Privacy Policy
1. Scope
This policy describes how Lumix Labs Pte. Ltd. ("Lumix Labs", "we", "us") handles personal data collected through lumix-labs.com (the "Site"). It does not cover data we process when delivering client engagements — that is governed by the relevant services agreement and, where applicable, a separate data processing agreement.
2. What we collect
- Correspondence. If you email us, we receive your email address, name, and whatever you choose to include. We use it to respond and to maintain the business relationship.
- Contact form. Form submissions are delivered to us by FormSubmit (formsubmit.co), which processes the details you enter (name, company, email, message) solely to relay them to us.
- Server and security logs. The Site is served via Cloudflare Pages. Cloudflare processes standard connection data (IP address, user agent, requested URLs) to deliver and secure the Site.
- Analytics. We use Cloudflare Web Analytics, which is cookieless and does not build individual visitor profiles.
- Fonts. The Site loads the Inter typeface from Google Fonts; your browser requests the font files from Google, which processes your IP address under Google's privacy policy.
The Site sets no advertising or tracking cookies.
3. What we don't do
We do not sell personal data, run third-party advertising, or use your data to train AI models.
4. Purposes and legal bases
We process personal data to respond to enquiries, schedule and conduct meetings, and operate and secure the Site. Where the GDPR or similar laws apply, we rely on our legitimate interests in operating our business and communicating with people who contact us, and on consent where required.
5. Sharing
Personal data is shared only with the service providers named above (FormSubmit, Cloudflare), strictly for the purposes described, and with professional advisers or authorities where the law requires.
6. International transfers
We are based in Singapore. Our service providers may process data in other jurisdictions; where required, transfers rely on the providers' standard safeguards (e.g. standard contractual clauses).
7. Retention
Correspondence is retained for as long as needed for the enquiry or business relationship, and then for any period required by law. Log and analytics data are retained per the providers' standard retention schedules.
8. Your rights
Under Singapore's PDPA — and, where applicable, the GDPR or other data protection laws — you may request access to, correction of, or deletion of your personal data, or object to certain processing. Write to [email protected]; we respond within the timelines the applicable law requires.
9. Changes
We may update this policy from time to time. The effective date above reflects the latest revision; material changes will be noted on this page.