Privacy Policy

Last updated: 1 September 2025

1. Introduction

Lume (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

Personal Data

We may collect the following types of personal information:

  • Contact information (name, email address, phone number)
  • Identification information (for insurance purposes)
  • Watch collection details and valuations
  • Payment and billing information
  • Communications with us

Automatically Collected Data

  • IP address and device information
  • Browser type and version
  • Pages visited and time spent on our website
  • Referring website addresses

3. Legal Basis for Processing

We process your personal data based on:

  • Contract: To provide insurance services you’ve requested
  • Legal obligations: To comply with insurance regulations and anti-money laundering requirements
  • Legitimate interests: To improve our services and prevent fraud
  • Consent: For marketing communications (where applicable)

4. How We Use Your Information

We use your information to:

  • Process insurance applications and claims
  • Verify your identity and prevent fraud
  • Communicate with you about your insurance
  • Send service updates and marketing communications (with consent)
  • Improve our website and services
  • Comply with legal and regulatory requirements

5. Information Sharing

We may share your information with:

  • Insurance underwriters and reinsurers
  • Regulatory bodies (FCA, ICO)
  • Professional advisers and service providers
  • Credit reference agencies (where applicable)
  • Law enforcement agencies (when required by law)

We will never sell your personal information to third parties for marketing purposes.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes:

  • Encryption of sensitive data
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Insurance records are typically retained for a minimum of 7 years after the policy ends.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Request erasure of your personal data
  • Object to processing of your personal data
  • Request restriction of processing
  • Data portability
  • Withdraw consent (where processing is based on consent)

9. Cookies

We use cookies and similar tracking technologies to enhance your experience on our website. For more information, please see our Cookie Policy.

10. International Transfers

Your data may be transferred to and processed in countries outside the UK. We ensure appropriate safeguards are in place for such transfers in compliance with UK data protection laws.

11. Children’s Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: hello@getlume.co.uk

Website: www.getlume.co.uk

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk