Skip to main content

Privacy Policy

Welcome to Lume, operated by LUME Project Private Limited (“we,” “our,” or “us”). We take your privacy seriously, and this Privacy Policy outlines our commitment to protecting your personal information and maintaining your trust. This policy governs the data practices of Lume, and it applies to all individuals

— including visitors, registered users, event attendees, and anyone engaging with our services across our four key verticals:

Consultancy, Networking, Concierge, and Education & Internships.

As of the last update on 01-08-2025, this Privacy Policy reflects our current data practices. To stay informed about how we protect your privacy, we recommend periodically reviewing this policy, as we may make updates in response to changes in our operations, legal requirements, or industry standards.

In this comprehensive Privacy Policy, we aim to provide a clear and detailed understanding of how we handle your data.

Purpose of the Privacy Policy

The primary purposes of this Privacy Policy are as follows:

  1. Inform and Empower You:

We aim to keep you informed about how we collect, process, use, and protect your data. Knowledge is power, and we want you to understand your rights and choices when it comes to your personal information.

  • Protect Your Privacy and Security:

Your trust is vital to us. We take your privacy and data security seriously. Through this policy, we outline the measures we have in place to protect your data from unauthorized access, misuse, or breaches.

  • Compliance with Global Data Protection Standards:

In an increasingly interconnected world, our commitment extends to global data protection standards and principles. We strive to comply with applicable data protection laws and regulations, including the Digital Personal Data Protection Act, 2023 (India), and where relevant, global standards such as the General Data Protection Regulation (GDPR).

  • Clarify Your Rights:

Your privacy rights are essential, and we are dedicated to ensuring you are aware of them. This Privacy Policy explains how you can exercise your rights concerning your personal data.

  • Promote Transparency:

At Lume, we believe in openness. This Privacy Policy is our way of

being transparent about our data collection and usage practices. We want you to have a clear, honest understanding of how we handle your information.

4. User-Centric Approach:

Lume is built with a user-first mindset. Every vertical we operate — from Consultancy to Networking, Concierge, and Education — is designed to align with your goals and preferences. Your data helps us do that better, and we want you to have full visibility and control over how it’s handled.

Please take a moment to thoroughly review this Privacy Policy. By using Lume, you consent to the practices described herein. If you do not agree with these practices, we respectfully request that you refrain from using our services.

If you have any questions, concerns, or need clarification regarding your data privacy, feel free to reach out via the methods provided in the “Contact Information” section of this policy.

Scope of the Policy and Our Commitment to Data Protection

This policy applies across all touchpoints where Lume engages with its users — including events, digital platforms, concierge requests, workshops, and consulting interactions. Here’s what it covers:

  1. Data Collection (What We Collect & How):

We explain the types of information we collect — whether directly provided by you, automatically gathered during your interactions with our website, events, or services, or received from trusted third-party partners.

  • Data Usage (How We Use Your Info):

This section outlines the reasons we collect and use your data — to ensure seamless experiences, match you with the right opportunities, and deliver personalized services across all our verticals.

  • Data Sharing:

We describe the circumstances under which we may share your data

— including with service partners, legal bodies (if required), or during business restructuring. We never sell your data.

  • Your Rights and Choices:

You have rights over your personal data — including access, correction, deletion, or limitation. We empower you to exercise these rights easily and transparently.

  • Data Security:

Protecting your data is a top priority. This section details our security measures — including encryption, secure access protocols, and our response strategy in the unlikely case of a breach.

4. Data Retention:

Transparency around how long we hold onto your data — and why — is essential. This section gives you a clear view of our data retention timelines and the criteria we use to decide them.

7. International Data Transfers:

Lume’s vision goes beyond borders. If your data is transferred internationally to help us serve you better, we ensure it is protected under appropriate legal and security standards.

8. Children’s Privacy:

In line with applicable regulations (such as the Children’s Online Privacy Protection Act or Indian data protection laws), we do not knowingly collect personal data from children without verified parental consent.

U. Your Rights Under Data Protection Laws:

Whether it’s the Digital Personal Data Protection Act, 2023 (India) or global privacy norms, you have rights — to access, correct, delete, restrict, or object to the use of your data. This policy empowers you to exercise those rights.

  1. Policy Changes:

Lume is constantly evolving. When changes to this Privacy Policy happen — due to legal, operational, or strategic reasons — we’ll update you transparently so you’re always in the loop.

  1. Contact Information:

Your trust matters. For any questions or concerns related to data privacy, we’re just a message away. Reach out through the methods listed in the Contact section.

  1. Applicability:

Lume’s services go beyond just one platform — this Privacy Policy applies across all of our verticals and touchpoints, including consultancy engagements, events, networking programs, concierge support, and education partnerships.

  1. Governing Law, Dispute Resolution & Additional Clauses:

This policy is governed by Indian law, and any disputes shall be subject to resolution mechanisms outlined later in the document.

  1. Definitions:

To make things crystal clear, this section will define key terms and phrases you’ll come across throughout this document.

Information We Collect

At Lume, we collect different types of information to help us improve and personalize your experience. This includes data collected across our Consultancy, Networking, Concierge, and Education & Internship services. Here are the main categories of data we may collect

Personal Information

Personal information refers to data that can directly or indirectly identify an individual. At Lume, we collect such information to deliver meaningful experiences across our verticals — whether it’s consulting with a startup, managing an internship program, or sending curated concierge recommendations. Below are the categories of Personal Information we may collect:

  1. Name:

Your full name, first name, or last name may be collected based on your interaction with Lume — such as when registering for an event, subscribing to a service, or onboarding as a member.

  • Email Address:

Your email is a primary contact channel — used for account verification, updates, event invites, workshop access, and important communication.

  • Phone Number:

Occasionally, we may request your phone number for purposes such as OTP verification, quick communication, or event coordination.

  • Username and Password:

If you register on any of our platforms, you will create login credentials. These help us authenticate your identity and protect access to your personalized dashboard or services.

  • Postal Address:

For certain services like merchandise delivery, curated product shipping (via Concierge), or physical event access, we may request your postal address — always with your consent.

4. Payment Information:

When making payments (e.g., for masterclasses, consultations, or exclusive access), we may collect necessary financial data such as credit/debit card details, billing addresses, and transaction summaries. Your security is our priority, and we follow strict protocols for payment data handling.

7. Profile Information:

You may voluntarily share additional details such as profile pictures, gender, age, or preferences — helping us tailor your Lume experience across networking circles or education opportunities.

8. Content You Create or Submit:

Any messages, feedback, applications, reviews, or uploaded files (such as during internships or consulting sessions) may contain personal information. Please be mindful of what you choose to share, especially in open forums or discussions.

U. Other Information You Choose to Provide:

You might also share your professional interests, location, goals, or specific needs — for example, when filling out a form to be matched

with a mentor or investor. This is entirely voluntary and used to enhance your experience.

  1. Business Registration Certificate:

To maintain authenticity and credibility within our consultancy and networking verticals, we may request a valid Business Registration Certificate from entrepreneurs, startups, or companies engaging with Lume. This helps us verify the legitimacy of business participants and build a trusted ecosystem.

  1. Government-Issued ID for Individuals:

For individual professionals, freelancers, or interns engaging with our platform, we may request a copy of government-issued identification (such as Aadhaar, PAN, or Driving License). This ensures a secure, credible, and verified community within Lume.

Non-Personal Information

Non-Personal Information refers to data that does not directly identify you but helps us understand how you engage with Lume’s services. This data supports service improvements, feature development, and a better user experience — across consultancy, networking, concierge, and education initiatives. Here are the categories we may collect:

  1. Device Information:

We may collect data about the device you use to access Lume — including device type (e.g., mobile, desktop), operating system (e.g., iOS, Android), device model, browser type, and unique identifiers.

  • App or Platform Usage Data:

To improve functionality and understand user behavior, we track usage patterns — such as features accessed, navigation flows, screen time, clicks, and preferences set on the platform or web portal.

  • Aggregate Statistical Data:

We anonymize and combine user activity data to identify patterns, trends, and areas of improvement. This data never reveals your identity but helps us enhance the overall Lume experience.

  • User Demographics (Non-Identifiable):

Where applicable, we may collect non-identifiable demographic data such as age group, city, or professional category — especially helpful for curating services and personalizing content across our verticals.

  • Anonymized User-Generated Content:

Feedback, reviews, survey responses, or comments may be anonymized and analyzed to refine our programs and offerings — without revealing the identity of the contributor.

Information Collected Automatically (Cookies & Tracking Technologies)

At Lume, we use automated tools — including cookies, pixels, beacons, and similar tracking technologies — to understand how users interact with our services across all four verticals. These tools help us personalize your experience, enhance app and website functionality, and improve our performance. Here’s a breakdown of what we collect automatically:

  1. IP Address:

We may log your IP address — a numerical label that gives us a general idea of your location and helps us troubleshoot tech issues. This doesn’t identify you personally but allows us to detect regional trends and protect system integrity.

  • Device Identifiers:

Unique device identifiers, like your phone’s advertising ID, help us recognize returning devices. This is useful for personalizing your experience, remembering preferences, and improving service continuity across sessions.

  • Browser Type & Operating System:

Information like whether you’re using Chrome or Safari, or operating on iOS or Android, helps us ensure compatibility and deliver a smooth browsing or app experience tailored to your device.

  • Referring URLs:

If you arrive at Lume through an external link — like a social media post, ad, or partner website — we may record the referral source. This helps us track what marketing or campaigns are working best.

  • Pages Visited & Content Interactions:

We track which pages or sections you explore, where you click, and how you interact with our content. This data helps us understand what you’re most interested in and continuously improve the platform.

4. Dates & Times of Access:

We log when you use our services, helping us analyze peak activity periods and ensure platform availability during high-traffic times.

7. Clickstream Data:

Clickstream data is the sequence of actions you take on our site or app. It helps us map your journey across Lume’s offerings — from reading a blog to signing up for a masterclass or browsing concierge services.

Why We Use Cookies & Tracking Technologies:

These tools power core functions across Lume, including:

  1. Authentication:

Cookies help identify and verify you during logins — keeping your account

secure and session stable.

  • Personalization:

From saving your event preferences to suggesting relevant consultancy programs — cookies let us make your experience uniquely yours.

  • Analytics:

We analyze anonymized data to measure how users engage with our content, which helps us tweak and evolve our platform intelligently.

  • Advertising:

Cookies may be used to show you relevant offers, campaigns, or content — and to understand how effective those ads really are.

How We Collect Information

Lume collects information through multiple channels — both directly from you and automatically — to power our four core verticals: Consultancy, Networking, Concierge, and Education. These data points help us deliver curated, secure, and value-driven experiences.

1.     Directly from You

When you actively engage with Lume’s services, platforms, or events, we collect information you choose to provide. This may include:

  • Account Registration:

Signing up on Lume requires sharing essential details such as your name, email ID, username, and password to create a secure and personalized profile.

  • Profile Creation:

You may optionally enhance your profile by uploading a picture or adding details like birthdate, gender, or preferences. These details help us personalize your experience but are always provided voluntarily.

  • Communication:

If you reach out to our team — for support, inquiries, partnerships, or feedback — we collect the content of your communication to respond effectively and track concerns.

  • User-Generated Content:

Any reviews, comments, submissions, or uploads made by you within the platform or during Lume activities may be stored and reviewed to improve engagement and authenticity.

  • Transactions:

For any payments made (event tickets, consultancy sessions, merchandise, etc.), we securely collect billing details, payment method data, and transaction records. Your financial data is handled with the highest security standards.

2.       Automatically Through Your Use of Lume’s Platforms

We also collect certain information passively, through your usage of Lume’s digital interfaces (website, app, onboarding tools, etc.):

  • Device Information:

Details like device model, operating system, screen resolution, and browser type help us optimize design and compatibility.

  • Platform Usage Data:

We analyze how you navigate through Lume — including what features you use, events you attend, or settings you customize — so we can make the product better and more intuitive.

  • Aggregate Statistical Data:

User activity across the board is anonymized and aggregated to help us see patterns — like most-used features or popular events — without tying the data back to any one individual.

  • User Demographics (Non-Identifiable):

We may collect anonymous demographic insights such as age range, city, or interest category — especially useful when designing relevant educational programs or concierge offerings.

  • Anonymized User-Generated Content:

Content submitted through feedback forms or event reviews may be anonymized and analyzed to enhance our experiences, without compromising privacy.

Information Collected from Third Parties

In addition to data collected directly from you or via our platforms, Lume may also obtain certain categories of information from trusted third-party sources to enhance our service experience:

1.     Service Providers:

We may receive information from service providers who support us in offering core functionalities. This can include customer support, platform infrastructure, payment processing, and analytics.

2.       Business Partners:

In the context of strategic partnerships (e.g., collaborative programs, sponsored initiatives, or educational tie-ups), relevant data may be shared in accordance with formal agreements to deliver a seamless experience.

3.       Social Media Platforms:

If you choose to log in or sign up using a social media account (such as Google, LinkedIn, or Instagram), we may receive limited profile details as permitted by your privacy settings and the respective platform’s data policies.

4.       Analytics and Advertising Partners:

To deliver tailored experiences and improve our outreach efforts, we may work with analytics and ad technology partners who provide data about audience preferences, browsing behaviour, or campaign interactions.

Use of Information

We use the information collected — whether directly, automatically, or via third parties — for multiple essential purposes that power Lume’s offerings across Consultancy, Networking, Concierge, and Education & Internships.

Purposes for Collecting and Using Information

  1. Service Provision:

We use your data to operate and manage your account, facilitate services, process transactions, and provide support.

  • Personalisation:

Your preferences help us tailor what you see — be it curated networking opportunities, investment matches, educational content, or fashion/concierge offerings.

  • Communication:

Whether it’s sharing event updates, course notifications, follow-ups, or personalised recommendations — we use your contact information to stay connected.

  • Analytics and Improvement:

By understanding how users engage with Lume’s platforms, we enhance functionality, user experience, and overall impact.

  • Advertising:

To ensure relevance, we may use your data to run targeted ads and promotions, either on Lume platforms or through third-party channels.

4. Security:

We process information to verify user identities, detect fraud, prevent misuse, and ensure safe environments across Lume’s physical and digital spaces.

7. Compliance and Legal Obligations:

We may process your information to meet legal, regulatory, or tax requirements applicable to our operations.

8. Research and Development:

We use user data to drive innovation — from developing new programs under Consultancy or Education to refining concierge and community offerings.

U. Custom Content:

Your interactions help us deliver more relevant content — such as curated events, expert insights, or recommended sessions.

Legal Bases for Data Processing

Our processing of your personal information is grounded in several legal bases, including:

  1. Contractual Necessity:

For services you opt into — like mentorship programs, networking platforms, or educational tracks — we process your data to fulfil our agreement.

  • Legitimate Interests:

To improve our offerings, ensure platform integrity, or analyse trends, we rely on legitimate business interests, while being mindful of your rights.

  • Consent:

In specific instances (e.g., marketing opt-ins), we seek your consent. You can withdraw it anytime.

  • Legal Compliance:

We adhere to all applicable laws, including those concerning taxation, financial transactions, and data protection.

  • Vital Interests:

In rare cases, we may process data to protect the safety or wellbeing of users or third parties.

4. Public Interest:

When applicable, we may process anonymised or aggregate data in the context of research, education, or public good.

Data Sharing

At Lume, we respect the confidentiality of your data and ensure that any sharing is done with clear purpose and appropriate safeguards. This section outlines how and when your data may be shared:

Sharing with Third Parties

We may share your information with external entities under the following circumstances:

  1. With Your Consent:

We will only share your personal information with third parties if you have explicitly granted us consent to do so. You have the right to withdraw this consent at any time.

  • For Collaborations and Integrated Offerings:

When participating in experiences such as expert workshops, concierge requests, or educational programs delivered in partnership,

your data may be shared with verified partners to ensure smooth delivery of those services. These arrangements will typically be governed by separate terms or partnership disclosures.

  • With Social Media Platforms:

If you choose to log in or engage via your social media accounts (e.g., LinkedIn, Google), we may share information with those platforms in accordance with your privacy settings and their policies.

  • For Advertising Purposes:

Certain data may be shared with marketing and advertising partners to deliver relevant and personalised advertisements across various channels — especially for promoting specific events, networking opportunities, or Lume services tailored to your interests.

Service Providers

We partner with third-party service providers to support Lume’s operations across Consultancy, Networking, Concierge, and Education. These providers may have access to personal data strictly for the following functions:

  1. Data Storage and Hosting:

We use secure third-party cloud infrastructure for platform hosting, data backups, and storage.

  • Payment Processing:

Financial transactions — including membership payments, sponsorships, or workshop enrollments — are facilitated through verified payment gateways that ensure compliance and security.

  • Analytics and Performance Monitoring:

We use third-party tools to analyse user interactions, improve platform performance, and optimise content delivery across verticals.

  • Customer Support and Communication:

External tools or service teams may be involved in responding to user queries, assisting during onboarding, or managing feedback and event RSVP flows.

  • Security Services:

We collaborate with cybersecurity service providers to monitor threats, prevent unauthorised access, and protect your information across all digital touchpoints.

Legal Requirements

We may disclose your information when necessary to comply with legal and regulatory frameworks. This includes, but is not limited to:

  1. Compliance with Laws and Regulations:

Your information may be disclosed to meet obligations under Indian

data protection laws, taxation authorities, or as part of compliance with legal proceedings and government directives.

  • Protection of Rights and Enforcement:

In circumstances where it is essential to safeguard Lume’s rights, property, or security — or to protect users against fraud or malicious activity — we may share relevant data with authorised entities.

Business Transfers

In the event of a merger, acquisition, or strategic reorganisation of LUME Project Private Limited, your personal data may be transferred to another entity involved in the transaction. Should such an event occur, you will be notified, and your rights and choices regarding your data will be preserved.

Your Choices

At Lume, we believe in empowering you with control over your data. This section outlines the choices available to you in how your information is accessed, used, and managed across all our services — Consultancy, Networking, Concierge, and Education.

Access and Control Over Your Information

You have full rights to access, review, and manage the personal information we collect. These rights include:

  1. Access Your Data:

You may request access to the personal data we hold about you — anytime.

  • Correct Your Data:

If your data is outdated or incorrect, you can request a correction to keep your profile current.

  • Delete Your Data:

Under certain conditions, you can request for your data to be deleted, unless retention is legally or contractually required.

  • Data Portability:

You can request a copy of your data in a standard, machine-readable format, if you wish to transfer it elsewhere.

  • Object to Processing:

You may object to the processing of your data for specific use cases, such as direct marketing or automated profiling.

4. Withdraw Consent:

If you previously gave consent for data processing, you may withdraw it at any point. Your choice will be honoured moving forward.

7. Manage Preferences:

You can edit your communication and visibility preferences in your profile settings or by contacting our team.

Opting Out of Marketing Communications

We respect your inbox — and your time. You’re in control of how and when we reach out:

  1. Unsubscribe Anytime:

Every promotional email or message includes an opt-out link. Click it anytime to stop receiving marketing content.

  • Update Communication Preferences:

You can manage what kind of updates you receive — about events, internships, networking circles, or consulting opportunities — from within your account or by contacting us directly.

Cookie Preferences

We use cookies and similar technologies to improve your experience, but you’re always in control:

  1. Cookie Settings:

Manage your cookie preferences via your browser or our platform’s cookie control options.

Note: Disabling certain cookies may affect your experience or access to some features.

Data Security

Data security is not just a checkbox for us — it’s a foundational pillar of trust. Whether you’re a student, business founder, investor, or consultant, your data is safe with Lume.

Security Measures and Safeguards

Here’s how we actively protect your data:

  1. Encryption:

All sensitive information is encrypted both during transmission and while stored.

  • Access Controls:

Only verified Lume personnel can access personal data — and only when absolutely necessary.

  • Authentication Layers:

Strong passwords, two-factor authentication (2FA), and other

protective layers are enforced wherever applicable.

  • Monitoring & Auditing:

We monitor systems around the clock and conduct routine security audits to detect anomalies and reinforce weak spots.

  • Timely Software Updates:

We ensure the latest security patches and protocols are applied to prevent exposure to known vulnerabilities.

4. Team Training:

Our team undergoes frequent training on privacy compliance and data handling best practices.

7. Firewalls & Intrusion Detection:

Advanced firewall systems and intrusion detection tools keep unauthorised users out.

8. Regular Security Assessments:

We run periodic assessments and ethical hacking tests to identify and resolve any new or potential threats.

Data Breach Notification

At Lume, we take every possible measure to secure your data. But in the rare event of a breach that could impact your privacy or rights, we act fast, responsibly, and transparently. Here’s how we handle such situations:

Our Response Protocol

  1. Assessment and Identification

We immediately assess any suspected breach, determine its origin, scope, and the kind of data involved.

  • Notification to Authorities

Where legally required, we notify the appropriate government or regulatory authorities, in compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, under India’s IT Act.

  • User Communication

If there’s a risk to your privacy, we will notify you directly, with details about the breach, what data was affected, and recommended next steps — in a timely and transparent manner.

  • Damage Control & Remediation

We take immediate action to fix the issue, patch vulnerabilities, and implement preventive measures to avoid future incidents.

Data Retention

We retain your data only for as long as it serves a specific, legal, or operational

purpose. Once it’s no longer needed, we either delete or anonymise it. Here’s how that works:

How Long We Retain Information

  1. Account Information

Your core account info (like username, email, etc.) is retained for as long as your Lume account is active. If you choose to close your account, we may retain the data for a limited period for legal, billing, or audit purposes.

  • User-Generated Content

Comments, messages, or contributions you make to community features may be retained as long as they’re relevant or visible. Once deleted, they may remain in secure backup archives temporarily.

  • Transaction Data

Financial records (like invoice data or payment history) are retained as required under Indian tax and accounting laws — typically for 7–10 years.

  • Cookies and Tracking Data

Information collected via cookies and tracking technologies is retained based on your consent settings and in alignment with our Cookie Policy.

How We Decide Retention Duration

  1. Nature and Sensitivity of Data

Sensitive data (like ID documents or financial details) is stored with added protection and for only the required timeframe.

  • Legal Compliance

We follow laws that prescribe minimum or maximum retention periods (such as India’s IT Act, 2000 and related data retention rules).

  • Operational Relevance

If the data helps us run audits, analyse platform performance, or improve user experience — it may be retained longer under secure storage.

  • User Requests

You have the right to request deletion or editing of your data, which we’ll respect unless otherwise legally bound.

  • Security and Risk Mitigation

Retaining data temporarily may be necessary to monitor suspicious activities, fraud, or platform abuse.

Once the data has fulfilled its purpose, we ensure it is securely deleted or anonymised. Your privacy is not just protected — it’s respected.

International Data Transfers

Lume serves a global audience across our consultancy, networking, concierge, and education verticals. This means your data may be transferred across borders to ensure seamless service delivery, especially when you’re interacting with mentors, partners, or opportunities beyond your home country.

Transfer of Information Across Borders

Your personal information may be processed in countries other than where you reside. These countries might have data protection laws that are different—and in some cases, less protective—than those in your country. But no matter where your data goes, we ensure it’s secure.

Here’s how we protect your information internationally:

  1. Standard Contractual Clauses (SCCs):

When applicable, we use data protection mechanisms like SCCs that are approved by international data regulators to safeguard cross- border transfers.

  • Data Processing Agreements:

We enter into legal agreements with third-party vendors and service providers that handle your data to ensure full compliance with relevant data protection laws.

  • User Consent:

In certain cases, we may ask for your explicit consent before transferring your data to countries where privacy protections may differ from your own.

Regardless of geography, your privacy remains our priority. We make sure your data is treated in accordance with this policy—wherever it’s processed.

Children’s Privacy

At Lume, we are committed to protecting the privacy of children, especially as we expand into educational content and internship opportunities.

Compliance with Indian Law and COPPA

  1. Children’s Online Privacy Protection (COPPA) & Indian IT Rules: While we do not target children under 13 years of age, in alignment with COPPA and India’s IT Rules, 2011, we avoid knowingly collecting any personal data from children without verified parental consent.
  2. Age Verification:

If it becomes apparent that a user is under 13 and using our platform without consent, we will take appropriate steps to delete their data or

acquire parental permission.

  • Parental Control:

We encourage parents to guide their children’s online interactions. If you’re a guardian and believe your child has shared personal data with us unintentionally, please contact us immediately (see “Contact Information”).

Note: Some of our education content may be suitable for high-school students or young adults under guidance, but parental discretion is advised.

Your Rights Under Data Protection Laws

As a user of Lume, you are entitled to certain rights regarding your personal data. These are based on international and Indian data protection frameworks, including the Digital Personal Data Protection Act (DPDPA), 2023.

1.     Right to Access

  • What it means: You can request details of the personal data we hold about you, including how we use it and why.
    • How to exercise: Contact us via the methods listed in the “Contact Information” section. We may ask for identity verification.

2.       Right to Rectify

  • What it means: If your data is inaccurate or incomplete, you can request corrections or updates.
    • How to exercise: You can do this through your profile settings or by writing to us directly.

3.       Right to Erasure (Right to Be Forgotten)

  • What it means: In some cases, you may ask us to delete your data. This is subject to legal and operational exceptions.
    • How to exercise: Submit a deletion request through our support channels. We’ll review and respond in compliance with applicable laws.

4.       Right to Data Portability

  • What it means: You can request a copy of your data in a machine- readable format to use with another service.
    • How to exercise: Drop us a formal request via email, and we’ll guide you through the process.

Right to Object

  1. What it Means:

You have the right to object to the processing of your personal data for certain purposes—such as direct marketing or processing based on our legitimate interests. We will respect your objection unless we can demonstrate compelling legal grounds that override your rights and freedoms.

  • How to Exercise it:

You can submit an objection request by contacting us through the communication channels listed in the “Contact Information” section.

Right to Restrict Processing

  1. What it Means:

In certain situations, such as when the accuracy of your data is contested or the processing is unlawful, you may request that we restrict the processing of your data rather than deleting it.

  • How to Exercise it:

You can submit a restriction request via email or customer support. Each request will be carefully assessed based on legal obligations and the context in which the data is being used.

We are committed to upholding your rights and facilitating your control over your data, in compliance with India’s Digital Personal Data Protection Act, 2023 (DPDPA) and other applicable regulations.

Policy Changes

We may update this Privacy Policy to reflect changes in our operations, services, legal requirements, or data handling practices.

Notification of Policy Changes

  1. Notice in App or Website:

For any material updates, we will provide notice within the app or website. If legally required, we will also obtain your consent for the updated policy.

  • Email Notification:

If you’ve shared your email with us, you may receive direct notifications of changes via email.

  • User Responsibility to Review:

We encourage you to periodically review the Privacy Policy. Your continued use of Lume’s services after any changes constitutes your acceptance of the updated terms.

Date of Last Update:

This version of the Privacy Policy was last updated on 05-08-2025.

Contact Information

If you have questions, concerns, or requests regarding your data and privacy,

we encourage you to get in touch:

How to Contact Us

  1. Email: info.thelume@gmail.com
  2. Mailing Address:

Plot No: 74&75, Lane No: 5, Panchsheel Enclave, Kompally, Hyderabad 500010, Telangana, India.

  • Customer Support:

You can also reach us through our app’s help section or contact form on the website.

Data Controller Information

Plot No: 74&75, Lane No: 5, Panchsheel Enclave, Kompally, Hyderabad 500010, Telangana, India.

Applicability

This Privacy Policy applies to all services offered by Lume, across all platforms, including but not limited to our app, website, and any other digital or offline services we operate.

It governs the way we collect, use, store, and share your personal data when you engage with Lume, regardless of the device or platform you use. However, please note:

  • Third-party platforms, tools, or websites linked or integrated into Lume may have their own privacy policies.
    • We encourage you to review the privacy policies of any external service you access via Lume, as they are not governed by this policy.

Governing Law and Dispute Resolution Governing Law

This Privacy Policy is governed by and shall be interpreted in accordance with the laws of India, without regard to conflict of law principles.

Dispute Resolution Mechanism

  1. Informal Resolution:

Before resorting to legal proceedings, we encourage users to first attempt to resolve any complaints or disputes by reaching out to us directly at info.thelume@gmail.com

  • Binding Arbitration:

If a resolution cannot be reached informally, disputes may be referred to binding arbitration under the Arbitration and Conciliation Act, 199C. The arbitration will be conducted by a sole arbitrator, mutually appointed by both parties, and held in Hyderabad, India, in English.

  • No Class Action:

You agree to resolve disputes on an individual basis and waive any right to participate in class or collective actions.

  • Exemptions:

Either party may seek interim or injunctive relief in court, especially in matters concerning intellectual property or confidential information, without waiving the arbitration agreement.

Additional Clauses

Compliance with Indian Regulations

We are committed to complying with all relevant Indian data privacy and protection regulations, including:

  • Digital Personal Data Protection Act, 2023 (DPDPA):

As an Indian entity, Lume adheres to the provisions and principles of the DPDPA to ensure your personal data is collected, stored, and used lawfully, fairly, and transparently.

  • Information Technology Act, 2000 (as amended):

This includes adherence to the rules relating to data protection and security under the IT Act and its subordinate legislation.

Specific Provisions for Certain Data Activities

Some services—such as surveys, events, internships, or user-generated content—may involve special data handling conditions. In such cases, additional terms will be provided via dedicated disclosures, consent forms, or participation agreements.

Final Note

Your use of Lume services indicates your agreement with this Privacy Policy and its terms of jurisdiction, dispute resolution, and data protection practices. For further questions, please reach out to us at:

Email: info.thelume@gmail.com

Address: Plot No: 74&75, Lane No: 5, Panchsheel Enclave, Kompally, Hyderabad 500010, Telangana, India.

Definitions

To ensure transparency and clarity, the following terms used throughout this Privacy Policy are defined as follows:

  1. App: Refers to the official mobile or web-based application owned and operated by Lume, including any future or third-party applications used to facilitate operations or deliver services.
  2. Cookie: A small text file stored on your device that contains data related to your interactions with our services. Cookies enable functionalities such as authentication, analytics, and personalisation. Cookies may be categorised into:
    1. Essential Cookies – Required for basic operation of the platform.
    1. Analytics Cookies – Used to understand user behaviour and improve services.
    1. Third-Party Cookies – Set by external services integrated into our platform.
  3. Data Controller: The entity that determines the purposes and means of processing personal data. In this context, Lume is the Data Controller.
  4. Data Processor: A third-party entity that processes personal data on behalf of the Data Controller. This includes cloud storage providers, analytics platforms, and customer relationship management tools.
  5. DPDPA: Refers to the Digital Personal Data Protection Act, 2023 (India), the governing framework for processing personal data in India. This regulation outlines the rights of individuals and responsibilities of entities handling personal data.

4. Personal Information (or Personal Data): Any information that relates to an identified or identifiable individual. This includes names, email addresses, phone numbers, user-generated content, and any other information that can be used to identify a person directly or indirectly.

7. Service Provider: A third-party organisation that delivers services to Lume in support of its operations. This may include payment gateways, hosting providers, identity verification platforms, and communication tools.

8. Third Party: Any external entity not owned or operated by Lume. This includes partners, advertisers, analytics providers, and other platforms or services with which users may interact through Lume.

U. User: Any individual who accesses, uses, or interacts with Lume’s services. This includes members, guests, event attendees, and anyone browsing the app or website.

10. Website: Refers to www.thelumeproject.com (or any official domains operated by Lume), where users can access information, services, events, and other features offered by the brand.

If you need further clarification regarding any term or if any part of this document requires additional interpretation, please refer to the Contact Information section or email us at info.thelume@gmail.com