Privacy Policy

Effective Date

02/09/2025

Who We Are

We are Axium Lumina, a consulting and managed services provider registered in England & Wales. We act as a “Data Controller” for the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

If you have any questions about this policy or your rights, please contact us at:

Information We Collect

We may collect and process the following types of personal data:

  • Identity and contact information: name, email address, phone number, company name, job title.
  • Billing and payment information: payment method details (processed securely by third-party providers).
  • Service-related information: details of your business, communications with us, and records of the services we provide.
  • Technical data: IP address, device information, and usage data if you use our online systems.
  • Employee information: right to work, internal company communications, performance evaluations.

How We Use Your Information

  • Provide and manage our consulting and managed services.
  • Process payments and invoices.
  • Communicate with you regarding our services.
  • Meet legal, regulatory, and compliance obligations.
  • Improve our services and customer experience.
  • Managing our team.

Lawful Basis for Processing

  • Contract – where processing is necessary for providing our services or being hired as an employee.
  • Legal obligation – where required by law (e.g., accounting or tax records).
  • Legitimate interests – for business operations such as improving services.
  • Consent – where you have given clear consent (e.g., for marketing communications).

Sharing Your Information

We will never sell your personal data. However, we may share it with trusted third parties for business purposes, including:

  • Zoho UK – for customer relationship management, email, and productivity services (Privacy Policy).
  • GoCardless – for secure payment processing (Privacy Center).
  • Stripe – for secure payment processing (Privacy Policy).
  • GitHub Pages – for static website hosting (GitHub Privacy Statement, Pages Data Collection Information).
  • Cloudflare – for website performance, security, and content delivery (Privacy Policy).
  • Google Workspace – for identity and access management (Privacy Policy).
  • Professional advisors – such as accountants or legal counsel.
  • Regulatory and government bodies – if required to comply with applicable law.

All third parties are required to protect your data in line with UK GDPR.

International Transfers

Some of our service providers (including Zoho, Cloudflare and Google Workspace) may transfer data outside the UK/EEA. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your information.

Data Retention

We will keep your personal data only as long as necessary for the purposes outlined in this policy, including satisfying legal, accounting, or reporting requirements.

Your Rights

Under UK GDPR, you have the following rights:

  • Right to access the personal data we hold about you.
  • Right to request correction of inaccurate or incomplete data.
  • Right to request deletion of your data where it is no longer needed.
  • Right to object to processing based on legitimate interests.
  • Right to withdraw consent (where processing is based on consent).
  • Right to data portability.

To exercise these rights, please contact us at the above listed address.

Security of Your Data

We use appropriate technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access.

Complaints

If you have concerns about our use of your personal data, please contact us first. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website, with the date of revision clearly shown.