Privacy Policy

Effective Date: 4 Dec 2025

Lumira Circle (“Company”, “we”, “our”, “us”) respects your privacy and is committed to protecting your personal data in compliance with Malaysia’s Personal Data Protection Act 2010 (PDPA) and, where applicable, the EU General Data Protection Regulation (GDPR).

By using our website, mobile apps, or services, you agree to the terms of this Privacy Policy.

1. How This Policy Interacts with Our Terms

  • This Policy describes how we process personal data and does not create contractual warranties. For disclaimers, limitations of liability, indemnities, governing law, venue and dispute resolution, please see our Terms & Conditions, which govern any disputes related to the Services and, to the extent permitted by law, to this Policy.

2. What Data We Collect

  • Identity and contact data; account/profile information; payment tokens processed via payment providers; content/UGC; usage and analytics data; marketing preferences; support communications.

3. Purposes & Legal Bases (GDPR)

  • Provide and operate the Services (contract).
  • Payments, fraud prevention, and compliance (legitimate interests; legal obligation).
  • Personalization and analytics (legitimate interests and/or consent where required).
  • Marketing communications (consent where required; opt-out at any time).
  • Compliance and legal claims (legal obligation/legitimate interests).

4. Retention

  • We keep data only as long as necessary for each purpose: e.g., account data while active + 6 years; transaction records per tax law; marketing data until opt-out plus limited backup retention.

5. Sharing & Processors

  • We share personal data with categories of providers such as hosting/CDN, email, analytics, payment, support, and marketing tools. These processors are bound by data processing agreements and may be located worldwide.

6. Coach Relationship & Roles

  • In Program Areas where a Coach determines the purposes and means of processing (e.g., reviewing assignments, direct follow-ups), the Coach is the controller and Lumira acts as processor providing the platform. In operating and improving the Services (e.g., security, payments, analytics, support), Lumira is an independent controller.

7. When Lumira Acts as Processor (DPA-Lite Commitments)

  • Process personal data only on documented instructions from the Coach.
  • Ensure confidentiality and implement appropriate security measures.
  • Engage sub-processors under written agreements with protections equivalent to ours; we remain responsible for them.
  • Assist the Coach with data subject requests and incident notifications, considering the nature of processing and available information.
  • Delete or return personal data at the end of the provision of services, subject to legal retention obligations.

8. International Transfers

  • If we transfer personal data outside Malaysia/EU, we use appropriate safeguards (e.g., Standard Contractual Clauses) and assess local laws where required.

9. Your Rights

  • Rights may include access, correction, deletion, objection/restriction, portability, withdrawal of consent, and the right to lodge a complaint with the PDPA regulator (Malaysia) or an EU authority (if applicable).

10. Verifying Requests

  • We may request information to verify your identity before responding to an access, deletion, portability, or other rights request.

11. Direct Marketing & Consent

  • We obtain consent where required under PDPA/GDPR. You can withdraw consent at any time using unsubscribe links or by contacting hello@lumiracircle.com. We maintain records of consent where applicable.

12. Cookies & Tracking

  • We use cookies and similar technologies. Categories may include strictly necessary, functional, performance, and advertising cookies. Where required, we display a consent banner/manager and provide a Cookie Notice explaining choices.

13. Security

  • We use administrative, technical, and physical measures to protect personal data; however, no method is 100% secure.

14. Security Incidents

  • If we become aware of a personal-data incident impacting you, we will notify you and, where required, regulators without undue delay, consistent with applicable law and our legal obligations.

15. Legal Requests

  • We may access, preserve, or disclose information if we believe it is reasonably necessary to comply with law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of users, Coaches, or the Company.

16. Children

  • The Services are not directed to children under 18. We do not knowingly collect personal data from children. Parents or guardians may request deletion of a child’s data.

17. Automated Decision-Making & Profiling

  • We do not make decisions that produce legal or similarly significant effects solely by automated means. We may use profiling to personalize content or offers; you can adjust preferences in your cookie settings or contact us to opt out where applicable.

18. Changes to this Policy

  • We will post updates with effective dates and provide material-change notices where required.

Your next chapter starts with alignment.

Become a Coach
Visit LinkTree
Join our healing newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Home
become a coach
meet the gurus
join lumira
Contact us
© 2026 Lumira Circle. All Rights Reserved.
Privacy Policy
.
Terms & Conditions
“Peace comes from within. Do not seek it without.”