Brand Identity & UI/UX Design

Privacy Policy

Last Update: 28/02/2026

At Lumentra Labs, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, contact us, or engage with our services. By using our website or submitting your information to us, you agree to the practices described in this policy. This policy applies globally and has been written to comply with major international data protection frameworks, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable regional regulations

1. Who We Are

Lumentra Labs is a design agency specialising in brand identity, UI/UX design, and visual identity. We are the data controller responsible for your personal information collected through our website and business interactions.

Contact for privacy matters: privacy@lumentralabs.com

2. What Data We Collect

We only collect data that is necessary for running our business and providing our services. The personal data we may collect includes:

2.1 Information You Provide Directly

Full name
Email address
Phone number (if provided)
Company name and role
Project details or messages submitted via contact or inquiry forms
Any other information you voluntarily share when reaching out to us

2.2 Information Collected Automatically

IP address and general location data
Browser type and version
Pages visited and time spent on our website
Referring URLs (how you found our site)
Device type and operating system

This data is collected via cookies and analytics tools (see Section 7 on Cookies for more detail).

2.3 Information from Business Interactions

Email correspondence related to project enquiries or proposals
Information shared during discovery calls or client meetings
Payment details, processed securely via third-party payment providers

3. Why We Collect Your Data

We process your personal data for the following purposes:

To respond to enquiries and communicate with potential or existing clients
To deliver our design services and manage client projects
To send service-related communications (project updates, invoices, proposals)
To improve our website experience through analytics
To comply with legal and regulatory obligations
To send marketing communications, where you have consented

Our lawful basis for processing under GDPR is one of the following: contractual necessity, legitimate interests, legal obligation, or your explicit consent — depending on the nature of the data and its purpose.

4. How We Store and Protect Your Data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures include:

Encrypted storage and secure transmission (SSL/TLS) of all data
Access controls limiting who within Lumentra Labs can view personal data
Use of reputable, security-audited third-party platforms for data storage
Regular review of our data security practices

No method of data transmission over the internet is 100% secure. While we do our best to protect your information, we cannot guarantee absolute security.

5. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purposes it was collected, or as required by law. Our general retention periods are:

Enquiry and contact form data: up to 12 months from last contact, unless a project begins
Active client data: for the duration of the project plus 3 years
Financial and invoicing records: up to 7 years, as required by tax and accounting regulations
Marketing opt-in data: until you withdraw consent

When data is no longer needed, it is securely deleted or anonymised.

6. Who We Share Your Data With

We do not sell your personal data. We may share your data with trusted third-party service providers who assist us in operating our business. These include:

Website hosting and cloud infrastructure providers
Analytics tools (e.g., Google Analytics) for website performance monitoring
Email and communication platforms (e.g., Gmail, Notion, Slack)
Project management and collaboration tools
Payment processors for handling invoices and transactions
Accounting and legal professionals, where required

All third parties we work with are required to handle your data in compliance with applicable data protection laws and are only given access to the data they strictly need.

We may also disclose your data if required by law, court order, or government authority.

7. Cookies

Our website uses cookies — small text files placed on your device — to help us understand how visitors use our site and to improve your experience.

7.1 Types of Cookies We Use

Strictly necessary cookies: Essential for the website to function. These cannot be disabled.
Analytics cookies: .Help us understand how visitors interact with our site (e.g., pages visited, time on site). These are only set with your consent.
Third-party cookies: May be placed by embedded tools such as fonts, maps, or social media widgets.

7.2 Cookie Consent

When you first visit our website, you will be presented with a cookie consent banner. You can choose to accept or decline non-essential cookies at any time. You can also manage or delete cookies through your browser settings.

For more information on how to control cookies, visit www.allaboutcookies.org

8. Your Rights

Depending on where you are located, you have specific rights regarding your personal data. These may include:

Right to access: Request a copy of the personal data we hold about you
Right to rectification: Ask us to correct any inaccurate or incomplete data
Right to erasure: Request that we delete your personal data ('right to be forgotten')
Right to restrict processing: Ask us to limit how we use your data
Right to data portability: Receive your data in a structured, machine-readable format
Right to object: Object to processing based on legitimate interests or for direct marketing
Right to withdraw consent: At any time, for data processed on the basis of your consent
Right to non-discrimination (CCPA): We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, please contact us at privacy@lumentralabs.com. We will respond within 30 days. If you are in the EU/UK and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.

9. International Data Transfers

As a globally operating agency, your data may be transferred to and processed in countries outside your own, including countries that may have different data protection laws. Where we transfer data internationally, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses approved by the European Commission — to protect your information in line with GDPR requirements.

10. Children's Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete it.

11. Links to Third-Party Websites

Our website may contain links to external websites, such as our Behance, Dribbble, or LinkedIn profiles. These sites have their own privacy policies, and we are not responsible for their practices. We encourage you to review the privacy policy of any third-party site you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The 'Last Updated' date at the top of this page will always reflect the most recent version. We encourage you to review this policy periodically.

For significant changes, we will make reasonable efforts to notify you directly — for example, via email if you are an active client or subscriber.