This page is required for you to understand your privacy rights. We know these pages always too long, but we tried to make it easier for you to read by using spacing, tables, and bullet lists.
Last Updated: November 27, 2023
We are committed to protecting the privacy and security of Your personal information.
This privacy policy does not apply to third-party services, websites, or businesses who may collect or receive data in connection with Your use of Our website.
- Interpretation and Definitions
- What are Your Personal Data Protection Rights?
- About Us
- PERSONAL DATA:
- DISCLOSURES AND COMPLIANCE
- COPPA: Children's Online Privacy Protection Act
- California Do Not Track Disclosures
- Privacy Rights for California Minors in the Digital World Act
- California's Shine the Light Law
- CCPA: California Consumer Privacy Act
- CCPA Personal Data Categories
- Personal Data Collected
- Personal Data Disclosed
- Personal Data Sold
- Third Party Links
- Changes to this Privacy Policy
- Contacting Us
Interpretation and Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
- Account means a unique account created for You to access Our Service or parts of Our Service.
- Company (referred to as either “the Company”, “Our Company”, “We”, “Us” or “Our” in this Agreement) refers to The Lum Group.
- Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
- Country refers to: Pennsylvania, United States
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- Personal Data (commonly referred to as Personal Information) is any information that relates to an identified or identifiable individual.
- Service refers to the Website.
- Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
- Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- Website refers to The Lum Group, accessible from https://thelumgroup.com
- You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
What are Your Personal Data Protection Rights?
Our Company would like to make sure You are fully aware of all Your data protection rights. These are the same rights that GDPR requires for GDPR-compliant websites. When using the Website, You are entitled to the following:
- The right to be informed – You have the right to know how Your Personal Data will be collected, processed, and stored, and for what purposes before such data is collected.
- The right to access – You have the right to request Our Company for copies of Your Personal Data.
- The right to rectification – You have the right to request that Our Company correct any Personal Data You believe is inaccurate. You also have the right to request Our Company to complete Personal Data You believe is incomplete.
- The right to erasure – You have the right to request that Our Company erase Your Personal Data, under certain conditions.
- The right to restrict processing – You have the right to request that Our Company restrict the processing of Your Personal Data, under certain conditions.
- The right to object to processing – You have the right to object to Our Company’s processing of Your Personal Data, under certain conditions.
- The right to data portability – You have the right to request that Our Company transfer the Personal Data that We have collected to another organization, or directly to You, under certain conditions.
- The right to not be subject to Automated Decision Making – You have the right to demand human intervention, rather than having important decisions made solely by algorithm.
For more information on these rights, please visit https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If You would like to exercise any of these rights, please contact Us using the contact information provided below.
About Us
The Lum Group is the data controller for this Website.
This Website’s main purpose is to introduce the Lum Group company.
If You have any questions, please contact Us using the contact information provided below.
PERSONAL DATA:
Cookies
What are cookies?
Cookies are text files placed on Your computer to collect standard Internet log information and visitor behavior information. When You visit Our Website, We may collect information from You automatically through cookies or similar technology.
For further information, visit allaboutcookies.org
Cookies on Our Website
Cookies on Our Website may be set and accessed by third-party data processors, including Google Analytics and Google Recaptcha. We use this data to view how many people are visiting Our site and to better understand how they use the website in order to improve the experience We provide. Although Google Analytics records information such as Your geographical location, device, internet browser and operating system, none of this data personally identifies You to Us. For more information, read Our Cookie Policy.
If You do not wish to have Google Analytics track You through any webpage, We recommend that You install the Google Analytics opt-out browser add-on built by Google.
For more information about cookie usage on Our Website, please check out Our Cookie Policy.
WHAT and HOW: What Personal Data do We collect? How do We collect this Data?
While using Our Service, We may ask You to provide Us, with Your consent, with the following Personal Data:
What Personal Data is Collected? | How is it Collected? |
---|---|
First Name | Emailing us directly |
Last Name | Emailing us directly |
Email Address | Emailing us directly |
Technical and Usage Data (cookies, IP address, operating system, browser type, etc) | automatically (such as through Google Analytics or plugins) |
Info You Provided to Us | Any additional info You may have provided in a direct email (example: address, phone number) |
Here’s another table to show which actions result in Data being collected:
Action | Data Collected |
---|---|
Emailing Us Directly | Email Address, Any data you provided in the correspondence (can include name, address, etc) |
Using or Viewing our Website | Technical and Usage Data |
We will ask for Your consent before using Your Personal Data for any purpose not covered in this Privacy Policy.
WHY: Why do We collect Personal Data?
Our Company collects Your data in order for Us to:
- Improve the Website
- Personalize Your Experience
- Respond to correspondence sent via email, or via mail
- Contact You for administrative purposes, such as:
- Responding to requests for account/information deletion or rectification
- Informing You of data breaches
- Informing You of changes to Our terms, conditions, and policies
- Informing You of updates to the Website
- Requesting feedback about Your use of the Website
- To comply with legal and regulatory requirements or obligations
- To meet contractual obligations
- To assist law enforcement and respond to subpoena
- Resolve disputes
- To protect the legal rights, property, and safety of Our Company and its Affiliates, including respective employees
- To protect legal rights, property, and safety of others
- To investigate or remedy violations of Our policies
Why do We use cookies?
Our Company uses cookies in a range of ways to improve Your experience on Our website, including:
- Understanding how You use Our website
- Type of Cookies: Session and/or Persistent Cookies
- Administered by: Google Analytics
- Purpose: These allow Us to view general visitor information, such as the number of unique visitors to a page
- Remembering if You Accepted Cookies
- Type of Cookies: Persistent Cookies
- Administered by: Us
- Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
WHEN: How long do We store Personal Data?
We will retain Your Personal Data for as long as necessary for the purposes for which We have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with Our legal obligations, resolve disputes, and enforce Our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
WHERE: Where is Personal Data stored and processed?
Where is Your Personal Data is stored and processed?
Your Personal Data collected through Our Services is stored and processed in the United States. We use United States-based servers from DigitalOcean, which is certified and adheres to the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework.
If You are accessing Our Website from outside the U.S., please be aware that You are sending information, including Personal Data, to the United States where Our servers are located. That information may then be transferred within the United States.
Please note that the country where We operate may have privacy and data protection laws that differ from, and are potentially less comprehensive or protective than those in Your country of residence. However, Our collection, storage, and use of Your Personal Data will at all times continue to be governed by this Privacy Policy.
Protection for Your Personal Data:
The security of Your Personal Data is important to Us. We use administrative, technical, and physical security measures to help protect Your personal information. While We have taken reasonable steps to secure the personal information You provide to us, please be aware that despite Our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, We cannot guarantee complete security if You provide personal information.
WHO: Who do We share Data with and Why?
We do not sell, trade, or otherwise transfer Your data to outside parties. This does not include the following:
- Third-party Service Providers – Our Company uses a number of trusted Service Providers to help Us operate Our Services. We may share data with them, and they may process personal data on Our behalf. Our current Service Providers are:
- DigitalOcean
- Purpose: For website hosting
- DigitalOcean’s Privacy Policy
- Privacy Shield Certified: Yes
- Google
- Purpose: For Google Analytics and Google Recaptcha
- Google’s Privacy Policy
- Privacy Shield Certified: Yes
- DigitalOcean
- Affiliates – Our Company may share or transfer Your Personal Data with Our affiliates, in which case We require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any subsidiaries, joint venture partners, or other companies that We control or that are under common control with Us.
- Business Transfers – Our Company may share or transfer Your information in connection with, or during negotiations of, any merger, sale of company assets, financing, bankruptcy, or acquisition of all or a portion of Our business to another company.
- For Legal Obligations – Our Company may disclose Your information in response to subpoenas, court orders, legal process, law enforcement requests, legal claims, or government inquiries, to investigate or remedy potential violations of Our policies, or to protect and defend the rights, interests, property, safety, and security of Our Company and others
- With Your Consent – We may share Your Personal Data with Your consent.
We will ask for explicit consent before sharing Your data with third parties for purposes other than described in this section.
Access and Control of Personal Data
Opt-out of emails:
To opt-out of non-required communications, click on the unsubscribe link provided in the emails You receive.
You cannot opt-opt of emails where communication is necessary for the Service provided to You as a User. For example, to send You notice of changes to Our policies and services and to send notices and other disclosures as required by law.
How can You manage cookies?
You can manage cookies by setting Your browser to not accept cookies. Visit allaboutcookies.org to learn how to remove cookies from Your browser. However, some of Our website features may not function as a result.
DISCLOSURES AND COMPLIANCE
COPPA: Children’s Online Privacy Protection Act
We do not willingly collect, use, or share Personal Data from children under the age of 13. We do not knowingly market to children under the age of 13.
If You learn that a child under the age of 13 has provided Personal Data, please alert Us to this promptly using the contact information below.
In the event that We learn that We have collected Personal Data from a child under age 13, We will delete that information as quickly as possible.
Please read Our Terms of Service to view the age requirement for using Our Services.
California Do Not Track Disclosures
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting You can activate to signal Your privacy preference not to have data about Your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized.
As such, We do not currently respond to DNT browser signals or any other mechanism that automatically communicates Your choice not to be tracked online. If a standard for online tracking is adopted that We must follow in the future, We will inform You about that practice in a revised version of this Privacy Policy.
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting. You can activate to signal Your privacy preference not to have data about Your online browsing activities monitored and collected. If You set the DNT signal on Your browser, We will not respond to such DNT browser signals.
To learn more about Do Not Track, please visit: https://allaboutdnt.com/
Privacy Rights for California Minors in the Digital World Act
Under the California Business and Professions Code Section 22581, California residents under the age of 18 who are registered users of online sites, services, or applications are allowed to request and obtain removal of content or information that they have publicly posted.
We currently do not allow individuals under 18 to register for an account on Our Website. If You learn that an individual under 18 has registered for an account, please email Us using the contact information provided below.
We will make sure the data is not publicly displayed on the Website, but be aware that Your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
California’s Shine the Light Law
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits Our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) We disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which We shared personal information in the immediately preceding calendar year. If You are a California resident and would like to make such a request, please email Us using the contact information provided below.
CCPA: California Consumer Privacy Act
Under California Civil Code Section 1798, California residents have certain rights with respect to their Personal Data. If You are a California resident, this section applies to You. We feel that everyone should have these rights, so even if You are not a California resident, this section also applies to You.
You have the following rights under CCPA:
- The right to notice
- You must be provided notice at or before the point of collecting Personal Data
- The right to know
- You have the right to request that a business disclose the categories of Personal Data collected, categories of sources from which Personal Data is collected, the business/commercial purpose, categories of third parties with which the business shares Personal Data, and specific pieces of Personal Data that We hold about You.
- You may request information about Your Personal Data for the preceding 12 months free of charge. You are limited to two requests in a 12-month period.
- The right to delete
- You have the right to request deletion of Your Personal Data, under certain conditions
- The right to opt-out
- You have the right to opt out of Us selling Your Personal Data to third parties
- The right to non-discrimination
- You have the right to exercise these rights without discrimination.
CCPA Personal Data Categories
Category of Personal Data | Examples (not necessarily what We collect) |
---|---|
Category A: Identifiers | First Name, Last Name, Email Address, Postal Address, Internet Protocol (IP) address, account name, alias, social security number, driver’s license or passport number |
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | Name, social security number, physical description or characteristics, signature, insurance policy number, education, state id card number, employment or employment history, bank account number, credit/debit card number, medical information, health insurance information, sexual orientation, etc.Some Personal Data from this category may overlap with other categories |
Category C: Protected classifications | Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information) |
Category D: Commercial Information | Records of: – personal property – products or services purchased, obtained, or considered, or – other purchasing or consuming histories or tendencies |
Category E: Biometric Information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns, such as: fingerprints, faceprints (facial recognization), voiceprints, iris or retina scans, keystroke, gait, sleep data, health data, or exercise data |
Category F: Internet or other electronic network activity information | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement |
Category G: Geolocation | Physical location or movements, usually a general geographical location |
Category H: Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information |
Category I: Professional or employment-related information | Current or past job history or performance evaluations |
Category J: Education Information | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records |
Category K: Inferences | Inferences drawn from any of these categories to create a profile about a consumer reflecting the consumer’s: preferences,characteristics,psychological trends,predispositions,behavior,attitudes,intelligence,abilities, oraptitudes |
Personal Data Collected
In the preceding 12 months, Our Company has collected the following categories of Personal Data:
Category of Personal Data | Collected | Examples of Data We Collect | Scenarios | |
---|---|---|---|---|
Category A: Identifiers | [NO] | First Name, Last Name, Email Address, Password | DIRECTLY PROVIDED BY YOU: Submitting contact form, Contacting Us via email | |
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | [NO] | Name | DIRECTLY PROVIDED BY YOU: Submitting contact form, Contacting Us via email | |
Category C: Protected classifications | [NO] | |||
Category D: Commercial Information | [NO] | |||
Category E: Biometric Information | [NO] | |||
Category F: Internet or other electronic network activity information | [NO] | |||
Category G: Geolocation | [YES] | General aggregated geolocation data | INDIRECTLY PROVIDED: Cookies set by Google Analytics | |
Category H: Sensory data | [NO] | |||
Category I: Professional or employment-related information | [NO] | |||
Category J: Education Information | [NO] | |||
Category K: Inferences | [NO] |
Personal Data Disclosed
In the preceding 12 months, Our Company has disclosed the following categories of Personal Data for business purposes (see preceding section for how we may get this personal data):
Category of Personal Data | Disclosed | To Whom |
---|---|---|
Category A: Identifiers | [YES] | DigitalOcean: website hosting |
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | [YES] | DigitalOcean: website hosting |
Category C: Protected classifications | [NO] | |
Category D: Commercial Information | [NO] | |
Category E: Biometric Information | [NO] | |
Category F: Internet or other electronic network activity information | [NO] | |
Category G: Geolocation | [YES] | Google Analytics for website analytics; DigitalOcean for for website hosting |
Category H: Sensory data | [NO] | |
Category I: Professional or employment-related information | [NO] | |
Category J: Education Information | [NO] | |
Category K: Inferences | [NO] |
Personal Data Sold
CCPA requires that businesses list all categories of Personal Data that a business has sold in the past 12 months. CCPA defines a sale as the exchange of Personal Data by a business to another business or third-party for monetary or other valuable consideration.
We share Your data with only trusted Service Providers and for the purposes listed in “WHO: Who do We share Personal Data with and Why?
We have not sold Personal Data. We do not and will not sell Your Personal Data, unless You give Us Your consent or direct Us to do so.
Category of Personal Data | Sold? |
---|---|
Category A: Identifiers | [NO] |
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | [NO] |
Category C: Protected classifications | [NO] |
Category D: Commercial Information | [NO] |
Category E: Biometric Information | [NO] |
Category F: Internet or other electronic network activity information | [NO] |
Category G: Geolocation | [NO] |
Category H: Sensory data | [NO] |
Category I: Professional or employment-related information | [NO] |
Category J: Education Information | [NO] |
Category K: Inferences | [NO] |
If You (Californian resident or not) would like to exercise any of these rights, You may contact Us using the contact information provided below. You will not be discriminated against for exercising these rights.
Upon receiving a request for access, change, or deletion of data, We may ask for more information to verify Your identity. Additional Personal Data collected during this process will only be used for the verification process; such data will be erased after the verification process and will not be shared or sold.
Third Party Links
Our Service may contain links to and from other websites that are not operated by Our Company. If You click on a third party link, You will be directed to that third party’s website. We do not accept any responsibility or liability for the privacy policies of third-party websites. We strongly advise You to review the Privacy Policy of every site You visit.
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites and services.
Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this page.
We will let You know via a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Your continued use of Our Services confirms Your acceptance of Our Privacy Policy, as amended. If You do not agree to Our Privacy Policy, as amended, You must stop using Our Services.
Contacting Us
If You have any questions about this Privacy Policy, You can contact Us:
- By email: contact@thelumgroup.com