Privacy Policy

Last updated: 11 June 2019

This Privacy Policy explains how Lumii collects and handles your personal information, and applies to all of our Services, which includes this website. Through our product offerings, Customers and their employees have the ability to provide organizational feedback and/or individual feedback within their companies. We value your trust and take our privacy obligations seriously. We have developed this Privacy Policy to provide you with clear answers to your questions so you can understand how your personal information and data is collected, held and processed by Lumii.

 

1.  Definitions.

In this Privacy Policy, a reference to:

  • Administratormeans any person who has log in credentials to a Customer account to manage that account, create surveys, review and share survey results, or manage the account to enable individual users to provide feedback;
  • Confidentiality Noticemeans the notice given to: (i) Respondents at the time of answering a survey conducted by a Customer, including the degree of confidentiality and/or anonymity that the Respondent will have when answering a survey, or (ii) the notice given to Individual Feedback Users of our individual feedback services, as applicable;
  • LumiiLumii Groupweusor our means Lumii Pty Ltd (ACN 623 752 689) of Ground Level, U5, 100 Railway Road, Daglish, Western Australia, Australia, and any of its related bodies corporate;
  • Customeror Company means, in relation to you, the person or entity that has contracted with Lumii to allow you to use Lumii’s Services. The Customer or Company will generally be your employer, or an identified subgroup (i.e., division, department, etc.) within your employer;
  • Continuous Feedback Messagesmeans the messages that you send to another user or that another user sends to you which are accessible through your Personal Profile Page;
  • Individual Feedbackmeans the feature in our Services which allows individuals to give performance related feedback to other individuals in their Company, including Continuous Feedback Messages;
  • Individual Feedback User means any person who has log in credentials to an individual account within our Services to give Individual Feedback to, and obtain Individual Feedback from, other users within their Company;
  • Networkmeans the in-application organizational network of Individual Feedback Users within a Company;
  • Personal Profile Pagemeans the “my account” page within the Services which is a personal page available to Individual Feedback Users of our performance management services when they create an account;
  • Personal Review Graphsmeans the graphs or charts displayed on your Personal Profile Page created from Continuous Feedback Messages that other users have provided to you;
  • Platform Datameans any content or data that you or third parties submit to Lumii using the Services;
  • Respondentmeans any person who accesses our Services to answer surveys (either wholly or partially) conducted by Customer using the Services;
  • Servicesmeans all products (including related mobile applications), services and Websites offered by Lumii;
  • Visitormeans any person who visits our Websites;
  • Websitesmeans, collectively, www.lumii.com as well as the other websites that Lumii operates and that link to this Privacy Policy; and
  • You oryour means either an Administrator, Respondent, Individual Feedback User or Visitor, as applicable.

We may update this Privacy Policy from time to time and the most current version will be posted on our website. If we make any material changes, we will notify you by email (to the address associated with your account) or when you next log in to your account prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. If you have any questions or concerns about our Privacy Policy, or with the handling of your personal information, please contact our Privacy Officer at privacy@lumii.com.

2. A note about children.

Unless permitted by applicable law, you must not permit any child under the age of 16 with access to our Services. We do not intentionally gather personal information from minors under the legal age range. If a minor submits personal information to Lumii and we learn that the personal information is the information of a child under the legal age range, we will attempt to delete the information as soon as possible. If you believe that we may have any personal information of a child under the legal age range, please contact Lumii at: privacy@lumii.com.

3. What information do we collect?

We collect information relating to you and your use of our Services from a variety of sources. Some of this information is collected directly from you and some of this information is collected from your interaction with our Services, your Company, other individuals at your Company, or from third parties. How and what information we collect about you will depend on the way that you use our Services, for example, whether you are an Administrator, Respondent, an Individual Feedback User or Visitor.

(a) Information we generally collect

  • Contact information:When you provide us with your contact information, whether through use of our Services, creation of an account, a form on our website, or an interaction with our sales or customer support team, we collect your contact information. This information may include, for example, your name and email address.
  • Usage information:We collect usage data about you whenever you interact with our Services. This may include which web pages you visit, what you click on, when you performed those actions, and other activities. Please see our Cookie Policy for more information about the cookies we use in our Services.
  • Device and browser data:We collect data from the device you use to access our Services, such as your IP address, operating system, browser details and time of visit. This information may also tell us your location.
  • Cookies and page tags:We use third party tracking services that employ cookies and page tags (also known as web beacons) to collect aggregated and anonymous data about Visitors to our Websites. This data includes usage details and user statistics. Please see our Cookie Policy for more information about cookies and page tags we use on our Websites.
  • Log data:We keep log files that record data each time a device accesses our servers. The log files contain data about the nature of each access, including the originating IP address. We may combine this automatically collected log information with other information we collect about you. We do this to maintain an audit trail of activity, to improve our Services, to improve our marketing activities, for system analytics, or to monitor or improve functionality.
  • Referral data:If as a Visitor, you navigate to our Websites from an external source (such as a link on another website or via an email), we record information about the source that referred you to us.
  • Other data you submit:We may collect your personal information or data if you submit it to us in other contexts. For example, by giving us a testimonial, attending an event we host or entering a contest. We may also collect personal information at other points throughout our Services or within our Website that states personal information is being collected. If you contact us at support@lumii.com we will also collect any information that you provide to us voluntarily, such as your operating system version, and other requested information in order for us to respond to your request.
  • Interacting with us on social media:We may collect personal information about you when you interact with us using social media. For example, if you post material to our Facebook page or Tweet us on Twitter.
  • Third parties:We may collect your personal information or data from third parties if you give permission to those third parties to share your personal information with us or where you have made that information publicly available online.
  • Mobile devices: If you connect to the Services using a service provider that uniquely identifies your mobile device, we may receive this identification information to provide the Services to you.

(b) Information specific to Administrators, Respondents and Individual Feedback Users

We may collect the following information about Administrators, Respondents or Individual Feedback Users:

  • Information collected from your Company: The information that each Customer provides to us is different. In most cases, your company will provide us with demographic data such as your name, email information, and other information related to your role within the Company, including your manager, direct reports and your position within the Company’s organization chart. Some Customers may provide us with additional demographic information so they can better analyze and understand their survey results. In the event that you are, or you become, part of a Network, your Company may request that we create an account for you if you are not already an Individual Feedback User.
  • Single sign-ons: If you choose to register or login using a third party account (such as Google or your Company’s SSO provider), the authentication of your login details are handled by that third party and we only collect the information you expressly agree to share with us at the time you give permission to link your Lumii account with the third party account. By using a Google Single Sign-On account (or other supported SSO), you are allowing us to access your Google (or other supported SSO) account information.
  • HRIS data: If the Customer uses a third-party human resource information system (for example, Workday or BambooHR) to import information into Services, we will also receive information from that third party (for example, your name, email address, employment and demographic data).
  • Survey responses: When you answer a Customer survey, we will store your survey answers and comments.

(c) Information specific to Individual Feedback Users

We may collect or share the following information about Individual Feedback Users:

  • Profile page information:  When an Administrator creates an account for you, we may collect the following information from your Company, your name, company name, email address, title and role within your Company, photograph, and other organizational information, such as the person you report to and your direct reports within the Company. When other individuals submit feedback about you, we will also use that information to create graphs or charts that will be displayed on your Personal Profile Page.
  • Individual feedback: You may be asked by your Company to provide feedback for other individuals employed by your Company and other individuals employed by your Company may be asked to provide feedback for you (in each case, a “Performance Review”). We may send you communications through the Services requesting that you provide a Performance Review about another employee in your Company. When you participate in providing Performance Reviews, other individuals or your Company may be able to review certain information about you, for example the content in the Performance Review. However, Continuous Feedback Messages will only be viewable by you and the person you are sharing Continuous Feedback Messages with.
  • Your content: When you use the Services as an Individual Feedback User, we will store any messages or content that you submit to us when you use this portion of the Services, such as when you exchange Individual Feedback with other individuals (including any messages, pictures, files and video) or submit Performance Reviews, as well as when these messages or files were sent.

(d) Information specific to Administrators

We may collect the following information about Administrators:

  • Registration details:When you register an account or another Administrator creates an account for you, we collect your name, company name, email address, password and other information.
  • Survey data:When you create and launch surveys using the Services, we will store those survey questions and other information related to those surveys.
  • Billing details:If you use a credit card for billing, our credit card processor may collect information such as the cardholder’s name, billing address, email address, credit card number, expiry date and credit card security code.
  • Account settings:You may be able to set or update various preferences and personal details on your account settings page or your profile. For example, your name, email address, default language or time zone.

(e) Information specific to users of ONA network analysis

We may collect the following information about users of ONA network analysis:

If your Company elects to use our ONA network analysis tool, when you first start using the Services and periodically thereafter, we will ask you to provide the authentication token for your company email address or the authentication token for your account on any instant messaging system that your Company uses for business communications and that we support (“Supported Messaging System”) (in each case, “Authentication Token”). You can choose not to participate.

Each time you (or another user) provides the Authentication Token for your (or their) company email address or the Supported Messaging System, we will use the Authentication Token to collect the last 90 days of email and calendar meta data (consisting of the To, From, cc, bcc, and Timestamp Fields which we refer to as “Meta Data”) from your (or their) company email address, or the Supported Messaging System.

Your Meta Data or the Meta Data collected from other individuals at your Company may also include communications made to and from third parties outside of your organization.

We will use your Meta Data to determine the users within your Company that you communicate with in order to create your Network. The Network is used to send requests for Individual Feedback to the users within your Network. If another user in your Company provides us with Meta Data, and you had communicated with them, it may include your Meta Data also.

If you do not want your Meta Data being used as described in this section, you must notify your Company to not enable ONA network analysis.

4. Who is the data controller or processor?

Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. For Administrators,  Respondents and Individual Feedback Users, your company, which is our Customer will generally be the controller of your personal information and Lumii will be the processor (unless indicated otherwise in this Privacy Policy). For Visitors, Lumii will generally be the controller of your personal information.

5. How do we hold the information we collect?

(a) Security of your personal information

The security of your personal information is very important to us. All your data is private and confidential and we take reasonable steps to ensure that your personal information is handled securely and in accordance with this Privacy Policy. We follow generally accepted security standards, to protect the personal information submitted to us, both during transmission and once it is received. Lumii is ISO27001 certified.

However, please note that transmitting information over the Internet is never completely secure. Although we do our best to protect your personal information, we cannot guarantee that your personal information is absolutely secure in all situations.

Security is a collaborative effort, so we also recommend that you create a sophisticated password for logging in to our services and keep that password secret.

If you suspect there has been any unauthorized access or misuse of your personal information, immediately contact our Data Protection Officer at privacy@lumii.com.

(b) Where your personal information is located

Our servers are based in the United States, so your personal information will generally be processed and hosted in the United States. However, as some of our offices and service providers are located outside of the United States, there may be times when your personal information may be transferred, disclosed or processed in another country, such as Australia, Ireland and the United Kingdom. For example, if you contact our Customer Success team for support or questions, any information you provide us in the support request (including personal information such as your name and email address) will be processed and hosted in Ireland by the service provider we use to manage support requests.

(c) European Union or Swiss users

If you live in the European Union, we will use the following safeguards to transfer your personal information to a country not currently deemed adequate under applicable data protection law:

  • European Union Standard Contractual Clauses:Lumii offers the European Union Standard Contractual Clauses (EU SCCs), also known as Model Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of information. We also use the EU SCCs when we transfer your personal information to a member of the Lumii Group located in a country not currently deemed adequate under applicable data protection law. A copy of our standard data processing addendum, incorporating the EU SCCs, is available on request.

 

6. How do we use the information we collect?

(a) How we use your personal information

We use your personal information for a variety of purposes. How and what information we collect about you will depend on the way that you use our Services, for example, whether you are an Administrator, Respondent, Individual Feedback User or Visitor. In each case, the information we collect and process is reasonably necessary for our business, including providing you with the Services you would expect from us.

(b) European Union users

When you use our Services as an Administrator, Respondent or Individual Feedback User, we process your personal information either:

  • with your consent;
  • to fulfill our contractual responsibility to deliver the Services to the Customer; or
  • to pursue Lumii’s legitimate interests of improving our Services or developing new products and features.

When you use our Services as a Visitor, we process your personal information either:

  • with your consent; or
  • to pursue Lumii’s legitimate interests of improving our Services or developing new products and features.

(c) Administrators

When you use our Services as an Administrator, we may use your personal information to:

  • Create an account with us:We need to collect and use your personal information to allow you to create an account and log in to that account.
  • Provide you with our Services:This includes providing you with access and use of our platform and customer support, which may require us to access your personal information so that we can assist you, such as with survey design or technical issues.
  • Manage our Services:We use your personal information so we can provide our Services and improve those Services. Some of these purposes include:
    • monitor, maintain and improve our Services and features;
    • personalize or customize your experience when you use our Services (including presenting the Lumii platform in the best format for you or a device you use to access the Lumii platform);
    • create new services or features;
    • enforce our contracts and policies when we are made aware of potential breaches;
    • prevent potentially illegal, undesirable or abusive activities;
    • investigate complaints about you or made by you;
    • make telephone calls to you, or send you SMS messages from time to time, as part of secondary fraud protection; or
    • respond to legal requests such as subpoenas, warrants or other mandatory information requests.
  • Contact you about the Services or your account:At times we may need to contact you via email, mail or telephone to tell you about matters, such as changes to our Services, terms or policies.
  • Marketing purposes:We may also send you news and information about our products or Services that you either request from us, or we believe may interest you. In most cases, we will contact you via email. As part of our marketing efforts, we may combine information about you from third party sources with information we hold about you to create a user profile, which will help us to make our sales and marketing efforts more relevant to you and to personalize and improve your experience.
  • Respond to legal requests and prevent harm:If we receive a legal request or are informed of a situation that may cause harm, or potential harm, to someone, we may need to inspect your personal information or data to respond appropriately to that request or threat.

(d) Respondents or Individual Feedback Users

When you use our Services as a Respondent or an Individual Feedback User, we may use your personal information to:

  • Create an account with us:We need to collect and use your personal information to allow you to create an account and log in to that account.
  • Provide our Services to the Customer:When and how we use your personal information is controlled and managed by the Customer (including any Administrators that act on its behalf).
  • Manage our Services:We use your personal information so we can provide our Services and improve those Services. Some of these purposes include:
    • monitor, maintain and improve our Services and features;
    • personalize or customize your experience when you use our Services (including presenting our Services in the best format for you or a device you use to access our Services);
    • create new services or features;
    • enforce our contracts and policies when we are made aware of potential breaches;
    • prevent potentially illegal, undesirable or abusive activities;
    • investigate complaints about you, or made by you;
    • send you a welcome email to verify ownership of the email address provided when your account was created;
    • send you an email when you have been assigned as an administrator of your Company account;
    • send you survey reminders;
    • send you emails requesting you provide feedback on other individuals in your Company or to notify you that you have received feedback from other individuals in your Company;
    • make telephone calls to you, or send you SMS messages from time to time, as part of secondary fraud protection; or
    • respond to legal requests such as subpoenas, warrants or other mandatory information requests.
  • Create de-identified aggregated data:To provide customers with a better understanding of their survey results, we use survey data in a de-identified aggregated form to compare customers’ results to the results of other surveys or other customers. We also use your survey data to continually improve our Services, including our de-identified aggregated data sets. None of your survey data will be disclosed to other unrelated customers in a non-aggregated or identifiable form.
  • Respond to legal requests and prevent harm:If we receive a legal request or are informed of a situation that may cause harm, or potential harm, to someone, we may need to inspect your personal information or data to respond appropriately to that request or threat.
  • Identify you as a user: We may use your information to identify you as a Respondent and/or an Individual Feedback User in our systems and within the Network which you belong.
  • Provide information to other users in your Network or your Company: When you are in a Network, the following will apply to you:
    • Your Network may include other employees that you can choose for a Performance Review. Your Company can also choose employees for a Performance Review manually.
    • When you ask another individual within your Network or Company to provide a Performance Review about you, we will display your name and photograph (if provided) to that individual.
    • Your Company, may share Performance Reviews that you are involved in, with other individuals in your Company, at the sole discretion of the Company.
    • Continuous Feedback Messages that you provide or receive can be shared at your discretion. Each of your Continuous Feedback Messages about other individuals will be shared with the individual to whom the feedback is addressed.
    • If your Company uses our ONA network analysis tool, Your Meta Data may be shared with the Company or other individuals at your Company.

(e) Visitors

When you use our Services as a Visitor, we may use your personal information to:

  • Contact you for marketing purposes:We may send you news and information about our products or Services that you either request from us, or we believe may interest you (unless prevented by law). In most cases, we will contact you via email.
  • Manage our Services:We use your personal information so we can provide our Services and improve those Services. Some of these purposes include:
    • personalize or customize your experience when you use our Services (including presenting our Websites in the best format for you or a device you use to access our Websites);
    • create new services or features;
    • monitor, maintain and improve our Services and features;
    • enforce our contracts and policies when we are made aware of potential breaches;
    • prevent potentially illegal, undesirable or abusive activities; or
    • respond to legal requests such as subpoenas, warrants or other mandatory information requests.
  • Profiling for marketing purposes:As part of our marketing efforts, we may combine information about you from third party sources with information we hold about you to create a user profile, which will help us to make our sales and marketing efforts more relevant to you and to personalize and improve your experience.

(f) Anonymity and pseudonyms

In most cases, it will be very difficult for us to provide you with our Services if you do not provide us with your real name and contact details (primarily email). Situations where we might have difficulty interacting with you anonymously, or via a pseudonym, are when you use our Services as an Administrator, Respondent or Individual Feedback User.

If lawful and practicable, you may use a pseudonym (or simply not identify yourself) when dealing with us. For example, if you have a complaint or concern about our site, or a general question about our Services or this Privacy Policy, you are welcome to contact us without identifying yourself. In some cases, however, if you do not provide us with information, we may not be able to provide you with our products or Services or respond adequately to you.

7. Who has access to your personal information?

(a) General

We will share your personal information with third parties only in the ways that are described in this Privacy Policy. To provide you with our Services we will often need to disclose your personal information to our staff or the service providers we use to operate our business. Examples of our service providers include: hosting services; project management software; email service providers; system monitoring services; customer support services; and website analytics. These companies are only authorized to use your personal information as necessary for us to provide our Services to you and/or the Customer.

In most cases, the information that we disclose to our staff or service providers will be directly necessary to provide our Services to you. However, there may be occasions where we need to disclose your personal information to our staff, service providers, professional advisors or other third parties, including to:

  • Provide the Services:In providing the Services, we may need to disclose your personal information to people who work for us or to one of our service providers. Our agreements with third parties include obligations to protect the security and confidentiality of your personal information. These disclosures may be related to activities such as filling orders, processing payments and mail-outs, storing and managing documents, research, providing professional advice, facilitating creation of accounts, sending you service emails, providing technical support, or providing other services to you. Transfers of Respondent and Individual Feedback User information to our service providers are covered by our agreement with the Customer.
  • Prevent illegality or enforce our terms and policies:If you engage in or threaten any unlawful activity, we may reasonably believe that it is necessary to disclose your personal information to the police, a relevant authority or enforcement body, or your internet service provider, employer, supervisor or network administrator.
  • Protect our rights or the rights of our staff:There may be situations where disclosing your personal information is necessary to protect the property, health or safety of Lumii or its staff, the Customers or others. For example, exchanging information with other organizations to protect against fraud.
  • Keep other entities associated with us informed:In some cases, we may need to disclose your personal information to our agents, business affiliates, joint venture entities, partners, investors or any applicable subsidiaries or holding companies. The need to disclose your personal information to these entities may arise from a legal obligation we owe that entity, or to assist our or their legitimate business interests.
  • Run events, competitions and promotions:We may need to disclose your personal information to sponsors and promoters when you register or attend an event or enter any competition that we conduct or promote. This disclosure will generally not apply to Respondents or Individual Feedback Users.
  • Perform actions you request or consent to:You may specifically authorize us to disclose your personal information to a third party. For example, to resolve a dispute regarding our Privacy Policy or to integrate a third-party service. We may also disclose your personal information to a third party with your prior consent.
  • Comply with legal requests:In some situations, we may be compelled to disclose your personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose your personal information to third parties such as law enforcement officials or to comply with court orders, such as subpoenas or other legal processes.
  • Merge or sell our business:We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving the sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the personal information collected by us and will assume and be subject to all the rights and obligations regarding your personal information as described in this Privacy Policy. If Lumii is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information.

When we disclose your personal information to third parties such as our service providers, we sign confidentiality and data processing agreements with them to ensure they maintain confidentiality and have privacy and security standards to protect your personal information.

(b) Disclosures specific to Administrators

When you use our Services as an Administrator, your personal information may be disclosed to other Administrators within your Company.

(c) Disclosures specific to Respondents or Individual Feedback Users

When you use our Services as a Respondent or an Individual Feedback User, we may also disclose your personal information for the purposes of:

  • Providing the Services:When you answer Customer surveys, we will disclose that information to the Customer and Administrators. How your answers are displayed and what information may be used to analyze and report your answers (either in an aggregate or individual form) may vary from survey to survey. It is important that you read the Confidentiality Notice before answering a survey so you understand how your survey answers will be used and the ways they might be shared (if at all). Your survey data will also be visible to other employees in your Company each time you share your survey reports, or provide feedback to such employee. Your Company and other employees in your Company will not be able to see your Personal Profile Page, however, your personal information may be used to provide Services to other users in your Network.
  • Creating aggregated de-identified data:We may create aggregated de-identified data for any purpose derived from data we hold about you. For example, we may create aggregated de-identified data to share with customers, prospects, partners for business or research purposes, or for provision of our Services such as our survey benchmarks.
  • Fulfilling Customer requests:Because the Customer is the controller of your personal information, we hold and process your personal information on behalf of the Customer. There may be occasions when the Customer instructs us to disclose your personal information to a third party, such as a consultant or a new service provider. If instructed by the Customer to transfer your personal information to a third party, we will sign a data transfer agreement with the Customer and the third party if required, to ensure that they continue to observe the Confidentiality Notice for each survey.
  • Preventing harm:We may also disclose your personal information to the Customer or relevant authorities if your use of our Services indicates an imminent risk of harm to you or to others around you.

 

8. What are your rights to your personal information?

(a) General

If you live in certain countries (for example, European Union member states) you may have rights regarding your personal information, including the right to access, correct, delete, port, limit or stop the use or disclosure of your personal information.

We will respond to requests to access and correct (if necessary) your personal information as soon as possible. You have the following options when exercising your rights:

  • Update your account details:You may be able to update your registration and other account information on your account settings page or your profile page and information is updated immediately. To update any other information, please contact our Privacy Officer at privacy@lumii.com or customer support at support@lumii.com.
  • Access, correction and deletion:Upon request, we will provide you with information about whether we process, or provide to a third party to process on our behalf, any of your personal information. If you want to review, correct (if necessary) or delete the information that we have collected and hold about you, please contact our Privacy Officer at privacy@lumii.com.
  • Data exports:If you request an export of the information that we hold about you, we will provide you with the data in a standard CSV format. This data format may not be applicable or compatible with all uses. To request a data export, please contact our Privacy Officer at privacy@lumii.com.
  • Limiting or stopping use or disclosure:If you want to limit or stop our use or the disclosure of your personal information to third parties, please contact our Privacy Officer at privacy@lumii.com. However, please note that by limiting or stopping the use of your personal information by us, or its disclosure to third parties, you may also limit our ability to provide you with our Services.
  • ONA network analysis data:If you want to stop our use of your Meta Data or stop the collection of further Meta Data about you, please contact your Company. Data collected through our ONA network analysis tool must be removed at the Company level.
  • Newsletter and other communications:If you subscribe to our newsletter(s) or other communications, you may choose to stop receiving those communications by using the unsubscribe instructions included our emails, or by contacting our Privacy Officer at privacy@lumii.com.
  • Other queries or requests:If you have a question or want to make a request that is not listed above, please contact our Privacy Officer at privacy@lumii.com.

(b) Requests from Administrators, Respondents and Individual Feedback Users

If you are an Administrator, Respondent or Individual Feedback User, we collect, hold and process information about you on behalf, and under the direction, of the Customer. This information includes data uploaded to our Services by the Customer (for example, your name, email address, employment and demographic data), your survey responses and comments, and Individual Feedback that you submit through our Services.

You have the following options when exercising your rights:

  • Platform communications: If you would like to stop receiving Lumii platform emails, you must contact your Company. If you contact us directly, we will forward your request to the Customer to seek their permission and/or instructions. If you request this, you may no longer be able to use the Services.
  • Correction and deletion of Platform Data: If you would like to request access, correction, transfer or deletion of your Platform Data, you must contact your Company. If you contact us directly, we will forward your request to the Customer to seek their permission and/or instructions. Please note that when Lumii corrects or deletes your Platform Data, data relating to you may inadvertently be identifiable to the Customer due to its omission.
  • Exceptions to correction of Platform Data:If you are an Individual Feedback User, you can change any of the personal data in your account (with the exception of Continuous Feedback Messages, Performance Reviews and your Personal Review Graphs).

 

9. How long do we retain your personal information?

(a) Administrators, Respondents and Individual Feedback Users

We retain your personal information for as long as we provide our Services to the Customer and until the Customer requests us to delete your personal information, or as needed to comply with our legal obligations, resolve disputes or enforce our legal rights. We may keep your personal information in our encrypted and archived backups for up to 90 days from the point of collection.

(b) Visitors

We will retain your personal information for as long as is necessary to provide our Services to you, or to comply with our legal obligations, resolve disputes, and enforce our legal rights.

10. How do you make a complaint?

(a) Contacting our Privacy Officer

Please contact our Privacy Officer if you have any complaints about our compliance with this Privacy Policy or relevant privacy laws. We will treat your complaint seriously, and will investigate any alleged breach, including how it occurred, and how best to prevent future breaches (if relevant). You can contact our Privacy Officer at privacy@lumii.com.

(b) European Union complaints

If you live in the European Union and have any complaints regarding our compliance with our Privacy Policy, please contact our Privacy Officer at privacy@lumii.com. However, if you are dissatisfied with our handling of your complaint, please contact the relevant EU Data Protection Authority in your country or the UK Information Commissioner (at:

UK Information Commissioner

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
Phone: +44 0303 123 1113
Fax: ++44 01625 524 510
We will cooperate with the UK Information Commissioner or the Data Protection Authority in your country regarding the investigation and resolution of your complaint, and any specific actions they require for us to comply with our Privacy Policy or applicable law.

(c) Australian Privacy Act complaints

If you live in Australia and have any complaints regarding our compliance with the Australian Privacy Act, please contact our Privacy Officer at privacy@lumii.com. However, if you are dissatisfied with our handling of your complaint, you may raise your complaint with the Office of the Australian Information Commissioner by contacting them at: https://www.oaic.gov.au/about-us/contact-us.

11. Additional information.

(a) Sensitive Personal Data

If you send or disclose any sensitive personal information (e.g. information related to racial or ethnic origin, sex life or physical or mental health condition) to us when using the Services, you consent to our processing and use of such sensitive personal data as necessary to provide the Services. If you do not consent to our processing and use of such sensitive personal information, you must not submit sensitive personal information to our Services. You may subsequently modify or withdraw your consent to processing of sensitive personal data in accordance with applicable laws in certain jurisdictions and according to Section 8 of this Privacy Policy.

If you do not want your Company to send us sensitive personal information about you, you must make such request directly to your Company.

(b) Cookies and tracking technologies

We and our marketing partners, affiliates, or analytics or service providers, use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the Website, track users’ movements around the Website, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis. This use does not apply to Respondents or Individual Feedback Users.

We use cookies to remember users’ settings and preferences, and for session management. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Services, but your ability to use some features or areas of our Services may be limited.

We use Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our Websites or to display advertising based upon your web browsing activity also use Flash cookies and HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5. To manage Flash cookies, please click here. This use does not apply to Respondents or Individual Feedback Users.

We partner with a third party to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this website and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out. Click here for more information. If you are located in the European Union, click here for more information. Please note this does not opt you out of being served all ads. You will continue to receive generic ads. This use does not apply to Respondents or Individual Feedback Users.

Please see our Cookie Policy  for more information on what cookies and tracking technologies we use in our Services.

(c) Social media widgets

Our Websites may include social media features or widgets, such as the Facebook Like or Share buttons. Use of these features may collect your IP address, detect which page you are visiting on our Websites, and set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policy of the third party providing these features.

(d) Links to other websites

Our Websites may include links to other websites (for example, our Slack channel for people geeks). The privacy practices of those other websites may differ from Lumii’s privacy practices. If you submit personal information to any of those websites, your personal information is governed by their privacy policy. We encourage you to carefully read the privacy policy of any website you visit.

(e) Testimonials

We display Customer or user testimonials and other endorsements on our Websites. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial or any other endorsement, please contact us at privacy@lumii.com.

(f) Blog and forums

Our Websites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To remove your personal information from our blog or community forum, please contact us at privacy@lumii.com. In some cases, we may not be able to remove your personal information, and in such cases, we notify you and explain why we are unable to fulfill your request.

(g) Lumii Mobile Application

You can stop all collection of information by the Lumii Mobile Application by uninstalling it. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.

12. Lumii contact details.

If you have any questions, concerns or complaints about our Privacy Policy or our data collection or data processing practices, or if you want to report any data privacy concerns or data security issues, please contact us at the address below, where we will assist or refer your question, concern or complaint to the appropriate party.

Lumii

Email: privacy@lumii.com
Attention: Legal Department – Ground Level, 5, 100 Railway Road, Daglish, WA, Australia