Lumepoint – Privacy Policy
Effective Date: 01 April 2026
This Privacy Notice for Lumepoint (‘we’, ‘us’, or ‘our’) describes how and why we collect, store, use, and share your personal information when you use our services (‘Services’), including when you:
• Visit our website at https://www.lumepoint.com, or any website of ours that links to this Privacy Notice.
• Use our software to upload images, generate laser engraving point cloud files, and manage designs across our desktop, cloud, or mobile applications.
• Engage with us in other related ways, including sales, marketing, or support.
Questions or concerns? Reading this Privacy Notice will help you understand your rights and choices. If you do not agree with our policies and practices, please do not use our Services. For any questions, please contact us at privacy@lumepoint.com.
1. Summary of Key Points
This summary provides key points from our Privacy Notice. You can find full details in the sections below.
What personal information do we process?: When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the features you use. This includes account information, uploaded images, usage data, and payment information.
Do we process sensitive personal information?: No. We do not process sensitive personal information such as racial or ethnic origins, health data, or biometric data.
Do we collect information from third parties?: No. We do not collect personal information from third parties.
How do we process your information?: We process your information to provide and improve our Services, manage your account, process payments, and comply with legal obligations.
With whom do we share your information?: We may share information with payment processors (Stripe), analytics providers, and in the event of a business transfer. We do not sell your personal data.
How do we keep your information safe?: We have appropriate technical and organisational measures in place. However, no method of transmission over the internet is 100% secure.
2. What Information Do We Collect?
Personal Information You Provide to Us
We collect personal information that you voluntarily provide when you register, make a purchase, or contact us. This may include:
• Name
• Email address
• Business name
• Payment information (processed securely via Stripe; we do not store card details)
• Images and files you upload to the platform
Sensitive Information
We do not process sensitive personal information.
Information Collected Automatically
When you visit or use the Services, we automatically collect certain technical information. This does not identify you directly but may include:
• Log and usage data: IP address, browser type, pages visited, time and date of access, and other diagnostic data.
• Device data: Device type, operating system, and application identifiers.
• Location data: Approximate location inferred from IP address. We do not collect precise GPS location.
This information is used to maintain the security and performance of our Services and for internal analytics.
3. How Do We Process Your Information?
We process your personal information for the following purposes:
• To create and manage your account and authenticate your login.
• To deliver the Services, including processing uploaded images and generating point cloud files.
• To process payments and manage subscriptions or credit purchases.
• To respond to your enquiries and provide customer support.
• To send transactional communications, including receipts, account notices, and product updates.
• To identify usage trends and improve the platform.
• To maintain the security of the Services and prevent fraud.
• To comply with legal obligations.
4. What Legal Bases Do We Rely On to Process Your Information?
We only process your personal information where we have a valid legal basis to do so. For users in the EU and UK, we rely on the following legal bases under the GDPR and UK GDPR:
• Consent: Where you have given us clear permission to process your information for a specific purpose. You may withdraw consent at any time.
• Performance of a Contract: Where processing is necessary to fulfil our contractual obligations to you, including providing the Services.
• Legitimate Interests: Where processing is reasonably necessary to achieve our legitimate business interests, such as improving the platform, diagnosing technical issues, and supporting marketing activities, provided those interests do not override your rights and freedoms.
• Legal Obligations: Where we are required to process your information to comply with applicable law.
We are generally the ‘data controller’ for the personal information described in this notice. Where we process data on behalf of customers under a separate agreement, we act as a ‘data processor’ and those customers are responsible for their own privacy practices.
5. When and With Whom Do We Share Your Personal Information?
We do not sell your personal data. We may share your information in the following limited circumstances:
• Payment Processing: We use Stripe to process payments. Your payment information is handled directly by Stripe in accordance with their privacy policy. We do not store card details.
• Analytics Providers: We may use third-party analytics tools such as Google Analytics to understand how the Services are used. This data is aggregated and anonymised where possible.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the relevant party as part of that transaction.
• Legal Requirements: We may disclose your information where required to do so by law, or to protect the rights, property, or safety of Lumepoint, our users, or others.
6. Do We Use Cookies and Other Tracking Technologies?
We use cookies and similar tracking technologies to maintain the security of our Services, manage user sessions, and gather analytics data. We may also use Google Analytics to track usage patterns. You can opt out of Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout.
Further information about our use of cookies, including how to manage your preferences, is set out in our Cookie Policy.
7. Do We Use Artificial Intelligence?
Lumepoint uses AI-powered features as part of its core Services. These include:
• AI Background Removal: Automatically removes image backgrounds to prepare uploads for point cloud generation.
• AI Image Upscaling: Enhances the resolution of uploaded images to improve engraving output quality.
These features are available across all versions of the platform (desktop, cloud, and mobile). Your uploaded images are processed by these AI tools solely to deliver the Services. We do not use your images to train AI models. Where AI processing is carried out via third-party providers, those providers are contractually bound to process your data only as instructed by us and in accordance with applicable data protection law.
You must not upload images that infringe third-party rights, including intellectual property or privacy rights.
8. How Long Do We Keep Your Information?
We retain your personal information only for as long as necessary to fulfil the purposes described in this Privacy Notice, unless a longer period is required or permitted by law.
Account data is retained for as long as your account remains active, and for 24 months following account closure or termination, after which it is deleted or anonymised. Uploaded images and generated files may be retained for the same period unless you request earlier deletion. Payment records are retained for the period required under applicable tax and accounting legislation.
You may request deletion of your data at any time by contacting privacy@lumepoint.com.
9. How Do We Keep Your Information Safe?
We have implemented appropriate technical and organisational security measures to protect your personal information, including encryption of data in transit and at rest, access controls, and regular security reviews.
However, no method of electronic transmission or storage is 100% secure. Whilst we will always do our best to protect your personal information, transmission of data to and from our Services is at your own risk. You should only access the Services within a secure environment.
10. Do We Collect Information from Minors?
We do not knowingly collect data from or market to children under 18 years of age. By using the Services, you confirm that you are at least 18 years old. If we become aware that personal information has been collected from a minor, we will take prompt steps to delete that data. Please contact privacy@lumepoint.com if you believe we may have collected information from a child.
11. What Are Your Privacy Rights?
Depending on your location, you may have the following rights regarding your personal data:
Right to access: You may request a copy of the personal data we hold about you.
Right to rectification: You may request that we correct inaccurate or incomplete data.
Right to erasure: You may request that we delete your data, subject to legal or legitimate business retention obligations.
Right to restrict processing: You may request that we limit how we process your data in certain circumstances.
Right to data portability: You may request your data in a structured, machine-readable format.
Right to object: You may object to processing based on legitimate interests or for direct marketing purposes.
Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at privacy@lumepoint.com. We will respond within the timeframes required by applicable law.
If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to lodge a complaint with your local data protection authority. In Cyprus, this is the Commissioner for Personal Data Protection. In the UK, this is the Information Commissioner’s Office (ICO).
Account Information
If you wish to review, update, or close your account, please contact us at support@lumepoint.com. Upon account closure, we will deactivate your account and delete or anonymise your data in accordance with our retention policy. We may retain certain information where required by law or for legitimate purposes such as fraud prevention.
12. Controls for Do-Not-Track Features
Most web browsers include a Do-Not-Track (DNT) setting. No uniform technical standard for recognising DNT signals has been finalised, and we do not currently respond to DNT signals. If a standard is adopted in future, we will update this notice accordingly.
13. Do United States Residents Have Specific Privacy Rights?
If you are a resident of California, Colorado, Virginia, Texas, Florida, or another US state with applicable privacy legislation, you may have additional rights regarding your personal information.
Categories of Personal Information We Collect
Category, Examples, Collected
A. Identifiers: Name, email address, IP address, account name. Yes
B. Personal information (California Customer Records): Name, contact information, payment information. Yes
C. Protected classification characteristics: Gender, age, race, ethnicity, national origin. No
D. Commercial information: Transaction history, purchase records. Yes
E. Biometric information: Fingerprints, voiceprints. No
F. Internet or network activity: Browsing history, usage data, interactions with Services. Yes
G. Geolocation data: Approximate device location (IP-based). Yes
H. Audio, electronic, sensory information: Images uploaded by users for engraving. Yes
I. Professional or employment-related information: Business name (if provided). Yes
J. Education information: Student records. No
K. Inferences from personal information: Inferences about preferences or usage patterns. No
Sensitive personal information: Health data, biometric data, financial account details. No
Your US Privacy Rights
Depending on your state of residence, you may have the right to:
• Know whether we are processing your personal data and access that data.
• Correct inaccuracies in your personal data.
• Request deletion of your personal data.
• Obtain a copy of your personal data in a portable format.
• Opt out of the sale or sharing of your personal data (we do not sell personal data).
• Non-discrimination for exercising your privacy rights.
How to Exercise Your Rights
To exercise any of the above rights, please contact us at privacy@lumepoint.com. We will verify your identity before processing your request. You may also designate an authorised agent to submit a request on your behalf, subject to verification.
Appeals
If we decline to act on your request, you may appeal by emailing privacy@lumepoint.com. If your appeal is denied, you may submit a complaint to your state attorney general.
14. Do We Make Updates to This Notice?
We may update this Privacy Notice from time to time to reflect changes in our practices or applicable law. The updated version will be indicated by a revised effective date at the top of this notice. Where changes are material, we will notify you by email or by a prominent notice on our website. We encourage you to review this notice periodically.
15. How Can You Contact Us About This Notice?
If you have questions or concerns about this Privacy Notice, please contact our Data Protection Officer at:
Email: privacy@lumepoint.com
Website: https://www.lumepoint.com
EEA Representative
If you are a resident of the European Economic Area, Lumepoint is the data controller of your personal information. For queries about how we process your data, please contact us at privacy@lumepoint.com.
UK Representative
If you are a resident of the United Kingdom, Lumepoint is the data controller of your personal information. For queries about how we process your data, please contact us at privacy@lumepoint.com. You also have the right to contact the Information Commissioner’s Office (ICO) at https://ico.org.uk.
16. How Can You Review, Update, or Delete Your Data?
You have the right to request access to, correction of, or deletion of the personal information we hold about you. To do so, please contact us at privacy@lumepoint.com or support@lumepoint.com. We will respond within the timeframes required by applicable law.