferences: If you consent to receive marketing communications, we retain your marketing preferences and contact information until you unsubscribe or withdraw consent. After unsubscribing, we may retain limited information on suppression lists to ensure compliance with opt-out requests and applicable marketing laws.
  • Technical and Security Logs: Website server logs, fraud prevention records, authentication logs, and related security information may be retained for a limited period for operational integrity, cybersecurity monitoring, troubleshooting, and investigation of suspicious or unauthorized activity.

When we no longer have a legitimate need to retain personal data, we will take commercially reasonable steps to securely delete, anonymize, or restrict access to the information. Where deletion is not immediately possible (for example, because information exists within encrypted backups or archival systems), we will securely isolate the information and prevent further active processing until deletion becomes reasonably practicable.

Your Rights and Choices

Depending on your jurisdiction and applicable law, you may have certain rights regarding your personal data. We are committed to honoring applicable privacy rights and responding to lawful requests in accordance with relevant legal requirements.

For EU/EEA and UK Individuals (GDPR / UK GDPR):

  • Right to Access: You may request confirmation regarding whether we process your personal data and request access to a copy of the information we hold about you, together with information about how it is used.
  • Right to Rectification: You may request correction of inaccurate or incomplete personal data. Certain account information may also be updated directly through your customer account where available.
  • Right to Erasure: You may request deletion of your personal data in certain circumstances, such as where the information is no longer necessary for the purposes collected, consent has been withdrawn, or processing is unlawful. Certain information may nevertheless be retained where legally required or necessary for legitimate legal purposes.
  • Right to Restrict Processing: You may request temporary restriction of processing under certain circumstances, such as where the accuracy of information is contested or processing is being reviewed following an objection request.
  • Right to Data Portability: Where processing is based on consent or contractual necessity and carried out by automated means, you may request a copy of certain personal data in a structured, commonly used electronic format for transfer to another provider where technically feasible.
  • Right to Object: You may object to processing based on legitimate interests where your individual circumstances outweigh our interests. You also have the unconditional right to object to direct marketing communications, and we will stop marketing processing upon valid objection.
  • Right Relating to Automated Decision-Making: We do not currently engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals. If such processing were implemented in the future, applicable rights relating to human review and contesting automated decisions would be respected.

To exercise EU or UK privacy rights, please contact us at support@lumiqour.com. We may request reasonable verification of identity before fulfilling requests in order to protect privacy and prevent unauthorized disclosures. We will respond within the timeframes required by applicable law, including GDPR and UK GDPR response periods.

You also have the right to lodge a complaint with your local supervisory authority or data protection regulator, including authorities such as the ICO (United Kingdom) or supervisory authorities within the European Economic Area. We encourage you to contact us first so that we may attempt to resolve concerns directly and in good faith.

For California Residents and Other U.S. State Privacy Laws: Where applicable under laws such as the California Consumer Privacy Act (CCPA/CPRA) and similar state privacy frameworks, eligible consumers may have rights including:

  • Right to Know: You may request information regarding categories of personal information collected, sources of collection, purposes of processing, categories of disclosures, and specific personal information held about you.
  • Right to Delete: You may request deletion of personal information collected from you, subject to lawful exceptions.
  • Right to Correct: You may request correction of inaccurate personal information maintained about you.
  • Right to Opt-Out of Sale or Sharing: We do not sell personal information for monetary consideration and do not knowingly share personal information for cross-context behavioral advertising as those terms are defined under applicable law. If our practices change in the future, we will implement legally required opt-out mechanisms.
  • Right to Non-Discrimination: We will not unlawfully discriminate against individuals for exercising applicable privacy rights.

To submit a U.S. privacy request, you or an authorized agent may contact us at support@lumiqour.com with the relevant request details. We may require identity verification and proof of authorization where legally appropriate.

For Other Jurisdictions: If you reside in another jurisdiction providing privacy rights under local law (including Canada, Australia, Brazil, or similar frameworks), we will make commercially reasonable efforts to honor applicable requests in accordance with relevant legal obligations.

Email Preferences: You may unsubscribe from marketing communications at any time using unsubscribe links included in marketing emails or by contacting us directly. Transactional and service-related communications relating to orders, subscriptions, account security, or legal notices may still be sent where necessary for contractual or operational purposes.

Data Security

We implement commercially reasonable technical, organizational, and administrative safeguards designed to protect personal data against unauthorized access, misuse, disclosure, loss, alteration, or destruction. Security measures may include encryption technologies, HTTPS/TLS secure transmission, access restrictions, authentication procedures, fraud monitoring systems, security assessments, employee confidentiality obligations, and restricted internal access to personal information. Payment information is processed through PCI-compliant payment service providers.

We also maintain procedures intended to identify, investigate, and respond to suspected security incidents or data breaches, including notification procedures where required by applicable law.

Despite our efforts, no method of internet transmission, storage, or electronic communication can be guaranteed completely secure. Users are also responsible for maintaining the confidentiality of their account credentials and should notify us immediately if they believe unauthorized access to their account has occurred. We will never request your password through unsolicited email communications.

Third-Party Links

Our Website may contain links to external websites, social media pages, payment providers, logistics providers, or third-party services that are not operated or controlled by Lumiqour LLC. This Privacy Policy applies only to our Website and services. Once you leave our Website or interact with third-party services, the privacy policies and practices of those third parties will apply. We are not responsible for the content, security, or privacy practices of external services, and we encourage users to review the privacy policies of any third-party websites they visit.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our services, legal obligations, operational practices, technology, or business activities. The "Last Updated" date associated with this Policy indicates when revisions were most recently made.

If we make material changes to how personal data is collected, used, disclosed, or protected, we may provide additional notice through Website banners, email communications, account notifications, or other methods where required by law.

By continuing to use the Website or services after revised policies become effective, you acknowledge the updated Privacy Policy. If you do not agree with revised terms, you should discontinue use of the Website and may request deletion of personal information where applicable.

Contact Us

If you have questions, concerns, accessibility requests, or privacy-related inquiries regarding this Privacy Policy or our handling of personal data, please contact us at support@lumiqour.com.

We will make commercially reasonable efforts to respond to inquiries promptly and address concerns in good faith. If you believe your concerns have not been adequately resolved, you may also contact the appropriate privacy regulator or supervisory authority in your jurisdiction.