Privacy Policy — Business Customers

1. Introduction

Lumera Studio Lab ("we", "us") is committed to protecting your personal data. This policy explains what we collect, why, and your rights as a business customer using our booking platform.

2. Data Controller

The data controller for your business account data is Lumera Studio Lab.

[Insert your registered company name, address and contact email here]

3. What Data We Collect

• Account details: owner name, email, phone
• Business information: salon name, address, services, working hours
• Payment information (processed directly by Stripe — we do not store card numbers)
• Usage analytics: which features you use, login frequency

4. Legal Basis for Processing

We process your data based on contract performance (GDPR Art. 6(1)(b)) — the data is necessary to provide you with the booking platform service. For aggregated analytics we rely on legitimate interest (Art. 6(1)(f)).

5. Data Retention

Active accounts: data is retained for the duration of service plus 7 years to comply with tax and accounting obligations. Deleted accounts: data is permanently erased 30 days after confirmed deletion request.

6. Your Rights

• Access — download all your data from the Privacy settings page
• Rectification — edit your information in the dashboard at any time
• Erasure — delete your account from Privacy settings (30-day grace period)
• Portability — export your data as JSON
• Object — cancel your service at any time

7. Sub-Processors

All sub-processors operate under Standard Contractual Clauses (SCCs) and/or the EU-U.S. Data Privacy Framework. We maintain signed DPAs with each.

8. Contact

For data-related questions contact our privacy team.

[Insert your privacy contact email, e.g. [email protected]]