Lumiio Inc. is committed to protecting the privacy of those using our products. We protect all the information that you provide us. We store your information in a highly secure environment.
Lumiio Inc. may collect the following data:
- Restricted data: Personal identification information (Name, email address, phone number, full date of birth.)
- Shared data: Data and statistics relating to medical diseases, illnesses and ailments, and treatments
- Data about how you use our platform (see section on cookies below)
You directly provide Lumiio Inc. with most of the data we collect. We collect data and process data when you:
- Register online or place an order for any of our products or services.
- Voluntarily complete a survey or provide feedback into our platform, our message boards or via email.
- Use or view our website via your browser’s cookies.
Lumiio Inc. may also receive your data indirectly from the following sources:
- Lumiio Inc. obtains data from various universities, institutions, and data sharing conglomerate when you consent to participate in research at these organizations.
Lumiio Inc. collects your data so that we can:
- Perform statistical analysis and modelling on data entered
- Provide deidentified datasets to the research and medical communities
Our legal basis for processing your data are:
- Fulfillment of contract (operating the site for you)
- Consent (asking you to participate in certain research projects)
- Legitimate Interests (regulatory and law enforcement purposes)
The information you share with us regarding your identity, your health, and your survey responses will be de-identified and combined with information from other individuals. Only this de-identified data will be used in research analyses and the aggregate results will be presented at scientific conferences and in publications. These presentations and publications will never show any information that identifies you or any other individual in the registry.
Lumiio Inc. may provide de-identified data to a registry governing body and third parties who use it for purposes in accordance with the specific registry mandate while conforming to the limiting principle that only the minimum personal health information necessary for the purpose will be provided.
We may share data with our registry community, staff, as well as with partners and vendors. Potential partners include, but are not limited to universities, pharmaceutical companies, hospital systems, governments, and regulatory bodies.
Lumiio Inc. works with researchers who make requests for registry data to ensure:
- No identifiable information is included
- The appropriate agreements regarding data use and security are in place
- The work is reviewed and approved by a Research Ethics Board
If required by law, Lumiio Inc. may disclose information provided by you to applicable parties.
Lumiio Inc. securely stores your data in our cloud datacenter. The personal and health information is protected by administrative, physical, and technological controls that adhere to industry best practices for security and safeguards of medical data against unauthorized access, collection, use, disclosure or disposal. The data is always encrypted at rest and encrypted in transit. The system has been architected by the Lumiio Inc. Cyber Security team and includes periodic vulnerability and penetration testing assessments at minimum once per month.
Lumiio Inc. may keep your data for 10 years following the end of the project. Once this time period has expired, we will delete your data by deleting all your entered data from our system.
Lumiio Inc. may send you information about products and services of ours that we think you might like, as well as those of our partner companies.
If you have agreed to receive marketing, you may always opt out at a later date.
You have the right at any time to stop Lumiio Inc. from contacting you for marketing purposes or giving your data to other members of the Lumiio Inc. group.
If you no longer wish to be contacted for marketing purposes, please contact firstname.lastname@example.org with your request.
Lumiio Inc. would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to see your data – You have the right to request Lumiio Inc. for copies of your personal data. We may charge you a small
- fee for this service.
- The right to correct your data – You have the right to request that Lumiio Inc. correct any information you believe is inaccurate. You also have the right to request Lumiio Inc. to complete information you believe is incomplete.
- The right to have your data deleted — You have the right to request that Lumiio Inc. erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that Lumiio Inc. restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to Lumiio Inc.’s processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that Lumiio Inc. transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- The right to be notified if your data is stolen- You have the right to be notified of any breach involving your Personal Data. We will notify the appropriate data protection authority within 72 hours of detecting a breach involving your data. We will notify you as soon as possible after that.
Note that these rights may be restricted where they conflict with other people’s rights or various legal processes. And we can’t undo any processing that has already happened. Further, these rights to edit, delete, be notified of a breach and object to processing all apply to Personal Data and do not apply to De-Identified Data that, for example, has been shared by us with our partners or vendors.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us:
Email us: email@example.com
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
For further information, visit allaboutcookies.org.
- Keeping you signed in
- Understanding how you use our website
There are a number of different types of cookies, however, our website uses:
- Functionality — Lumiio Inc. uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
- Advertising — Lumiio Inc. uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. Lumiio Inc. sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
Email us at: firstname.lastname@example.org
Should you wish to report a complaint or if you feel that Lumiio Inc. has not addressed your concern in a satisfactory manner, you may contact the appropriate authority
Information Commissioner’s Office.
Web Address: https://www.oic-ci.gc.ca/en/submitting-complaint
Address Office of the Information Commissioner
30 Victoria Street, 7th Floor
Gatineau QC K1A 1H3
In the US:
You can register a HIPAA complaint with the Department of Health and Human Services here.
In the European Economic Area:
You can contact the appropriate data protection authority here.