Platform Features
Join the world’s leading organizations that trust Lumi Global with their critical meetings.
Join the world’s leading organizations that trust Lumi Global with their critical meetings.
Lumi Global has acquired Assembly Voting, a technology company specializing in end-to-end verifiable, cloud-based voting and election solutions.
The General Data Protection Regulation (GDPR), or Regulation (EU) 2016/679, is effective from 25 May 2018, replacing national legislations accordingly and the European Privacy Directive. The GDPR sets out to improve the privacy and security of EU citizens’ personal information. It requires no enabling legislation and is therefore applicable and binding from that date.
The GDPR imposes obligations on companies that control or process personal information and introduces new rights for EU data subjects. Whilst it applies to processing carried out by organisations within the European Economic Area (EEA), it also applies to organisations globally that offer goods or services to EU citizens or people in the EU.
The purpose of this public corporate statement is to highlight and demonstrate to our customers the measures we have put in place to ensure compliance with the GDPR where we hold or process personal data on your behalf.
Lumi is;
As part of our preparation process for GDPR, we continue to review and update all of our internal processes, procedures, policies, documentation and systems. We will be complying with GDPR as a data processor and controller and we have been working with our suppliers and third party vendors to ensure that collectively we can meet our obligations and your requirements.
Throughout our journey to GDPR compliance we have been working closely with independent experts and advisors to ensure we have the expertise needed to comply with the regulation. We view GDPR as a continual project which will require monitoring, improvement and management over time.
At Lumi we treat information security with the utmost importance and we are already aligned with a number of industry best practice standards that concentrate on cyber security such as ISO/IEC 27001 and PCI-DSS.
With regards to our customers, third party suppliers or vendors and any sub-processors - We have been working closely with all parties to ensure their compliance too. Contracts and agreements have been reviewed and we ensure that the necessary organisational and technical controls, policies and procedures are in place so that we are satisfied with the confidentiality, integrity and availability of your data.
Under the GDPR, we are obliged to notify our customers (the data controller) of any data breach without undue delay. In certain circumstances this notification is required to extend to the appropriate national supervisory authority for data protection. Our company headquarters are based in the UK, where this body is the Information Commissioner’s Office (ICO), https://ico.org.uk/. Lumi has therefore ensured robust processes and procedures are in place for identifying, reviewing and swiftly reporting any data breach to the relevant controller and authorities.
In the event of a data breach, we would aim to provide our customer with the following;
There have been significant enhancements to the rights of data subjects under the GDPR, that improve the privacy and protection with regards to individuals’ personal data. Lumi is committed to working closely with its customers on whose behalf we hold and process data. Through this collaboration we can best determine how to manage;
For more detailed information about these rights, please review our Privacy Policy.
As mentioned above, we now treat GDPR as an everyday part of Lumi life. In this section we’ve included some of the measures we have already taken or continue to take and the work we have completed on our road to compliance.
Lumi does not need to appoint a Data Protection Officer (DPO). However, we have nominated our Chief Technology Officer as the person with overall responsibility for GDPR and matters of data privacy and protection, and is contactable at privacy@lumiglobal.com.
For more information about how we handle personal information, please review our Privacy Policy, https://www.lumiglobal.com/privacy-policy.
To keep you updated on how we comply with legislation, we may update this statement from time to time, which will always be published here on our website.
Version |
Publish Date |
Author(s) |
Owner(s) |
Description of changes |
1.0 |
25 May 2018 |
Dave Palmer (Head of Information Security) |
n/a |
New document. |
1.1 |
7 December 2020 |
Dave Palmer (Head of Information Security), Rahul Shah (Chief Financial Officer) |
Richard Taylor (Chief Executive Officer) |
Draft version for review, update and approval. Applied latest document template, applied ownership and approval processes, assigned unique ISO27001 aligned reference number, enabled tracked changes, updated doc control sections, |
1.2 |
15 October 2021 |
Marc Harper (CTO) |
Rahul Shah (CFO) |
Updated primacy contact. |
This version approved by: Chief Finance Officer
This Lumi document has been classified as ‘Public’. This means that Lumi has deemed that the information contained herein is freely available outside of the business or is intended for public use.