Information We Collect

When you use our platform, we collect different types of information depending on how you're engaging with us. Some of this you give us directly, and some we gather automatically.

Information You Provide

• Account details like your name, email address, and phone number when you register
• Business information including company name, ABN, and funding goals if you're raising capital
• Financial details such as bank account information for processing transactions
• Communication preferences and how you'd like us to contact you
• Documents you upload, including pitch decks, financial statements, and verification materials
• Messages you send through our platform to other users or our support team

Information We Collect Automatically

Like most online services, our systems log certain information when you use the platform. This includes your IP address, browser type, device information, and how you navigate through our site. We use cookies and similar technologies to make the platform work properly and to understand how people use it.

We also track things like which pages you visit, how long you spend on them, and what actions you take. This helps us figure out what's working and what needs improvement.

How We Use Your Information

We're not in the business of collecting data for its own sake. Everything we gather serves a specific purpose related to running the platform and helping startups connect with funding opportunities.

Sharing Your Information

Running a fundraising platform means some of your information needs to be shared with others. But we're selective about who sees what.

With Other Users

If you're raising funds, certain details about your startup become visible to potential investors browsing the platform. This includes your company name, funding goals, and whatever information you choose to include in your profile and pitch materials. That's kind of the point — connecting startups with capital.

Service Providers

We work with other companies that help us run the platform. Payment processors handle transactions, cloud hosting providers store data, email services deliver notifications, and analytics tools help us understand usage patterns. These providers only access the information they need to do their specific job, and they're contractually required to protect it.

Legal Requirements

Sometimes we're legally obligated to share information with government agencies, law enforcement, or courts. This happens when we receive valid legal demands, need to comply with Australian financial regulations, or have to respond to legitimate requests related to investigations.

Business Transfers

If lumarithen is acquired by another company or merges with one, your information would be part of that transaction. You'd be notified if this happens, and the new owner would still be bound by the commitments in this policy.

Your Rights and Choices

Australian privacy law gives you specific rights over your personal information. Here's what you can do and how to do it.

To exercise any of these rights, contact us at support@lumarithen.com or send a written request to 36 Huyer St, Gungahlin ACT 2912, Australia. We'll respond within 30 days and verify your identity before processing requests that involve accessing or changing your data.

Data Security

We take security seriously because we're dealing with sensitive business and financial information. Our approach combines technical safeguards, operational procedures, and ongoing monitoring.

Technical Measures

All data transmission to and from our platform uses TLS encryption. Your password is hashed using industry-standard algorithms, and we never store it in plain text. Our databases are encrypted at rest, and access is restricted to authorized personnel who need it for their work.

We use firewalls, intrusion detection systems, and regular security scanning to protect against unauthorized access. Our infrastructure is hosted with reputable providers that maintain SOC 2 compliance.

Operational Security

Access to personal information is limited based on role and necessity. Staff members undergo background checks and receive regular security training. We maintain audit logs of who accesses what data and when.

Despite these precautions, no online system is completely impervious to attacks. If a data breach occurs that affects your information, we'll notify you and the relevant authorities as required by Australian law.

Data Retention

We don't keep your information indefinitely. Different types of data have different retention periods based on why we collected it and our legal obligations.

Active Accounts

While your account is active, we maintain your information to provide the service. You can update or delete much of this through your account settings at any time.

Closed Accounts

When you close your account, we begin a deletion process. Some information is removed immediately, while other data is retained for specific periods to comply with financial regulations or resolve disputes.

Legal Requirements

Australian law requires us to keep certain financial records for seven years. Transaction data, identity verification documents, and related business records fall into this category. We can't delete this information earlier even if you request it, but we limit access and use to what's legally necessary.

Backup Systems

Our backup systems retain data for 90 days to protect against data loss. Information deleted from our primary systems may persist in backups during this window before being permanently removed.

International Data Transfers

Our primary operations and data storage are in Australia, but the internet doesn't respect borders. Some of our service providers operate globally, which means your information might be processed or stored outside Australia.

When we transfer data internationally, we ensure adequate protections are in place. This might include Standard Contractual Clauses, Privacy Shield frameworks where applicable, or other mechanisms approved under Australian privacy law.

Countries have different privacy standards. We only work with providers in jurisdictions that offer reasonable protections or agree to contractual terms that maintain Australian privacy standards.

Cookies and Tracking

Like most websites, we use cookies and similar technologies. These are small files stored on your device that help the platform function and let us analyze usage.

Essential Cookies

Some cookies are necessary for the platform to work. These handle things like keeping you logged in, remembering your preferences, and maintaining security. You can't opt out of these without breaking core functionality.

Analytics Cookies

We use analytics tools to understand how people use the platform. This includes which features are popular, where people encounter problems, and what kinds of content are most engaging. This data is aggregated and doesn't identify individuals.

Managing Cookies

Your browser settings let you control cookies. You can block them entirely, delete existing ones, or set preferences about which types you'll accept. Keep in mind that blocking essential cookies will prevent you from using certain platform features.

Children's Privacy

Our platform isn't designed for children and we don't knowingly collect information from anyone under 18. Fundraising and investment activities require legal capacity, which minors don't have in Australia.

If we discover we've inadvertently collected information from someone under 18, we'll delete it promptly. If you believe we have information about a child, contact us immediately at support@lumarithen.com.

Changes to This Policy

We update this policy occasionally to reflect changes in how we operate, new legal requirements, or improved practices. When we make significant changes, we'll notify you through email or a prominent notice on the platform.

The "Last Updated" date at the top tells you when the most recent version was published. Continuing to use the platform after changes take effect means you accept the updated policy.

For major changes that affect your rights or how we use your information, we might ask for your explicit consent before the changes apply to you.

Australian Privacy Principles

We comply with the thirteen Australian Privacy Principles set out in the Privacy Act 1988. These principles govern how we collect, use, store, and disclose personal information, and they give you rights over your data.

If you believe we've breached the Australian Privacy Principles or handled your information inappropriately, you can lodge a complaint with us first. We'll investigate and respond within 30 days. If you're not satisfied with our response, you can escalate the matter to the Office of the Australian Information Commissioner.