Lutetium Limited (“We“, “Us“, “Our”), owner of https://www.lutetium-ltd.com (the “Website”), respects Your privacy.

Please read the following to learn more about Our Privacy Policy (the “Policy”). This Privacy Policy describes how We process Your Personal Data.

1.1. If there are any questions regarding this Privacy Policy You may contact Us using the information below:

Lutetium Limited, a private limited company organized and existent under the laws of the Republic of Cyprus, enrolled with the Registrar of Companies with registration number 414997 on 26th October, 2020, with its registered office at Flat/Office 101, Protesilaou 2, 2051 Nicosia, Cyprus.

1.2. Our customers may submit inquiries regarding Personal Data protection, privacy and security matters to legal@lutetium-ltd.com.

2.1. As a general rule, We do not collect any Personal Data, that is, information that identifies You as an individual, other than that which You choose to provide to Us such as the data, including Contact Details, You provide when contacting Us with enquiries relating to Our services or otherwise.

2.2. Nonetheless, the collection of data relies on the circumstances under which You interact with Us and on Your choices.

2.3. However, We may request You to provide Personal Data in order to enable Us to provide You with many of Our services or products, which You are entitled to decline. Should You choose to provide Us with Your Personal Data, these are the categories of data We will collect and that will be processed on Your behalf:

a) When You contact Us via Our Website, We collect Personal Data, such as Your name and email address.

b) Your data will also be collected when We communicate with You, so We may personalize the content of such communications.

2.4. Some information is automatically collected when You visit or use Our Website, such as Your IP address and browser user-agent. We may also install cookies and analytic tools. For more information on cookies, please read Our Cookies Declaration.

2.5. We will inform You about relevant changes concerning the Service, such as the implementation of additional functions, by posting it on this Website and by e-mail.

3.1. We use the data, whether collected by Us or provided by You, to provide You with a personalized experience, improved Website and periodic e-mails. We use such data especially to:

a) Provide Our services and maintain the relationship between You and Us;

b) Improve Our marketing efforts;

c) Personalize Our services;

d) Provide advertisement and marketing experience directly relevant to You, including, without limitations, targeted advertisement and promotional communications;

e) To prevent, detect and fight fraud or other illegal or unauthorized activities.

3.2. In addition to the foregoing, We may also eventually use the data for conducting certain analysis of Our business and researches to make informed business decisions, to meet Our legal obligations, and for other legitimate purposes.

3.3. To carry out the use of information for these purposes, We employ automated as well as manual processing methods.

3.4. If at any time You would like to unsubscribe from receiving future e-mails, You can do so by contacting Us using the e-mail provided in Section 1.

4.1. We will share Your Personal Data in order to complete transactions and provide services and products You may have requested or authorized. This sharing may also be extended, as necessary, to Our affiliates, subsidiaries and to agents or representatives working on Our behalf.

4.2. We will also share Your Personal Data if required by law, to comply with legal process, to protect Our customers, to protect lives, to ensure Our products’ security and to protect Ours and Our customers’ rights.

5.1. Legal bases for processing (under the GDPR provisions). If You are an individual in the European Economic Area (EEA), We collect and process information about You only where We have legal bases for doing so under applicable EU laws. The legal bases depend on the services You use and how You use them. This means We collect and use Your information only where:

a) We need it to provide You the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;

b) It satisfies a legitimate interest, which is not overridden by Your data protection interests, such as for research and development, to market and promote the Services, and to protect Our legal rights and interests;

c) You give Us consent to do so for a specific purpose; or

d) We need to process Your data to comply with legal obligations.

5.2. Children’s Online Privacy Protection Act Compliance. We will not intentionally collect any information from anyone under eighteen (18) years of age. Our Website, products and services are all directed at people who are at least eighteen (18) years old .

6.1. We implement the following technical, physical and organizational measures to maintain the safety of Your Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access and against all other unlawful forms of processing.

6.2. We regularly monitor Our systems for possible vulnerabilities and attacks and review Your information, storage and processing practices to update Our technical, physical and organizational measures.

6.3. In order to ensure that Our systems and Your information are protected the following measures are involved: storage of confidential data such as credentials and credit card details in encrypted form.

6.4. Confidentiality. All personnel are subject to full confidentiality and any subcontractors and sub-processors are required to sign a confidentiality agreement if full confidentiality is not part of the main agreement between the parties.

6.5. Transparency. We will at all times keep You informed about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used. We will also provide summaries of any independent audits of the Service.

6.5.1. Without prejudice to the foregoing, should You be a natural person residing in the State of California, United States of America, You shall, at all times, be covered by the CCPA, which ensures that any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household shall have the same treatment as Personal Information, excluding however publicly available, deidentified, or aggregate consumer information and personal information from job applicants. The CCPA requires Us to disclose additional information regarding the categories of personal information We collect, the sources where We obtain that information, the purposes for collecting that information, who We share that information with, as well as whether We sell that personal information. In this sense, if You are a California resident, other than a job applicant, You have the right to request Us such disclosure, as well as the deletion of Your information.

6.5.2. Should You, a California resident other than a job applicant, choose to exercise Your rights under the CCPA, You may send Us an e-mail, either on Your own behalf or through a duly appointed agent (provided with a notarised power of attorney with special powers), to the designated address hereunder, providing Us enough information to verify Your identity and instructing such exercise. Any information provided in that e-mail shall be solely used to verify Your request. Notwithstanding, We may request further information to complete such verification including, without limitation, Your driver’s license and a recent utility or credit card bill.

6.6. The ability to intervene. We enable Your rights of access, rectification, erasure, blocking and objection by offering You the option to send instructions to the following e-mail address legal@lutetium-ltd.com.

6.6.1. This means that You are allowed to make choices with respect to the data We collect from You and how We may use it, such as controlling the use of Your data for interest-based advertising (by means of “opting out”), choosing which promotional communications and in which manner to receive it, and clearing some of Your collected data.

6.6.2. Without prejudice to the foregoing, in certain circumstances We may restrict Your exercise of rights to control and access Your Personal Data, provided that, when doing so, We shall be complying with a legal requirement or otherwise acting solely to the extent permitted by law.

6.6.3. Also, kindly note that although not all Personal Data that We process may be accessed or controlled directly by You, You may request and instruct Us as provided above.

6.7. Monitoring. We use security reports to monitor access patterns and to proactively identify and mitigate potential threats. Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made.

6.7.1. System performance and availability is monitored from both internal and external monitoring services.

6.8. Cookies and similar technologies. Cookies are small text files placed on Your device to store data that can be recalled by a web server in the domain that placed the cookie. We use cookies and similar technologies for storing and honouring Your preferences and settings, enabling You to sign in, providing interest-based advertising, combating fraud, analysing how Our products perform, and fulfilling other legitimate purposes. Other similar technologies may be used by Us for the purpose of gathering usage and performance data, including trusted third parties’ technologies.

6.8.1. In order to control the data collected by cookies and such similar technologies, You may use the variety of tools provided in Your web-browser of preference, limiting how websites visited by You may use cookies, as well as clearing or blocking cookies, which shall be construed as a withdrawal of Your consent.

6.9. Personal Data breach notification. In the event that Your data is compromised, We will notify You and the competent Supervisory Authority(ies) within seventy-two (72) hours by e-mail with information about the extent of the breach, affected data, any impact on the Service, as well as Our action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.

"Personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed in connection with the provision of the Service.

7.1. We do not sell, trade or otherwise transfer to outside parties any personally identifiable information. 

7.2. This does not include trusted third parties or subcontractors who assist Us in operating Our Website, conducting Our business, or servicing You. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep Your information confidential.

7.3. We may also release Your information when We believe release is appropriate to comply with the law, enforce Our site policies, or protect Our or others’ rights, property, or safety.

7.4. We will monitor subcontractors’ and sub-processors’ maintenance of these standards and audits to ensure that data protection requirements are fulfilled.

7.5. Legally required disclosure. We will not disclose Your data to law enforcement except when instructed by You or where it is required by law. When governments make a lawful demand for customer data from Us, We strive to limit the disclosure. We will only release specific data mandated by the relevant legal demand.

7.6. If compelled to disclose Your data, We will promptly notify You and provide a copy of the demand unless legally prohibited from doing so.

7.7. Disclosure of data to non-EEA countries. We may share Personal Data with third parties based in non-EEA countries other than the United Kingdom or Switzerland. Where Personal Data is transferred from the EU to non-EEA countries, the provisions included in Chapter V of GDPR will be applied, in order to ensure the level of protection of natural persons guaranteed by the GDPR is not undermined. In this case, We ensure that the recipient has an adequate level of data protection according to the adequacy decision by the European Commission for the respective country. In the absence of such adequacy decision, We may transfer Personal Data only if the recipient has provided appropriate safeguards, such as a legally binding and enforceable instrument between public authorities or bodies; a binding corporate rule; or, the compliance with standard data protection clauses approved by the Commission. Where Personal Data is transferred from the EU to non-EEA, We will separately sign an addendum with such third parties, according to the standard data protection clauses approved by the Commission, namely Standard Contractual Clauses for the transfer of Personal Data to processors established in third countries or/and Standard Contractual Clauses for the transfer of Personal Data from the Community to third countries (controller to controller transfers), about such transfer which shall form an integral part of this Agreement.

7.8. Residents of California. If You are a California resident, You can request a notice disclosing the categories of Personal Information about You that We have shared with third parties for their direct marketing purposes during the preceding calendar year.

8.1. Occasionally, at Our discretion, We may include or offer third party products or services on Our Website. These third party sites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, We seek to protect the integrity of Our Website and welcome any feedback about these websites.

9.1. Personal Data location. All data is stored in databases and file repositories hosted in Ireland.

10.1. You may at any time obtain confirmation from Us as to whether or not Personal Data concerning You is being processed.

10.2. You may at any time order a complete data copy, which You may transmit to another controller of the data. Your data will be delivered by Us within thirty [30] working days, and free of any charges.

11.1. Rectification. You may at any time obtain without undue delay rectification of inaccurate Personal Data concerning You as per clause 6.6.

11.2. Restriction of processing Personal Data. You may at any time request Us to restrict the processing of Personal Data when one of the following applies:

a) if You contest the accuracy of the Personal Data, for a period enabling Us to verify the accuracy of the Personal Data;

b) if the processing is unlawful and You oppose the erasure of the Personal Data and request the restriction of their use instead; or

c) if We no longer need the Personal Data for the purposes of the processing, but they are required by You for the establishment, exercise or defence of legal claims.

11.3. Erasure. You may without undue delay request the erasure of Personal Data concerning You, and We shall erase the Personal Data without undue delay when one of the following applies:

a) if the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

b) if You withdraw Your consent on which the processing is based, and where there is no other legal ground for the processing;

c) if You object to the processing in case the processing is for direct marketing purposes;

d) if the Personal Data have been unlawfully processed; or

e) if the Personal Data have to be erased for compliance with a legal obligation in EU or national law.

12.1. Data retention policy. We store Your data as long as is necessary to provide Our services or We have a legitimate interest in further storage. We will keep data that We must keep in order to meet contractual or statutory retention periods (tax, penal, commercial, and invoices).

12.2. Data retention for compliance with legal requirements. You cannot require Us to change any of the default retention periods, except for the reasons for erasure pursuant to clause 11.3.

12.3. Data restitution and/or deletion. When We have no ongoing legitimate interest, We anonymize Your information, unless We must keep it to evidence Our compliance with applicable laws. For instance:

a) We will keep Your data in the event of an outstanding issue, claim, or dispute requiring Us to keep the relevant information until it is resolved; or

b) The information must be kept for Our legitimate business interests, such as fraud prevention, and enhancing users’ safety and security.

13.1 We will cooperate with You in order to ensure compliance with applicable data protection provisions, e.g. to enable You to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.

14.1 Please also visit Our Terms & Conditions section establishing the use, disclaimers, and limitations of liability governing the use of Our Website.

15.1 By using Our Website, You consent to this Privacy Policy and to Our Cookies Declaration.

16.1 If We decide to change Our Privacy Policy, We will post those changes on this page, and/or update the Privacy Policy modification date below.

16.2 This Privacy Policy was last modified on 2021-08-12 15:16:25.

17.1 You may at any time lodge a complaint with a supervisory authority regarding Our collection and processing of Your Personal Data.