Privacy Policy

Version Number: 1
Issue Date: 30th March 2018

At Lumodo we regard your privacy as important.

The information we collect about you, if you agree to provide it, will allow us to contact you and send information to you about products and/or services where you have registered an interest.

  • In providing us your information you thereby consent to us processing it for this purpose.
  • We will not pass your information on to any third party.

By visiting our website, and completing any of the consent processes (i.e. subscribing to a service and/or providing your contact information), you accept and consent to the practices defined in this privacy policy.

For the purposes of the General Data Protection Regulation (GDPR) the data controller is We Compose Limited.

We may collect and/or process the following data about you:

Information you provide to us including

  • Information you provide to us  by filling in forms on our website (our site) or by entering into a contract with us, or by correspondence with us by email, letter, phone or other methods, which includes data provided by you by registering to use our site, or by subscribing for newsletters or other information services, or by joining our web forum, or by placing an order for products or services, and when reporting a problem with our site, or otherwise contacting us.
  • Personally Identifiable Information (PII) - the information you give us may include: your name, address, email address, IP address, phone number, together with financial and credit card information. All of which is PII and subject to the GDPR.

Information we collect about you with regard to your use of our website may be automatically collected and comprises the following:

  • technical information - such as your; internet protocol (IP) address, login information, time zone, browser type/version with plug-in types/versions, device information (operating system and platform);
  • information about your visit - such as your; Uniform Resource Locators (URL), including the date and time, products and services viewed/searched; site response times, downloads, errors, page visit time length, interaction (scrolling, clicks, mouse-overs), exit methods away from pages, phone numbers (i.e. used to call our customer service number), route to our site from other websites, with the address of other sites, or from search engine links to our site including search engine address and search term used.

Information processed on behalf of our clients - information that you or our clients upload to their company account on the Lumodo platform.

  • When you upload your personal data to one of our client's portals, they are the data controller and we are the data processor.
  • Depending on what permissions have been granted by our client to your user account on Lumodo, you may be able to log in, view, edit, and delete the information that our client holds about you.
  • When you delete your user account on Lumodo you lose the ability to access any of this data.
  • When you delete your user account on Lumodo, you will not be deleting information that our clients hold about you, or information that you have provided to them.
  • The data controller may have a numebr of legal bases for processing including contractual and legal obligations. Please refer enquiries about this data to the data controller.

Information we receive from other sources - information about you may be received by us if you use another website or service that we operate.

  • Third-parties may also provide information to us about you, specifically from any of the following; our business partners and/or sub-contractors or credit reference agencies for payment and delivery services, or advertising and marketing services, or our technical and analytics providers, or our search engine and search information providers.

All PII data we hold is protected by us in accordance with the Principles (Article 5) of the GDPR including the use of two factor access control and encryption wherever possible.

We use reasonable efforts to maintain accurate information and use physical and technical safeguards to secure your data including the use of secure passwords, 2 factor authentication, and encryption.

We use third party providers to provide the technology required to provide our Services including hardware, networking, software and storage.

These facilities may be located outside of the European Economic Area. By submitting your personal information, you agree to this.

Dependng on which country you access our services from, your data may be exported to another country.

Although we will use reasonable efforts to secure network communications and our Sites, we cannot guarantee that the information submitted to, maintained on, or transmitted from our systems will be completely secure.

Information we collect and receive may be disclosed to third parties in and out of the European Economic Area as (i) described in this policy, (ii) if you otherwise give your consent, or (iii) if the disclosure is legally required.

We use a number of third party data processors to process data on our behalf. Some of these third parties are based in the USA and are EU-US Privacy Shield compliant:

  • Google - Analytics Provider - IP Address Anonymised - Place of Processing: USA Opt Out
  • Google - Tag Management - Place of Processing: USA
  • Rollbar - Infrastrucutre Monioring - Place of Processing: USA
  • Stripe - Handling Payments - Place of Processing: USA
  • Microsoft - Email Server Provider - Place of Processing: USA
  • Mailchimp - Managing Contacts and Sending Emails to Users and Prospects - Place of Processing: USA
  • Postmark - Sending Transactional Emails to Users - Place of Processing: USA
  • Hubspot - Managing Contact Information, emails, communications, and statistics for Visitors, Leads, and Customers - Place of Processing: USA
  • Amazon Web Services - Application Hosting - Place of Processing: EU
  • Heroku - Application Hosting - Place of Processing: EU
  • Facebook - Avertising Conversion Tracking & Custom Audiences - Place of Processing: USA Opt Out
  • LinkedIn - Website Retargeting - Place of Processing: USA Opt Out
  • Twitter - Remarketing & Tailored Audiences - Place of Processing: USA Opt Out

We may disclose information collected we have a good-faith belief that a disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders; (ii) if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change, or (iii) as otherwise disclosed in the terms and conditions of our agreements with customers, including our separately posted and applicable Terms of Use for the relevant Services.

We may disclose aggregated or anonymous information where reasonable steps have been taken to ensure the data does not contain your personally identifying information.

The information we hold about you is used as follows:

  • Information that you provide to us - this information is used to meet our obligations within any contracts between you and us, and,
    • to meet your requests for information, and/or to deliver our products and services, or
    • to notify you of changes to our products or services, or make suggestions/recommendations that may interest you, or
    • to improve content of our site and ensure it is presented effectively for you and your device.
  • Information that we collect about you - we use this information:
    • to manage our website as well as for our efficient operations, which includes analysis, research, statistical and survey uses, together with testing and troubleshooting;
    • to improve our website and content for users and their devices;
    • to allow you to interact with our website and take advantage of our online services, whenever you may elect to do so;
    • to ensure our site is safe and secure by monitoring activities within the context of continual process improvement, which is a best practice requirement of the GDPR;
    • to monitor advertising and marketing effectiveness for users, and/or to fine-tune advertising by relevance to users;
    • to enable targeted suggestions/recommendations to users about products and services that may be of interest.
  • Information we receive from other sources - we may use third-party information, which may be combined with information you provided to us and/or information collected by us, which may be used for the purposes we have defined above.

Under the GDPR all individuals, who are the owners of their personally identifiable information (PII), have specific and clear rights, which are:

Right to Erasure

Every individual has the right the right to be forgotten upon request.  The data controller must remove your PII data from its systems and request the same of any third-party systems of that controller.

Right to Access

Every individual has the right to access the PII data held about them upon request.

Right to Portability

Every individual has the right to request their PII data and use it for other parties they wish to engage with.

Right to be Informed

Every individual has the right to be informed about how their PII data is being used, which may be provided upon request of the individual, or beforethe controller changes any use of that data, giving the individual the right to consent or object.

Right to Objection

Every individual has the right to object to the use of their PII data for any purpose proposed by a controller.

Right to Rectification

Every individual has the right to have errors in their PII data to be corrected.

Right to Restrict

Every individual has the right to restrict the uses of their PII data for any specific type of processing.

Rights on automated decisions & profiling

Every individual has the right to restrict or object to automated decision-making processes or profiling based on their PII data.

Right to make a complaint

Users have the right to bring a claim before their competent data protection authority.

We will retain a user's personal information for so long as its account is active or as reasonably needed by us to provide our Services. We may also retain and use such information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

If you can demonstrate that we do not have a legitimate reason for keeping information about you, we will delete it. Contact us to make this request.

Disclosures by Children

If you are under 13 years of age you must obtain parental consent before providing us with any personal  information.

Revoke your consent

In accordance with the GDPR, to the revoke consent for processing of your data send an email with the word "Revoke" in the subject field to

Subject Access Requests

In accordance with the GDPR,

  • you may request us to send you details about any PII data that we may hold about you, or
  • you may request that we correct any errors, or
  • you may request us to delete any/all PII data about you.

In accordance with the GDPR, any SAR is provided free of charge within [30] days, unless a particular SAR is subject to other regulatory requirements as defined within the GDPR, in which case we will inform you as required by those specific regulations.

Contacting Us

For any questions relating to your PII data, or to submit a SAR, please contact us:

Data Controller:
We Compose Limited

Skylab, Forum 3 Grenville Street St Helier Jersey, JE2 4UF


+44 0333 303 1296

Third-party policies

Lumodo is only responsible for its own privacy policy.

Our website may include links to or from other websites, such as our partners, advertisers or other affiliated organisations. Each of these websites is required under the GDPR to provide users with access to their privacy policy. Please check their privacy policies before you submit any PII data to any third party websites.

Lumodo does not accept any responsibility or liability for the privacy policies of any third-party.

Lumodo Privacy Policy Change Control

Any changes that we may make to this privacy policy will be posted on this website page. Please check this page at regular intervals to ensure that you are aware of updates or changes to this privacy policy.

We reserve the right to notify any/all registered users of our services of any major change to our policies by email, except for users that have elected to opt out or revoke communications from us.

Click the links here for further information about our Cookie Policy and our Website Terms of Use.