Privacy Policy

What information do we collect?

We collect information from you when you place an order, fill out a form, or use our software and services.

When ordering or registering on our site, as appropriate, you may be asked to enter your: name or e-mail address. You may, however, visit our site anonymously.

When using our software and services, the data you capture with the software is transmitted to our fotoShare Cloud service to provide with the ability to share photos and provide you with answers to your surveys, and other reporting capbabilities.

What do we use your information for?

Any of the information we collect from you may be used in one of the following ways:

To process transactions
Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.

To improve our applications, website, and services
We continually strive to improve our website offerings based on the information and feedback we receive from you.

To improve customer service
Your information helps us to more effectively respond to your customer service requests and support needs.

To send periodic emails
The email address you provide for order processing, will only be used to send you information and updates pertaining to your order.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.

Our network and servers are housed in a secure facility monitored around the clock by dedicated security staff.

No unauthorised access to Data Processing Facilities, e.g.: magnetic or chip cards, keys, electronic door openers, facility security services and/or entrance security staff, alarm systems, video/CCTV Systems.

No unauthorised use of the Data Processing and Data Storage Systems, e.g.: (secure) passwords, automatic blocking/locking mechanisms, two-factor authentication, encryption of data carriers/storage media.

All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

Applications developed in-house are subject to strict quality testing and security review.

Our card-processing system adheres to the PCI Data Security Standard (PCI-DSS).

After a transaction, your private information (credit cards, social security numbers, financials, etc.) are not be stored on our servers.

Access to secure services and data is strictly logged, and audit logs are reviewed regularly.

Lumasoft will continually evaluate the security of its network and associated services to determine whether additional or different security measures are required to respond to new security risks or findings generated by periodic reviews.

Do we use cookies?

Yes (Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

We use cookies to help us remember and process the items in your shopping cart, understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

What's the legal basis for processing information?

In using our software and services, you enter into a contract with us according to the terms of our EULA. We process your data to fulfill our contractual obligations.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

What long is my data retained for?

Data you give us is stored for as long as needed to provide you with our services. If you wish to stop using our services, you may contact us and ask for your data to be deleted.

What are my rights?

If you reside in Europe, you have the right under circumstances:

to be provided with access to your personal data held by us;

to request the rectification or erasure of your personal data held by us;

to request that we cease processing your data;

to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);

to object to profiling activities based on our own legitimate interests;

to object to solely automated processing; and

to request that your data be transferred to a third party (data portability).

You can make requests by writing to our support team using the contact information listed below.

European Data Privacy Framework Policy Compliance

European Union (EU) data protection law regulates the transfer of EU customer personal data to countries outside the European Economic Area (EEA).

Lumasoft participates in the EU-U.S. DPF the Data Privacy Framework List. with the requirements of the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce (collectively, the “DPF”). Lumasoft has certified to the U.S. Department of Commerce that it adheres to the DPF Principles with respect to personal information (as described below) that is transferred from the European Union and its Member States, the European Economic Area, the United Kingdom (and Gibraltar), and/or Switzerland to the United States. If there is any conflict between the terms in this DPF Policy or another applicable privacy policy and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework and to view Lumasoft's certification, please visit

Lumasoft is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Lumasoft is responsible for the processing of personal data it receives, under the DPF, and subsequently transfers to a third party acting as an agent on its behalf. Lumasoft complies with the DPF Principles for all onward transfers of personal data from the EU, the EEA, the UK, and Switzerland, including the onward transfer liability provisions.

Individuals whose personal information is covered by this DPF Policy have the right to access the personal information that Lumasoft maintains about them as specified in the DPF Principles. Individuals may contact us to correct, amend or delete such personal information if it is inaccurate or has been processed in violation of the DPF Principles (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to the individual’s privacy, or where the rights of persons other than the individual would be violated). Individuals may also have the right to limit the use and disclosure of their personal information (opt out) under certain circumstances, such as marketing. Requests to access, correct, amend, delete, or limit the use and disclosure of personal information (opt out) may be submitted using our request form.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Lumasoft commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the European Union, the United Kingdom, and/or Switzerland. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit for more information or to file a complaint. The services of JAMS are provided at no cost to you. You have the right to invoke binding arbitration by delivering notice to us and following the procedures and subject to conditions set forth in Annex I of Principles.

California Online Privacy Protection Act Compliance

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.

Childrens Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.

Terms and Conditions

Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our website at

Your Consent

By using our site, software, or services, you consent to our privacy policy. You have the right to withdraw consent at anytime by stopping the use of our software and services.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page. This policy is effective January 1st, 2020.

Contact Us

If there are any questions regarding this privacy policy you may contact us using the information below:

293 State Route 18 #123
East Brunswick, NJ 08816
United States of America