top of page

Privacy Policy

Last updated: October 28, 2023

Welcome to Lume VR.

1.1    This privacy notice (Privacy Notice) sets out the ways in which we, Lume VR Limited and its affiliates (we, us, our), collect and use your personal data (your personal information) in connection with our services. It also explains what rights you have to access or change your personal data, and how to exercise them. 

1.2    We are the data controller in relation to the personal data processed in accordance with this Privacy Notice (except where this Privacy Notice explains otherwise). This Privacy Notice and our procedures have been developed in line with the requirements of the EU General Data Protection Regulation, the Data Protection Act 2018 and other applicable national law (Data Protection Law).

1.3    Where we refer to ‘website’ in this Privacy Notice we are referring to the website at

1.4    Where we refer to ‘Services’ in this Privacy Notice we are referring to the Lume VR Services delivered as part of the Partner Program including, but not limited to, the PRO software application.

2.    ABOUT US
2.1    We are a company registered in England under company number 11425481, with our registered address as set out below. 

2.2    You can contact us as follows: 

Address: 26 Stanley Road, Oxford, England, OX4 1QZ, UK

3.1    Information that you provide to us

3.1.1    We will collect any information that you provide to us when you register your PRO account, make an enquiry about our services via email, post or via our website and subscribe to our mailing lists and newsletters via the website or when signing up via the software.
3.1.2    The information you provide to us might include your name, email address, company or employer name, and any other information you may include in your enquiry.


3.2    Information we collect about you

3.2.1    We will collect any information contained in any correspondence between us. For example, if you contact us by email or telephone, we will keep a record of that correspondence. 
3.2.2    When you sign up to our mailing list, e-mail newsletters or otherwise register an interest in us, we use technology to collect information about how you interact with our emails, including whether our emails are delivered to you and whether you open them, unsubscribe from them or click on any of the links which they contain.
3.2.3    We also use analytics tools on our website and Services to collect aggregated information. This includes information about how our visitors navigate and use the website or Service (including mouse movements and key presses) details of our visitors’ browsers, operating systems, device screen resolutions and screen sizes, internet protocol (IP) addresses, geographic locations, time zone settings and other technology on the devices they use to access our website or Service. We use this information for analysis purposes and, unlike the other types of information we collect from our website visitors or users, it cannot be used to identify individuals. For further information on these tools, please see paragraph 6 below. 

3.3    Information we receive from third parties

3.3.1    We may be provided with your contact details if you or your services are referred or recommended to us by a third party; and
3.3.2    We may also use publicly available sources and dedicated databases to obtain contact details for business purposes. 

4.1    We will use your information for the purposes listed below either on the basis of: 

4.1.1    performance of your contract with us and the provision of our services to you; 
4.1.2    your consent (where we request it); or
4.1.3    our legitimate interests (see paragraph 4.3 below). 

4.2    We may use your information for the following purposes:

4.2.1    to provide you with access to our website or Service in a manner convenient and optimal including sharing your information with our website hosts and developers (on the basis of our legitimate interest to ensure our website or Service is presented in an effective and optimal manner); 
4.2.2    as a client, to provide you with our services as agreed pursuant to the performance of our contract with you;
4.2.3    to keep in contact with you about our news, events, or new services that we believe may interest you, provided that we have the requisite permission to do so, and sharing your information with our e-mail marketing services provider (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so);
4.2.4    to carry out research about general engagement with our website or Service (on the basis of our legitimate interest in providing the right kinds of information and content to our website users); 
4.2.5    to protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including without limitation fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so); and 
4.2.6    to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so). 

4.3    Where we refer to using your information on the basis of our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:

4.3.1    personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you; 
4.3.2    providing you with direct marketing about our products and services unless you have asked to be taken off our mailing lists; and
4.3.3    protecting against fraud and other risks to our business.

4.4    Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in paragraph 9 below. 

5.1    In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we may share your personal data with third parties that we work with such as:

5.1.1    third parties who provide data processing and IT services to us including website hosting providers such as, Inc., data back-up, security and storage providers and cloud-based software providers;
5.1.2    other third-party service providers who help us run and improve our business. For example, providers of email services, marketing services, survey and market research providers, providers of fulfilment and postal services;
5.1.3    any selected third party that you consent to our sharing your information with for marketing purposes; 
5.1.4    third parties with whom we may choose to sell, transfer or merge parts of our business or our assets; and
5.1.5    any other third parties (including legal or other advisors, regulatory authorities, courts and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.

5.2    We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.

6.1    Our website and Service host,, Inc. and AWS use cookies to ensure that you get the most out of our website. Please find further details on the cookies we use on the website at

7.1    We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as: 

7.1.1    ensuring the physical security of our offices and other sites;
7.1.2    ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption; and
7.1.3    limiting access to your personal data to those in our company who need to use it in the course of their work. 

7.2    We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. Please contact us if you would like to be provided with the details of the retention periods for specific aspects of your personal data. 

7.3    It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

8.1    We are a global business based in the UK and we use third party service providers located in other countries to help us run our business. As a result of this we may transfer personal data outside of the European Economic Area (the European Economic Area being the European Union and Iceland, Liechtenstein and Norway, which is also referred to as the “EEA”).

8.2    Countries outside of the EEA may not have data protection laws that provide the same level of protection as those within the EEA and so whenever we transfer your personal data outside the EEA, we take steps to ensure all personal data is protected with adequate safeguards, such as by entering into the European Commission approved standard contractual clauses or transferring personal data to service providers in the USA which are part of the “EU-US Privacy Shield” scheme.

8.3    Please contact us if you would like further information on the specific mechanism we use when transferring your personal data out of the EEA or if you wish to request a copy of the relevant safeguards which we have put in place.

9.1    You have certain rights under Data Protection Law in respect of the information that we hold about you:

9.1.1    Access: You have the right to request confirmation that we are holding your personal data and to access a copy of the personal data that we hold about you. This is known as a “data subject access request” and enables you to check that we are handling your personal data lawfully;
9.1.2    Correction: You can ask us to change or complete any inaccurate or incomplete personal data we hold about you;
9.1.3    Erasure: You can ask us to delete or remove your personal data where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful reason for keeping it;
9.1.4    Objection: You can object to our processing of your personal data where we are relying on a legitimate interest if there is something about your particular situation which makes you believe it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes; 
9.1.5    Withdraw consent: If you have given us your consent to use personal data you can withdraw your consent at any time;
9.1.6    Transfer: You can ask us to provide the personal data which you have provided to us back to you or to a third party in a structured, commonly used, electronic form, so it can be easily transferred; and
9.1.7    Restriction: You can ask us to suspend the processing of your personal data, for example if you want to establish its accuracy or where you have objected to our use of it.

9.2    In addition, in accordance with Data Protection Law, you have the right to lodge a complaint about us to the UK Information Commissioner’s Office ( or the relevant authority in your country of work or residence.

9.3    Please note that some of these rights only apply in certain circumstances and we may not be able to fulfil every request. If this is the case, you will be notified of this at the time of your request. If you make a request, we may require specific information from you to help us confirm your identity. This is to ensure that personal data is not disclosed to anyone who does not have the right to receive it.

9.4    You may exercise your rights in 9.1 above by contacting us directly using the details set out in 2 above.

10.1    We may make changes to this Privacy Notice from time to time. We will post any changes to our website or notify you of any material changes by e-mail.

bottom of page