Skip to content
LumaxisLumaxis

Privacy

Privacy Policy

What we collect, why, and the controls you have. We aim for plain language; if anything reads as fog, write to us.

Last updated

Who we are

Lumaxis (“we”, “us”) is operated by an individual sole operator. For any privacy question, reach us at hello@lumaxis.org.

We are the data controller for personal data processed via this website.

What we collect

We try to collect as little as possible. In practice that means:

  • Server logs. When you load a page, our hosting provider records the request (IP address, user agent, timestamp, requested URL). Retained for up to 30 days for security and abuse prevention.
  • Analytics. We use or plan to use privacy-respecting analytics tooling (such as PostHog and Google Analytics 4) to understand which recipes are read and where readers come from. Where required, analytics cookies are loaded only after you consent.
  • Voluntary contact. If you email us, we keep your message so we can reply — nothing more.

We do not sell personal data, and we do not run advertising networks that profile you across the open web.

Legal basis (UK & EU)

Where the UK GDPR or EU GDPR applies, our legal bases are:

  • Legitimate interests — running and securing the site, basic server-log analysis, and aggregated analytics that cannot identify you individually.
  • Consent — non-essential cookies and any analytics that link to an identifier. You can withdraw consent at any time via the cookie controls.
  • Legal obligation — where we must retain records to comply with applicable law.

Your rights

You can ask us to access, correct, delete, restrict, or port your personal data. You can also object to processing based on legitimate interests. To exercise any right, email hello@lumaxis.org. We’ll respond within 30 days.

If you believe we’ve mishandled your data, you may also lodge a complaint with your local supervisory authority — for example, the UK ICO or your country’s data protection authority in the EEA.

International transfers

Our hosting and analytics providers may process data in the United States or other countries outside the UK/EEA. Where transfers occur, they rely on appropriate safeguards such as the EU Standard Contractual Clauses and the UK International Data Transfer Addendum.

Retention

Server logs: up to 30 days. Analytics records: up to 14 months in aggregate form. Email correspondence: until the conversation has clearly ended, then archived for one year.

Children

Lumaxis is intended for general audiences and is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect data from children.

Changes

We may update this policy as the site evolves. Material changes will be noted at the top of the page. See our Cookie Policy and Terms of Service for related details.