Privacy policy

Privacy Policy for LuMESH Cosmetics
Effective Date: July 15, 2025

This Privacy Policy describes how lumesh.com (the “Site”, “we”, “us”, or “our”) collects, uses, and shares your personal information when you visit, interact with, or make a purchase from our Site. It also explains your rights under data privacy laws, including the General Data Protection Regulation (GDPR) for EU/UK residents and the California Privacy Rights Act (CPRA) for California residents.

Contact Information

Email: LuMESHcosmetics@LuMESH.com
Mailing Address:
LuMESH Cosmetics
1 Maiden Lane, 5th Floor
New York, NY 10018
United States

If you are a resident of the European Economic Area (EEA), UK, or California, and would like to exercise your privacy rights, you may also contact us through the channels above.

Information We Collect

We collect information in the following categories:

Device Information

Automatically collected when you access our Site.
Purpose: Site functionality, performance analytics, and user experience improvements.
Examples:

  • Browser and device type

  • IP address

  • Time zone

  • Pages viewed and actions taken

  • Cookies or pixel tags

Order Information

Collected during checkout.
Purpose: Order processing, payment, shipping, fraud prevention, and communication.
Examples:

  • Name

  • Billing and shipping address

  • Email and phone number

  • Order contents

  • Payment details (processed securely, not stored by LuMESH)

Customer Support Information

Provided when you contact us.
Purpose: To assist you and improve our services.
Examples:

  • Name and email

  • Order number (if applicable)

  • Inquiry details

How We Use Your Information

We use your personal information to:

  • Process transactions and fulfill orders

  • Communicate with you (including order updates and support)

  • Detect fraud and ensure site security

  • Provide personalized experiences and recommendations

  • Conduct analytics and site optimization

  • Send marketing communications (only if you opt in)

Sharing Personal Information

We share your data with trusted third parties to provide and improve our services, including:

  • Shopify (eCommerce platform and web host)

  • Payment processors (e.g., Shopify Payments, PayPal)

  • Shipping carriers (e.g., USPS, FedEx)

  • Email providers (e.g., Shopify Email, Klaviyo)

  • Analytics tools (e.g., Google Analytics, Facebook Pixel)

We do not sell your personal information.

Behavioral Advertising

We may use your data for personalized marketing and ads through platforms like:

  • Facebook / Instagram (Meta Pixel)

  • Google Ads

  • Email remarketing (e.g., Klaviyo)

You can opt out via:

International Residents: GDPR & UK Data Protection

If you are located in the EEA or UK, you have additional rights under the GDPR, including:

  • Access – Request a copy of the personal data we hold about you

  • Correction – Request corrections to inaccurate or incomplete information

  • Deletion – Request deletion of your personal data ("right to be forgotten")

  • Objection – Object to our processing of your data

  • Portability – Request a copy of your data in a machine-readable format

  • Withdraw consent – For marketing or other optional processing

Legal Basis for Processing:
We process your data under the following bases:

  • Performance of a contract (e.g., fulfilling your order)

  • Legal obligations (e.g., tax records)

  • Legitimate interests (e.g., fraud prevention, site optimization)

  • Your consent (e.g., marketing emails)

If you wish to exercise these rights, contact us at LuMESHcosmetics@LuMESH.com. We may ask for verification before fulfilling your request.

California Residents: CPRA Disclosures

Under the California Privacy Rights Act (CPRA), California residents have the right to:

  • Know what personal data we collect, use, and share

  • Access their personal data

  • Delete personal data (with some legal exceptions)

  • Correct inaccurate data

  • Limit the use of sensitive personal information (if applicable)

  • Opt out of “selling” or “sharing” personal data (we do not sell your data)

To submit a verifiable request, contact us at LuMESHcosmetics@LuMESH.com. We will not discriminate against you for exercising your rights.

Data Retention

We retain your information only as long as needed for the purposes stated, unless a longer period is required by law (e.g., tax or fraud prevention). For example, order data is typically retained for 7 years.

Data Transfers

Our Site is hosted in the United States. If you access the Site from outside the U.S., your information may be transferred to and processed in the U.S., where privacy laws may differ from your jurisdiction. We take appropriate safeguards to protect your data in compliance with applicable laws.

Security

We take reasonable precautions to protect your information, including encryption, access controls, and secure payment processing. However, no system is 100% secure.

Updates to This Policy

We may update this Privacy Policy to reflect changes in technology, laws, or business practices. The most recent version will always be posted here with an updated effective date.