Contact Us

LRX Privacy Policy

Effective Date: May 27, 2025

  1. Introduction

Welcome to the LRX mobile application (the “App”), provided by Lumi Enterprises Corp. (“Lumi,” “we,” “us,” or “our”). We specialize in track and trace solutions for warehouses and 3PL logistics, applying our Lumi tags to products to monitor their journey. This App allows you, the consumer (“user,” “you,” or “your”), to tap a Lumi tag using your mobile device, view the journey the product took, and help verify its authenticity.

This Privacy Policy describes how Lumi Enterprises Corp. collects, uses, shares, and protects your personal information when you use the LRX App. It also explains your rights and choices regarding your information. Your privacy is critically important to us, and we are committed to protecting your personal data and being transparent about our practices, especially in our use of Artificial Intelligence (AI) and any future handling of sensitive information like health data.

This policy is written in consideration of applicable U.S. privacy laws and principles highlighted in recent AI and healthcare regulatory research.

  1. Information We Collect

We collect several types of information to provide and improve our App and services:

  • a. Personal Information You Provide:
  • Account Information: When you create an account on the LRX App, we collect your:
  • Name
  • Email address
  • Phone number
  • Username
  • Password
  • Avatar Image: You may voluntarily upload an avatar image to your profile from your device’s files or gallery.
  • Communications: When you contact us through the in-app contact form (support@lumirx.com) or otherwise communicate with us, we collect the information you provide in those communications.
  • b. Information Collected When You Use the App:
  • Product Scan Information: When you tap a Lumi tag with your NFC-enabled device, the App reads a unique NFC ID from the tag. This ID is linked to product information and its journey data stored in our backend systems. The tag itself does not store your personal data, but if the App is not installed, the tag may contain a URL to direct you to an instant app or app clip.
  • Product Journey Information Displayed: Through the App, you will see information about the product’s journey, which may include cities, states, and timestamps. This information is high-level and not intended to reveal sensitive logistics details or personal information about individuals involved in the supply chain.
  • Location Information: We will only collect your precise geo-location data with your explicit, in-app consent and only when it is required for specific events or features to enhance your experience (e.g., for location-based product events). You can manage location permissions through your device settings.
  • Device and Usage Information: We automatically collect certain information about your device and how you interact with our App to improve user experience, for analytics, and to ensure our App is functioning correctly. This information includes:
  • Device type and operating system version
  • IP address
  • Device identifiers (such as Apple IDFA or Android Advertising ID, where applicable and permitted by your device settings)
  • App version
  • Usage patterns (e.g., features used, screens viewed, interaction with product information)
  • Crash logs and performance data. We strive to anonymize this data where possible for analytics purposes.
  • c. Information from Third-Party Services:
  • We use third-party services for analytics and functionality:
  • Google Analytics for Firebase: To help us understand how the App is being used, improve user experience, and analyze performance. Google’s privacy policy can be found here: [Insert Link to Google Privacy Policy]
  • Firebase Crashlytics: To identify and diagnose crashes and errors in the App to improve stability. Its practices are covered under Google’s privacy policy.
  • OneSignal: To send you push notifications (see Section 8h for more details on push notification controls). OneSignal’s privacy policy can be found here: [Insert Link to OneSignal Privacy Policy]
  • d. Future Collection of Health Information (With Your Explicit Consent Only):
  • We are planning future features that may allow you to synchronize health information from your device’s health applications (e.g., Apple Health, Samsung Health, Android Health Connect) with the LRX App.
  • This health information will only be collected with your explicit, specific, and informed opt-in consent on a feature-by-feature basis.
  • The categories of health information and the specific purposes for its use, particularly in conjunction with our AI features, will be clearly explained to you at the time of seeking your consent.
  • You will have control over this data sharing and can revoke your consent at any time. The handling of this sensitive data will be subject to heightened security measures and privacy protections, in line with principles for “high-impact AI” and sensitive data management.
  1. How We Use Your Information

We use your information for the following purposes:

  • a. Primary Purposes:
  • To create and manage your LRX App account.
  • To allow you to scan Lumi tags and verify product authenticity.
  • To display the journey of the product associated with the scanned Lumi tag.
  • To provide customer support and respond to your inquiries.
  • To send you service-related communications and notifications (e.g., security updates, changes to terms or this policy) via OneSignal or email.
  • To maintain and improve the functionality, security, and performance of our App, including using device and usage information for troubleshooting and analytics.
  • b. Secondary Purposes (With Your Control Where Applicable):
  • Marketing and Promotional Communications: To send you emails or push notifications about new App features, services, special offers, or news from Lumi Enterprises Corp. or our sellers/brands. We will only send you marketing emails with your explicit opt-in consent. You can opt-out of marketing emails at any time by clicking the “unsubscribe” link in the emails. For marketing push notifications, see Section 8h.
  • Personalizing Your App Experience: To tailor the content and features you see within the App based on your interactions and preferences. Our AI systems may be used for this purpose (see Section 4).
  • Aggregated and Anonymized Data: To create aggregated and anonymized datasets for internal analytics, business intelligence, industry insights, and reports. This data does not personally identify you. These aggregated and anonymized insights may be shared within our internal “data lake” and with the sellers/brands who use our platform to understand product journey trends and authenticity patterns. We will never sell your personally identifiable information.
  1. Artificial Intelligence (AI) and Automated Processing

Lumi Enterprises Corp. utilizes AI and Machine Learning (ML) technologies in its backend systems, which interact with the LRX App, to enhance our services and your experience. We are committed to transparency and responsible AI practices, guided by principles outlined in emerging AI regulations and research.

  • a. Current AI Uses:
  • Analyzing Product Journey Data: To identify patterns and insights related to product movements and supply chain integrity.
  • Detecting Anomalies for Authentication: To help verify product authenticity by detecting unusual patterns or deviations in a product’s journey or tag interactions.
  • Personalizing User Experience: To provide more relevant information and features to you within the App based on your usage and product interactions.
  • Product Authentication and Validation Reporting: To generate reports for end-users and sellers regarding product authenticity and to help ensure products are not compromised. These reports provided to sellers contain aggregated and anonymized data.
  • b. Future AI Uses (Including Health Information with Explicit Consent):
  • Natural Language Processing (NLP) Model: We plan to integrate an NLP model directly into the LRX App, allowing you to interact with an AI assistant to ask questions about products.
  • AI for Health Insights: If you provide explicit consent to synchronize health information from your device, our AI models may be used to provide you with insights or information related to that health data in conjunction with product information or other App features. This will be subject to very specific consent and transparency at the time of feature launch.
  • Transparency & Disclosure for Future AI: For these future AI features, especially those involving generative AI communications or health information, we will provide clear disclosures at the point of interaction, indicating that you are interacting with AI and how your data (including health data, if consented) is being used.
  • Disclaimer for AI Health Insights: Any health-related insights or outputs generated by our AI systems are for informational purposes only and do not constitute medical advice. You should always consult a qualified healthcare provider for any medical decisions, diagnosis, treatment, or concerns.
  • c. Our Commitments for AI:
  • Transparency: We aim to be transparent about our use of AI. This policy is a key part of that. For specific AI interactions, especially those involving health data or generative AI communications, we will provide further context and disclosures within the App.
  • Data Minimization: We will only use the personal data necessary for the specific AI purpose.
  • Fairness and Bias Mitigation: We are committed to making reasonable efforts to identify and mitigate potential biases in our AI systems and the data used to train them, particularly for any future AI applications involving health data, to avoid discriminatory outcomes.
  • Human Oversight: We will implement human oversight where appropriate, especially for AI applications that could have a significant impact on users, consistent with emerging risk management principles for “high-impact AI”. While our current AI does not make critical “adverse decisions” about users in a legal sense, we believe in providing avenues for users to ask questions and seek clarification.
  • Security: AI models and the data they process will be subject to our robust security measures.
  1. Data Sharing and Disclosure

We do not sell your personally identifiable information. We may share your information in the following circumstances:

  • a. Third-Party Service Providers: We share information with third-party vendors and service providers who perform services on our behalf, such as:
  • Cloud hosting providers (e.g., AWS, Google Cloud, Azure – Lumi to specify actual providers if desired)
  • Analytics providers (Google Analytics for Firebase)
  • Crash reporting services (Firebase Crashlytics)
  • Notification services (OneSignal)
  • Customer support platform providers
  • Email service providers (for marketing and service emails, with your consent where applicable) These providers are contractually obligated to protect your information and use it only for the services we request. All third-party vendors who process personal information on our behalf are required to sign legally binding data processing agreements (DPAs) that comply with applicable privacy and security laws.
  • b. Sellers/Brands: We share only aggregated and anonymized data with the sellers/brands whose products are tracked using Lumi tags. This data is shared via our internal “data lake” and in reports to help them understand product journey trends, authenticity patterns, and ensure their products are not compromised. Your individually identifiable personal information is never shared with sellers for their independent use without your explicit consent.
  • c. WMS/ERP Systems: As described, product information is pulled from seller WMS/ERP systems to display in the App. We do not push consumer PII from the App back into these enterprise systems.
  • d. Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:
  • Comply with a legal obligation or a valid legal process (e.g., a subpoena, court order, or government request).
  • Protect and defend the rights or property of Lumi Enterprises Corp.
  • Prevent or investigate possible wrongdoing in connection with the App.
  • Protect the personal safety of users of the App or the public.
  • e. Business Transfers: In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal information may be sold or transferred as part of such a transaction. We will notify you via email and/or a prominent notice within the App of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
  • f. With Your Consent: We may share your information with other third parties with your explicit consent.
  1. Data Security

We implement a range of technical and organizational security measures designed to protect the personal information we collect and process against unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Encryption of data in transit and at rest.
  • Access controls to limit access to personal information to authorized personnel.
  • Data minimization practices.
  • Secure software development practices.
  • Regular security assessments and monitoring.
  • Anonymization and pseudonymization techniques where appropriate.

However, no internet or email transmission is ever fully secure or error-free. While we strive to protect your personal information, we cannot guarantee its absolute security.

  1. Data Retention

We retain your personal data as follows:

  • Your account information (name, email, phone number, username, password, avatar) will be kept for as long as your LRX App account is active.
  • If you request to delete your account, your personal account information will be retained for up to 90 days for security and operational purposes before being fully deleted from our active systems.
  • Product authentication and journey data that you generated by scanning tags, even if your account is deleted, will be retained in a de-identified or anonymized form for longer periods (e.g., upwards of 6 to 9 years or as otherwise required) to meet legal, regulatory, and compliance obligations, such as those related to product traceability and industry standards (e.g., DSCSA, EPCIS compliance requirements). This compliance data will no longer be personally identifiable to you once your account deletion is fully processed.
  • We will also retain usage data and anonymized information for analytics and service improvement for as long as necessary for those purposes.
  1. Your Privacy Rights and Choices

You have certain rights and choices regarding your personal information:

  • a. Access, Correction, and Update: You can access, review, and update most of your account information directly through the account settings in the LRX App. For any information you cannot update yourself, or for other access requests, please contact us via the in-app contact form or at support@lumirx.com. We will require a verification process before granting access or making changes.
  • b. Deletion of Your Account: You can request to delete your LRX App account directly through your profile’s account settings. As noted in Section 7 (Data Retention), your personal account information will be deleted after a 90-day period, while certain de-identified product journey/authentication data will be retained for legal compliance.
  • c. Opt-Out of Marketing Emails: You can opt-out of receiving marketing emails from us by clicking the “unsubscribe” link provided in every marketing email.
  • d. Data Portability: You can request a copy of the account information we hold that is associated with your user ID by contacting support@lumirx.com. After a verification process, we will provide this information in a structured, commonly used, and machine-readable format where feasible.
  • e. Location Information: You can control the App’s access to your location information through your mobile device’s settings.
  • f. Choices Regarding AI and Personalization: While some personalization and AI-driven features are integral to the App experience, we will provide specific choices where appropriate, especially for features using sensitive data like health information (which will always require your opt-in consent). For questions or concerns about AI usage, please contact us.
  • g. California, Virginia, and Other States Privacy Rights: If you are a resident of California, Virginia, Colorado, Connecticut, or other U.S. states with consumer privacy laws, you may have additional rights regarding your personal information, including:
  • The right to know what personal information we collect, use, disclose, and sell or share (if applicable).
  • The right to request deletion or correction of your personal information, subject to certain exceptions.
  • The right to opt-out of the sale or sharing of your personal information (if applicable). For purposes of the California Consumer Privacy Act (as amended by CPRA), we do not “sell” or “share” your personal information as those terms are defined under applicable law. We do not share your data for cross-context behavioral advertising or for any third-party marketing purposes without your explicit consent.
  • The right to limit the use and disclosure of sensitive personal information (if applicable).
  • The right not to receive discriminatory treatment for exercising your privacy rights.

To exercise these rights, or to designate an authorized agent to make a request on your behalf, please contact us at support@lumirx.com or use the relevant settings within the LRX App if available. We will respond to your request consistent with applicable law and after verifying your identity.

  • h. Push Notifications: Marketing and service-related push notifications will only be sent with your explicit opt-in consent, typically requested when you first install the App or through App settings. You can manage or disable all push notifications, including marketing and service-related ones, at any time via your mobile device’s operating system notification settings for the LRX App.
  1. Children’s Privacy and COPPA Compliance

Lumi Enterprises Corp. is committed to protecting the privacy of children. This section explains our practices with respect to personal information collected from children under the age of 13 (“Child” or “Children”) through the LRX App, in compliance with the Children’s Online Privacy Protection Act (COPPA).

  • a. Use by Children and Parental Accounts: We intend for the LRX App to be usable by Children, provided that a parent or legal guardian (“Parent”) creates and manages an account for the Child or links the Child’s account to their own Parental Account. The App will include age verification mechanisms during the registration process.
  • b. Verifiable Parental Consent (VPC):
  • Before collecting, using, or disclosing personal information from a Child, we will provide direct notice to the Parent explaining our information practices and obtain verifiable parental consent.
  • The methods for obtaining VPC will be consistent with those approved by the Federal Trade Commission (FTC) under COPPA. Examples of verifiable parental consent (VPC) methods we may use include verifying a small credit card transaction, requiring a signed consent form to be returned to us, or conducting a brief video call with a trained representative, in accordance with FTC guidance. We will clearly describe the specific VPC method(s) in our direct notice to Parents.
  • The notice to Parents will describe what information we collect from Children, how we use it, and our disclosure practices.
  • c. Information We Collect from Children:
  • With verifiable parental consent, we may collect the following personal information from Children:
  • Username (we encourage pseudonymous usernames).
  • Password.
  • Avatar image (if uploaded by the Child with parental permission through the Parental Account).
  • Information related to their interaction with the App, such as product scan history and usage patterns within the App (similar to adult users, but managed under the Parental Account).
  • We will not condition a Child’s participation in an activity on the Child disclosing more personal information than is reasonably necessary to participate in that activity.
  • d. How We Use Children’s Information:
  • The information collected from Children is used to:
  • Operate and provide the features of the LRX App to the Child.
  • Allow the Child to scan Lumi tags and view product journeys.
  • Personalize the Child’s experience within the App, under parental supervision.
  • For internal analytics to improve the App (data will be anonymized or aggregated where possible).
  • e. Disclosure of Children’s Information:
  • We will not share a Child’s personally identifiable information with third parties except:
  • With our third-party service providers who assist us in operating the App (as described in Section 5a), who are contractually bound to protect the information and use it only for the services we request, and who adhere to COPPA requirements.
  • If required by law or legal process.
  • In the event of a business transfer (as described in Section 5e), with notice to Parents.
  • With the express consent of the Parent.
  • We do not allow third-party advertising networks to collect information from Children through our App for targeted advertising purposes.
  • f. Parental Rights and Controls:
  • Parents have the right to:
  • Review the personal information we have collected from their Child.
  • Request the deletion of their Child’s personal information.
  • Revoke their consent to our further collection, use, or disclosure of their Child’s personal information at any time.
  • Consent to the collection and use of their Child’s information but prohibit disclosure to third parties (unless such disclosure is integral to the service, which will be made clear at the time of consent).
  • Parents can exercise these rights by contacting us at support@lumirx.com or through the Parental Account management features within the LRX App. We will require verification of parental identity before processing such requests.
  • g. Data Security for Children’s Information: We implement reasonable security measures to protect the confidentiality, security, and integrity of personal information collected from Children.

If you are a Parent and have questions or concerns about our Children’s Privacy practices, please contact us at support@lumirx.com.

  1. International Data Transfers

The LRX App is currently intended for use only within the United States and its territories. All personal data collected through the App is stored and processed on servers located in the United States. If we expand our operations to other countries in the future, we will update this Privacy Policy to reflect any changes in data transfer practices and ensure compliance with applicable international data protection laws.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by posting the new policy within the App, by sending you an email, or through other appropriate communication channels. We encourage you to review this Privacy Policy periodically for any updates. We will always maintain a history of policy updates. Your continued use of the App after any changes constitutes your acceptance of the new Privacy Policy, where permitted by law.

  • a. App Store Privacy Disclosures: We also ensure that our data collection, sharing, and usage practices are accurately reflected in our disclosures for app marketplaces, such as Apple’s App Store Privacy Labels and Google Play’s Data Safety section. These disclosures provide a summary of how we handle data categories like location, analytics, and personal information for personalized content.
  1. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy or our data practices, or if you wish to exercise your privacy rights, please contact us at:

Lumi Enterprises Corp. 960 W. 7th St #4901 Los Angeles, CA 90015 Email: support@lumirx.com

You can also use the contact form available within the LRX App.

LUMIRX

LumiRx is here to bring a new level of trust.

Proud Partner with

MENU

SUPPORT

Email: info@thatislumi.com

Phone: (754) 444 8885

WORKING HOURS

Mon – Fri: 8am – 5pm
Sat – Sun: 12pm – 5pm

FOLLOW

Linkedin-in Instagram

© 2025 All Rights Reserved by LumiRx.