Privacy Policy

1. Information We Collect

a) Information You Provide

• Account details: name, email address, phone number, agency name, GST/PAN numbers
• Business data: leads, contact information, audit reports, campaign data, message templates
• Payment information: processed securely through PhonePe and Razorpay Payment Gateways (we do not store card details)
• Support communications: support ticket messages and replies

b) Information Collected Automatically

• Device information: browser type, operating system, IP address
• Usage data: pages visited, features used, session duration, error logs
• Cookies and similar technologies for authentication and analytics

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information (billing, receipts)
• Send technical notices, updates, security alerts, and support messages
• Monitor and analyze trends, usage, and activities in connection with the Service
• Detect, investigate, and prevent fraudulent transactions and abuse
• Comply with legal obligations under Indian law

3. Data Sharing & Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

• PhonePe & Razorpay: Payment processing partners for subscription billing and refund processing
• Service Providers: Third-party tools for hosting, email delivery, and analytics (all data processing agreements in place)
• Legal Requirements: When required by law, regulation, or government request under applicable Indian laws
• Business Transfers: In connection with a merger, acquisition, or sale of assets

4. Cookies & Tracking Technologies

We use cookies and similar tracking technologies for authentication (NextAuth session cookies), remembering user preferences (sidebar state, theme), and basic analytics. You can control cookies through your browser settings. Disabling cookies may affect some features of the Service.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account deletion request:

• We initiate a 30-day grace period (as per DPDP Act provisions)
• After 30 days, all personal data and business data is permanently deleted from our systems
• Anonymized, aggregated data may be retained for analytics purposes
• Data required for legal compliance may be retained longer as permitted by law

6. Data Security

We implement industry-standard security measures including encrypted data transmission (TLS/SSL), secure password hashing (bcrypt), role-based access control, and regular security audits. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights (DPDP Act, 2023)

Under the Digital Personal Data Protection Act, 2023, you have the right to:

• Access: Request a copy of your personal data held by us
• Correction: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Grievance Redressal: Lodge a complaint with the Data Protection Board of India

To exercise any of these rights, email us at privacy@lumioleads.in.

8. Children's Data

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal data from minors. If we discover that we have collected data from a child, we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us: