Lumnicore Innovative Solutions Limited (Lumnicore or we) is committed to safeguarding your privacy and protecting your Personal Data. This Privacy Policy outlines how we collect, use, store, and disclose Personal Data in the course of operating our enterprise data and AI analytics platform (collectively, our Services).

This Privacy Policy applies to information collected through our Website, subdomains, platforms, and other channels related to our Services. By accessing or using our Services, you confirm that you have read, understood, and agree to the collection, use, Processing, and disclosure of your Personal Data as described in this Privacy Policy and in accordance with our Terms of Service.

This Privacy Policy explains how Lumnicore collects and Processes your Personal Data that we collect and the measures we have in place to ensure the confidentiality of your Personal Data.

Definitions and key terms

To help you understand this Privacy Policy clearly, the following defined terms are used throughout:

• Cookie: A small piece of data stored on your web browser by a website. Cookies help us recognise your browser, collect analytics, and remember preferences (like language or login information) to enhance your experience on our Website.

• Company: When this Privacy Policy mentions “Company” “we”, “us” or “our” it refers to Lumnicore which is responsible for your Personal Data under this Privacy Policy.

• Contact Data: Includes information such as your address (billing and operational), email address, and telephone numbers provided to us when engaging our Services or making inquiries.

• Country: Refers to the Federal Republic of Nigeria, being the domicile of Data Subjects whose Personal Data Lumnicore is Processes.

• Customer: Refers to any company, organisation, or individual who engages Lumnicore for its Services.

• Data Protection Laws: Means the Nigeria Data Protection Act, 2023, the Nigeria Data Protection Act General Application and Implementation Directive, 2025, and any other ancillary laws regulating the use of Data in the Country.

• Data Subject: Any identifiable natural person whose Personal Data is collected, stored, transmitted, or otherwise Processed by Lumnicore in the course of its business operations.

• Device: Any internet-enabled equipment such as a smartphone, computer, tablet, or any other device used to interact with our Services or platforms.

• Identity Data: Includes personal identifiers such as your full name, gender, date of birth, identification number, and other similar information.

• IP address: Means a unique string of numbers assigned to your device when it connects to the internet. It may indicate the geographic location of the device accessing our systems or Website.

• NDPC: Refers to the Nigeria Data Protection Commission, the regulatory body overseeing data protection and privacy compliance in the Country.

• Personnel: Refers to individuals employed by Lumnicore or contracted to provide services on Lumnicore’s behalf, including software engineers, consultants, or support staff.

• Personal Data: Any information relating to an identified or identifiable natural person. q

• Processing, Process, or Processed: means any activity that involves the use of Personal Data or as the Data Protection Laws may otherwise define processing, processes or process. It includes any operation or set of operations which are performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Processing also includes transferring Personal Data to third parties but does not include the mere transit of Personal Data originating outside the Country.

• Services: Refers to the suite of enterprise-AI data and insight solutions provided by Lumnicore and related support services.

• Technical Data: Includes information such as your IP address, login data, browser type and version, time zone setting, device model, platform, and technology used to access our Website or systems.

• Website: Lumnicore’s website, which can be accessed via this URL: [https://Lumnic.io]

• You: Refers to the individual or entity (e.g., client, visitor) who interacts with Lumnicore or uses its Services and whose Personal Data may be collected or Processed by us.

Who We Are and How to Contact Us

Lumnicore, with its business address at [●], is committed to protecting your privacy. This Privacy Policy is issued by Lumnicore in its individual capacity. If, in the future, Lumnicore operates through subsidiaries, affiliates, or other related entities, references to “we”, “us” or “our” in this Privacy Policy will be deemed to include such entities where applicable.

Lumnicore is the controller and processer, and is responsible for your Personal Data.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the information set out below:

Email address: contact@lumnic.io

Postal address: 90b Agoro street, Omole Phase 1, Ikeja, Lagos

Telephone number: 09163405053

What Personal Data Do We Collect?

We collect Personal Data from you when you interact with us such as when you visit our Website, complete an inquiry or registration form, request our Services, integrate your system into our platform to access our Services, subscribe to our communications, or participate in a survey. The Personal Data we collect may include your full name, email address, phone number, company name, job title, and location (city/country).

In the course of delivering our Services, we may also collect additional information necessary for service delivery or compliance with legal obligations.

Why Do We Collect the Information We Collect?

We collect the information to process your data based on the following: 

1. Because you have granted us consent to do so.

2. Because we require it to perform our obligations under our terms and conditions and other contractual obligations.

3. To comply with legislative and regulatory requirements, especially as it relates to taxation and social security contributions.

4. For our legitimate interest.

5. To protect your vital interests; or

6. For public interest.

How Do We Use the Personal Data We Collect?

The Personal Data we collect from you may be used in the following ways:

• To deliver our Services effectively. Your information enables us to provide tailored suite of enterprise-AI data and insight solutions.

• To personalise your experience. We use your Data to better understand your specific needs and preferences, so we can offer relevant services and support.

• To improve our offerings. Feedback and data you provide help us refine our Services, digital platforms, and user experience.

• To enhance customer support. Your information helps us respond more efficiently to inquiries, requests, or service-related issues.

• To administer surveys or Service reviews. This helps us gain insights into client satisfaction and areas for improvement.

• To communicate with you. We may use your contact details to send you Services updates, newsletters, promotional content (where permitted), or respond to inquiries.

How Do We Use Your Email Address?

By submitting your email address on this Website, you agree to receive emails from us. You can cancel your participation in any of these email lists at any time by clicking on the opt-out link or other unsubscribe option that is included in the respective email. We only send emails to people who have authorised us to contact them, either directly, or through a third party. We do not send unsolicited commercial emails, because we hate spam as much as you do. By submitting your email address, you also agree to allow us to use your email address for customer audience targeted on sites like Facebook, where we display custom advertising to specific people who have opted-in to receive communications from us.

Email addresses submitted only through the contact page will be used for the sole purpose of sending you information and updates pertaining to your request. If, however, you have provided the same email to us through another method, we may use it for any of the purposes stated in this Privacy Policy. Note: If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.

Do We Share the Information We Collect With Third Parties?

We may engage trusted third-party service providers to support the delivery of our Services, including but not limited to website hosting, server maintenance, data storage and management, email communication, analytics, and customer support. Where necessary, we may share your Personal Data and, in some cases, non-Personal Data with these service providers to enable them to perform such tasks on our behalf.

For analytics and Service improvement, we may share anonymised or aggregated usage Data, such as IP addresses or browser types, with third-party analytics partners. This information may be used to help us understand user behaviour, optimise our digital platforms, and evaluate Service performance. These analytics partners may use such Data to assess trends such as location, connection speed, device type, and usage patterns.

we may disclose your Personal Data or non-Personal Data where we believe it is necessary or appropriate to

• Comply with applicable laws, regulations, or legal processes (such as court orders or subpoenas);

• Respond to lawful requests from government or law enforcement agencies;

• Protect the rights, property, or safety of Lumnicore, our users, our Personnel, or others; or

• Detect, investigate, and help prevent fraud or other illegal activity.

We require all third parties with whom we share your Personal Data to respect its confidentiality and to Process it in accordance with applicable Data Protection Laws. They are not permitted to use your Personal Data for their own purposes and are only authorised to Process it as instructed by Lumnicore and solely for specified and legitimate purposes.

Where and When is Information Collected from Customers and End Users?

Lumnicore will collect the personal information that you submit to us including;

• your direct disclosures to us when you onboard on our platform or access our Website;

• your personal information disclosed from the use our Services, primarily in relation to customer accounts, administrators, and team members on our platform

• your communication to us through our customer support channels, email, chat, telephone, or any other means;

• your reading of our emails or notices, online research on social media and websites which may not be publicly available;

• investigations on publicly available databases in furtherance of our compliance obligations;

• your participation in surveys which we make available to you, for competitions and promotions; and

• third parties such as regulatory and enforcement agencies, and other public sources.

Is the Information Collected through the Lumnicore Service or Website Secure?

We take precautions to protect the security of your information. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorised access, maintain data security, and correctly use your Personal Data. However, neither people nor security systems are foolproof, including encryption systems. In addition, people can commit intentional crimes, make mistakes, or fail to follow policies. Therefore, while we use reasonable efforts to protect your Personal Data, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimer duty to protect your Personal Data, you agree that intentional misconduct will be the standards used to measure our compliance with that duty.

Can I Update or Correct my Information?

You have the right to request the restriction of certain uses and disclosures of your Personal Data as follows. You can contact us in order to (1) update or correct your personally identifiable information, and (2) change your preferences with respect to communications and other information you receive from us. Such updates, corrections, changes, and deletions will have no effect on other information that we maintain or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change, or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate. Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed, anonymised or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable.

How Long Do We Keep Your Information?

We keep your information only so long as we need it to provide our Services to you and fulfill the purposes described in this Privacy Policy. This is also the case for anyone that we share your information with and who carries out Services on our behalf. When we no longer need to use your information and there is no need for us to keep it to comply with our legal or regulatory obligations, we either remove it from our systems or depersonalise it so that we can’t identify you.

What are Your Legal Rights

 Under certain circumstances, you have rights under the Data Protection Laws in relation to your Personal Data.

You have the right to:

Request access to your Personal Data (commonly known as a “Data Subject Access Request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully Processing it.

Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate Personal Data we hold about you corrected, though we may need to verify the accuracy of the new Personal Data you provide to us.

Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to Process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below) or where we may have Processed your information unlawfully or where we are required to erase your Personal Data to comply with applicable laws. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) as the legal basis, and there is something about your particular situation that leads you to believe that such Processing impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate basis to Process your information which override your rights and freedoms.

Request restriction of processing of your Personal Data. This enables you to ask us to suspend the Processing of your Personal Data in the following scenarios: 

• If you want us to establish the Data’s accuracy;

• Where our use of the Personal Data is unlawful but you do not want us to erase it;

• Where you need us to hold the Personal Data even if we no longer require it as you need it to establish, exercise or defend legal claims;

• You have objected to our use of your Personal Data but we need to verify whether we have overriding legitimate basis to use it.

Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to Process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or Services to you. We will advise you if this is the case at the time you withdraw your consent.

How Can You Exercise Your Data Privacy Rights?

If you wish to exercise any of the rights set out above, please contact us via our DPO in the following ways –

Email address: [DETAILS]

Postal address: [DETAILS]

[Telephone number: [DETAILS]]

Data Subject Request Form: Visit this link [•]

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

What Are Your Available Remedies in the Case of a Breach?

In the case of a breach of any of the obligations with respect to your Personal Data, a data breach procedure is established and maintained in order to deal with incidents concerning Personal Data or privacy practices leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed. On notification of such breach, Lumnicore will investigate to determine if an actual breach has occurred, and Lumnicore will take the actions required to manage such breach.

In the event you believe we have breached any applicable law or this Privacy Policy, you have the right to file a complaint with the Nigeria Data Protection Commission. You may, however, contact our DPO to enable us to rectify such breach as soon as possible.

How Do We Protect Your Information?

We implement a variety of security measures to maintain the safety of your Personal Data when you enter, submit, or access your Personal Data. We offer the use of a secure server. All supplied Personal Data is transmitted via Secure Socket Layer (SSL/TLS) encryption and then encrypted into our database only to be accessible by those authorised with special access rights to such systems, and are required to keep the information confidential.

In addition, we limit access to your Personal Data to our Personnel who have a business need to know. They will only Process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected Personal Data breach and will notify you and the NDPC of the occurrence of a Personal Data Breach where we are legally required to do so.

We cannot, however, ensure or warrant the absolute security of any information you transmit to Lumnicore or guarantee that your information on the Service may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or managerial safeguards.

Could My Information Be Transferred To Other Countries?

Information collected via our Website, through direct interactions with you, or from the use of our Services may be transferred from time to time to our offices or Personnel or to third parties located throughout the world, may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data.

Whenever we transfer your Personal Data out of the Country, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by NDPC; or

• Where no adequacy decision exists, we ensure appropriate safeguards are in place through Data Processing Agreements with all third-party processors (including Google Cloud Platform, MongoDB Atlas, Atlassian, Slack, and Microsoft), which contractually require them to protect your Personal Data to standards consistent with the Nigeria Data Protection Act 2023.

• Where necessary, we rely on your informed consent to such transfers, obtained after clearly notifying you of the possible risks associated with the transfer due to the absence of adequate protections in the destination country, in accordance with Section 41 of the NDPA and Article 45 of the GAID 2025.

Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data out Nigeria.

How Can You Exercise Your Data Privacy Rights? 

If you wish to exercise any of the rights set out above, please contact us via our DPO.

Governing Law

This Privacy Policy is governed by the Data Protection Laws. You consent to the exclusive jurisdiction of the Nigerian courts in connection with any action or dispute arising between the parties under or in connection with this Privacy Policy.

The laws of the Country, excluding its conflicts of law rules, shall govern this Agreement and your use of the Website. Your use of the Website may also be subject to other local, state, national, or international laws.

By using Lumnicore’s Services or contacting us directly, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you should not engage with our Website or use our Services. Continued use of the Website, direct engagement with us, or following the posting of changes to this Privacy Policy that do not significantly affect the use or disclosure of your personal information will mean that you accept those changes.

Can I Update or Correct my Information?

You have the right to request the restriction of certain uses and disclosures of your Personal Data as follows. You can contact us in order to (1) update or correct your Personal Data, and (2) change your preferences with respect to communications and other information you receive from us. Such updates, corrections, changes, and deletions will have no effect on other information that we maintain or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change, or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate. Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed, or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable.

If you are an end-user and wish to update, delete, or receive any information we have about you, you may do so by contacting Lumnicore.

Objections By the Data Subject

The right of a Data Subject to object to the Processing of his data shall always be safeguarded. Accordingly, a Data Subject shall have the option to:

1. object to the Processing of Personal Data relating to him which the Data Controller/Processor intends to Process for the purpose of marketing;

2. be expressly and manifestly offered the mechanism for objection to any form of Data Processing free of charge.

You may reach out to us here contact@lumnic.io to object to the Processing of your Personal Data.

Affiliates
We may disclose information (including Personal Data) about you to our Corporate Affiliates. For purposes of this Privacy Policy, “Corporate Affiliate” means any person or entity which directly or indirectly controls, is controlled by, or is under common control with Lumnicore, whether by ownership or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

Your Consent

We have updated our Privacy Policy to provide you with complete transparency into what is being set when you visit our Website and how it’s being used. By using our Website or registering an account, you hereby consent to our Privacy Policy and agree to its terms.

Links to Other Websites

This Privacy Policy applies only to this Website. The Website may contain links to other websites not operated or controlled by Lumnicore. We are not responsible for the content, accuracy, or opinions expressed in such websites, and such websites are not investigated, monitored, or checked for accuracy or completeness by us. Please remember that when you use a link to go from this Website to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website, its rules, and policies. Such third parties may use their own cookies or other methods to collect information about you.

Cookies

Lumnicore uses Cookies to identify the areas of our Website that you have visited. We use Cookies to enhance the performance and functionality of our Website but are non-essential to the use of our Website. For instance, a cookie may allow you to access our Services without having to repeatedly enter your password during a single visit.

In all cases in which we use Cookies, we will not collect Personal Data except with your permission or use information gathered for tracking purposes. Most web browsers can be set to disable the use of Cookies. However, if you disable Cookies, you may not be able to access functionality on our Website correctly or at all. We never store Personal Data in Cookies.

For more information about the Cookies we use and how to change your cookie preferences, please see [LINK TO YOUR COOKIE POLICY].]

Blocking and Disabling Cookies and Similar Technologies

Wherever you are located, you may also set your browser to block Cookies and similar technologies, but this action may block our essential Cookies and prevent our Website from functioning properly, and you may not be able to fully utilise all of its features and services. Different browsers make different controls available to you. Disabling a cookie or category of Cookies does not delete the cookie from your browser; you will need to do this yourself from within your browser. You should visit your browser’s help menu for more information.

Changes To Our Privacy Policy

We may change our Services and policies, and we may need to make changes to this Privacy Policy so that they accurately reflect our Services and policies. Unless otherwise required by law, we will notify you (for example, through our Services) before we make changes to this Privacy Policy and give you an opportunity to review them before they go into effect. If you continue to use the Services after any change to our Privacy Policy, you will be bound by the updated Privacy Policy.

Third-Party Services

We may display, include or make available third-party content (including data, information, applications and other product services) or provide links to third-party websites or services (Third-Party Services).

You acknowledge and agree that Lumnicore shall not be responsible for any Third-Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality, or any other aspect thereof. Lumnicore does not assume and shall not have any liability or responsibility to you or any other person or entity for any Third-Party Services.

Third-Party Services and links thereto are provided solely as a convenience to you, and you access and use them entirely at your own risk and subject to such third parties’ terms and conditions. 

Contact Us

Do not hesitate to contact us if you have any questions: contact@lumnic.io

Principal business address at: 90b Agoro street, Omole Phase 1, Ikeja, Lagos.

☐ I hereby consent to the Processing of my personal information in line with this Privacy Notice

☐ I hereby consent to the cross-border transfer and hosting of my information.