Free Shipping On Order Over $49.99!

      Privacy Policy

      PRIVACY POLICY

       
      Effective Date: [01/01/2026] | Last Updated: [01/01/2026]
       
      This Privacy Policy (the “Policy”) describes how ZHENGCHEN LLC (“we”, “us”, “our”, the “Data Controller”) collects, uses, stores, shares, protects, and processes your personal information when you access our website lumaredz.myshopline.com, create an account, purchase products or services, or use any of our related platforms, applications, and offerings (collectively, the “Services”).
       
      This Policy applies to all users of the Services, including visitors, customers, account holders, and any other individuals who access or use the Services. By accessing or using the Services, you acknowledge that you have read, understood, and unconditionally agree to the terms of this Policy, and consent to the collection and processing of your personal data as described herein. If you do not agree with this Policy, you must immediately cease all access and use of the Services.
       
      We reserve the right to update, amend, or modify this Policy at any time, in our sole discretion. Material changes will be posted on this page with a revised effective date, and we will provide a prominent notice on the Website (or via email to account holders, where required by applicable law) for significant changes. Your continued use of the Services after the effective date of the revised Policy constitutes your acceptance of all updates. You are responsible for reviewing this Policy periodically for changes.
       
       

      1. DEFINITIONS

       
      For the purposes of this Policy:
       
      • Personal Data: Any information that can be used to directly or indirectly identify an individual, including but not limited to name, postal address, email address, phone number, payment details, IP address, device identifiers, browsing behavior, and user-generated content. This includes anonymized data that can be re-linked to an identifiable individual, and excludes data that has been irreversibly anonymized or aggregated such that it can no longer identify any individual, whether alone or in combination with other information.
      • Sensitive Personal Data: A subset of Personal Data subject to heightened legal protection, including payment card information, financial details, precise geolocation data, health information (if applicable), and any other data protected under applicable local privacy laws.
      • Processing: Any operation performed on Personal Data, including collection, storage, use, disclosure, transfer, restriction, deletion, and analysis.
      • Third-Party Service Providers: External companies, organizations, or individuals that process Personal Data on our behalf, or with whom we share your Personal Data as described in this Policy.
      • Cookies: Small text files, web pixels, beacons, and similar tracking technologies stored on your device when you visit the Website, as further described in Section 5 of this Policy.
       
       

      2. PRINCIPLES OF DATA PROCESSING

       
      We process your Personal Data in strict adherence to the core principles of legality, legitimacy, transparency, data minimization, purpose limitation, accuracy, integrity, and confidentiality. We only collect and process the minimum amount of data necessary to fulfill the purposes outlined in this Policy, and implement technical and administrative measures to protect the security of your Personal Data at all times.
       
       

      3. PERSONAL DATA WE COLLECT

       
      We collect Personal Data in three primary ways: data you voluntarily provide to us, data we collect automatically when you use the Services, and data we receive from third parties.
       

      3.1 Data You Voluntarily Provide to Us

       
      We collect Personal Data that you directly submit to us when you use the Services, including but not limited to:
       
      • Account & Registration Data: When you create an account with us, we collect your first and last name, username, email address, phone number, password, and any other optional information you choose to add to your account profile.
      • Transaction & Purchase Data: When you make a purchase through the Services, we collect payment details (credit/debit card numbers, card security information, billing address, and other payment method details), shipping and delivery address, order number, purchase history, return/refund records, and communications related to your order or customer service inquiries.
      • Communications Data: When you contact us via email, contact form, live chat, social media, phone, or other channels, we collect your name, contact information, and the full content of your communications with us, including any attachments or supporting materials you provide.
      • Voluntary Submission Data: When you participate in surveys, contests, promotions, loyalty programs, or leave product reviews, comments, or other user-generated content, we collect the information you submit in connection with these activities.
      • Marketing Consent Data: When you opt in to receive marketing communications from us, we collect your email address, phone number, and marketing preference details.
       

      3.2 Data We Collect Automatically When You Use the Services

       
      When you access or interact with the Services, we automatically collect the following data about your device and usage through your browser, device, and tracking technologies:
       
      • Device & Technical Data: Device type, unique device identifiers, IP address, operating system, browser type and version, language settings, screen resolution, referral URL, access times and dates, pages visited, clickstream data, crash reports, and system activity information.
      • Usage & Analytics Data: Browsing history, search queries, time spent on pages, cart abandonment data, interaction with products, features, and content on the Services, engagement with marketing emails and advertisements, and other behavioral data related to your use of the Services.
      • Location Data: Approximate geolocation data derived from your IP address. If you enable location permissions on your device, we may collect precise geolocation data to provide location-specific features of the Services.
      • Server Log Data: Like most websites, our servers automatically record page requests, access times, browser language, and unique cookie identifiers when you visit the Website.
       

      3.3 Data We Collect From Third Parties

       
      We may collect Personal Data about you from trusted third parties, in compliance with applicable law, including:
       
      • Payment Service Providers: Payment verification details, fraud risk scores, and transaction status information to process your orders and prevent fraudulent activity.
      • Logistics & Shipping Partners: Delivery status, address verification data, and return tracking information to fulfill your orders.
      • Analytics & Advertising Partners: Anonymized usage data, advertising engagement metrics, and audience insights to improve the Services and our marketing campaigns.
      • Identity Verification & Fraud Prevention Services: Data to verify your identity, prevent unauthorized account access, and combat fraudulent transactions.
      • Social Media Platforms: If you sign up or log in to the Services via a social media account, we receive the data you authorize the platform to share with us (e.g., name, email address, profile photo).
      • Credit Reference & Debt Collection Agencies: Where necessary to recover outstanding payments owed to us, as permitted by applicable law.
       
      We only collect Personal Data from third parties where they have confirmed they have the legal right to share your data with us.
       
       

      4. HOW WE USE YOUR PERSONAL DATA

       
      We use your Personal Data solely for the purposes outlined in this Policy, in compliance with applicable data protection laws. Below we detail the purposes of processing, and the legal basis for each processing activity (for users in the European Economic Area (EEA) and United Kingdom, in compliance with the General Data Protection Regulation (GDPR) and UK GDPR):
       
      1. To Fulfill Our Contractual Obligations to You
         
        • Process and fulfill your orders, including payment processing, shipping, delivery, and returns/exchanges;
        • Create and manage your user account, verify your identity, and provide account-related support;
        • Respond to your customer service inquiries, support tickets, and requests;
        • Administer contests, promotions, loyalty programs, or surveys you choose to participate in.
           
          Legal Basis (GDPR): Article 6(1)(b) GDPR – performance of a contract with you.
         
      2. For Our Legitimate Business Interests
         
        • Improve, optimize, and develop the Services, products, features, and user experience;
        • Analyze usage trends, website performance, and customer behavior to inform our business decisions;
        • Prevent, detect, and investigate fraud, unauthorized access, cyberattacks, and other illegal or malicious activity;
        • Enforce our Terms of Service and other agreements with users;
        • Ensure the security and stability of our IT systems and infrastructure;
        • Personalize your experience on the Services, including product recommendations and content customization;
        • Conduct internal audits, compliance checks, and risk management activities.
           
          Legal Basis (GDPR): Article 6(1)(f) GDPR – our legitimate business interests, balanced against your privacy rights.
         
      3. With Your Consent
         
        • Send you marketing communications, including emails, SMS messages, and promotional offers about our products and services (you may withdraw this consent at any time);
        • Share your Personal Data with third-party partners for their own marketing purposes, only where you have explicitly opted in to such sharing;
        • Use precise geolocation data from your device, where you have enabled location permissions;
        • Use non-essential Cookies and tracking technologies, as described in Section 5 of this Policy;
        • Use your user-generated content for commercial marketing purposes, where required by applicable law.
           
          Legal Basis (GDPR): Article 6(1)(a) GDPR – your explicit consent.
         
      4. To Comply With Legal Obligations
         
        • Retain and disclose Personal Data to comply with tax, accounting, and commercial record-keeping requirements;
        • Respond to court orders, subpoenas, legal process, or enforceable governmental requests;
        • Meet regulatory reporting and compliance obligations;
        • Protect the vital interests of you or another individual, including in emergency situations.
           
          Legal Basis (GDPR): Article 6(1)(c) and 6(1)(d) GDPR – compliance with a legal obligation, protection of vital interests.
         
       
       

      5. COOKIES & TRACKING TECHNOLOGIES

       
      We use Cookies and similar tracking technologies on the Website, in compliance with the EU ePrivacy Directive and other applicable global privacy laws.
       

      5.1 What Are Cookies?

       
      Cookies are small text files stored on your web browser or device when you visit a website, used to store and receive identifiers and other information. We also use web pixels, beacons, device identifiers, HTML5 local storage, and similar software for the same purposes, all of which are referred to as “Cookies” in this Policy.
       

      5.2 How We Use Cookies

       
      We use Cookies for the following core purposes, and classify Cookies into the below categories:
       
      1. Strictly Necessary Cookies: These Cookies are essential for the basic functionality of the Website, such as enabling page navigation, cart functionality, secure login, and fraud prevention. These Cookies cannot be disabled, as they are required for the Services to operate.
      2. Functional Cookies: These Cookies remember your preferences (e.g., language, region, login details) to provide a personalized and enhanced user experience. These Cookies are only enabled with your explicit consent.
      3. Performance & Analytics Cookies: These Cookies collect data about how users interact with the Website, to help us improve performance, functionality, and user experience. We use these Cookies from third-party analytics providers, including Google Analytics. 
      4. Advertising & Targeting Cookies: These Cookies are used to deliver personalized advertisements, measure the performance of our marketing campaigns, and limit repeated ad impressions. We use these Cookies from our advertising partners, including Google Ads, Meta (Facebook) Ads, and Microsoft Bing Ads. These Cookies are only enabled with your explicit consent.
       

      5.3 Your Cookie Choices

       
      When you first visit the Website, you will be presented with a Cookie Consent Banner, which allows you to accept or reject non-essential Cookies. You can withdraw or update your consent at any time by clicking the “Manage Cookies” link in the footer of the Website.
       
      You may also manage and disable Cookies through your browser settings. Most browsers allow you to block, delete, or receive notifications when Cookies are set. Please note that disabling all Cookies may result in limited functionality of the Website, as Strictly Necessary Cookies cannot be disabled.
       

      5.4 Do Not Track (DNT) Signals

       
      Most modern browsers offer a “Do Not Track” (DNT) feature. As there is currently no uniform industry standard for interpreting and responding to DNT signals, we do not alter our data collection and processing practices in response to DNT signals from your browser. You can manage all your privacy and tracking preferences via our Cookie Consent Banner and the opt-out options listed in this Policy.
       
       

      6. DISCLOSURE & TRANSFER OF YOUR PERSONAL DATA

       
      We do not sell, rent, or lease your Personal Data to third parties for their independent commercial marketing purposes, except with your explicit written consent. We only share your Personal Data with the categories of third parties described below, and only to the extent necessary to fulfill the purposes outlined in this Policy.
       

      6.1 Third-Party Service Providers

       
      We share your Personal Data with trusted, vetted third-party service providers that perform services on our behalf, under strict written contractual obligations. These providers are only authorized to process your Personal Data in accordance with our instructions, and are required to implement appropriate technical and organizational security measures to protect your data. These providers include:
       
      • Payment processors and financial service providers;
      • Logistics, shipping, and delivery partners;
      • Website hosting, e-commerce platform, and IT service providers;
      • Analytics and advertising partners;
      • Customer relationship management (CRM) and customer service providers;
      • Legal, accounting, audit, and compliance service providers;
      • Fraud prevention, identity verification, and debt collection agencies;
      • Contest, promotion, and loyalty program administrators.
       

      6.2 Corporate Affiliates

       
      We may share your Personal Data with our parent company, subsidiaries, and affiliated group companies, solely to the extent necessary to provide the Services, comply with legal obligations, or for internal business management purposes. All affiliated entities are bound by this Policy and equivalent data protection obligations.
       

      6.3 Legal Disclosures & Business Transactions

       
      We may disclose your Personal Data if required to do so by law, or in the good-faith belief that such disclosure is reasonably necessary to:
       
      1. Comply with a legal obligation, court order, subpoena, or enforceable governmental request;
      2. Enforce our Terms of Service, including investigation of potential violations;
      3. Detect, prevent, or address fraud, security, or technical issues;
      4. Protect against harm to the rights, property, or safety of our company, our users, or the public, as required or permitted by law.
       
      In the event of a merger, acquisition, asset sale, bankruptcy, reorganization, or similar business transaction, your Personal Data may be transferred to the acquiring or successor entity as part of the transaction. We will notify you via email or a prominent notice on the Website before your Personal Data is transferred and becomes subject to a different privacy policy.
       

      6.4 Cross-Border Data Transfers

       
      Your Personal Data may be transferred to, and processed in, countries outside of the EEA, UK, or your country of residence, where our servers and third-party service providers may be located.
       
      When we transfer your Personal Data to countries outside the EEA/UK, we will ensure the transfer is subject to appropriate safeguards in compliance with applicable data protection laws, including the use of the European Commission’s Standard Contractual Clauses (SCCs), transfers to countries with an adequacy decision from the European Commission, or other legally recognized safeguards. You may request a copy of the safeguards we have implemented for cross-border data transfers by contacting us at the email address listed in Section 12.
       
       

      7. DATA RETENTION

       
      We retain your Personal Data only for as long as is necessary to fulfill the purposes for which it was collected, and to comply with our legal, accounting, and reporting obligations. Our core data retention principles are:
       
      • Account Data: Retained for the lifetime of your active account, plus 12 months after account closure or inactivity, to resolve disputes, enforce our agreements, or comply with legal requirements.
      • Transaction & Financial Data: Retained for 7-10 years from the date of the transaction, to comply with tax, accounting, and commercial law retention requirements.
      • Marketing Data: Retained until you withdraw your consent to marketing communications, or until 24 months of continuous inactivity, after which we will delete or anonymize your data.
      • Technical & Analytics Data: Retained for 12 months from collection, after which it is anonymized or deleted. Anonymized statistical data may be retained indefinitely for internal business purposes, with no ability to identify individual users.
      • Customer Service Data: Retained for 12 months from the resolution of your inquiry, or longer if required for ongoing dispute resolution.
      • Legal Compliance Data: Retained for as long as required by applicable law, regulation, or court order.
       
      At the end of the applicable retention period, we will either permanently delete or destroy the Personal Data, irreversibly anonymize the data, or archive it in secure offline storage with access restricted solely to legal compliance purposes.
       
      We reserve the right to retain your Personal Data for longer periods if required by law, or to defend against legal claims, enforce our agreements, or protect our legitimate business interests.
       
       

      8. DATA SECURITY

       
      We implement appropriate technical, administrative, and physical security measures designed to protect your Personal Data from unauthorized access, disclosure, alteration, destruction, or loss, in compliance with applicable data protection laws. Our security measures include:
       
      • Industry-standard SSL/TLS encryption for all data transmitted between your browser and our Website;
      • Tokenization and encryption of sensitive payment data, with no full payment card details stored on our active servers;
      • Role-based access restrictions, with Personal Data only accessible to authorized personnel on a strict need-to-know basis;
      • Regular security audits, vulnerability scans, and penetration testing of our systems;
      • Mandatory data protection and security training for all employees and contractors;
      • Secure offline backup and disaster recovery protocols;
      • A formal incident response plan to address data security breaches in a timely manner.
       
      While we take all reasonable steps to protect your Personal Data, you acknowledge that no electronic storage system or internet transmission is 100% secure. We cannot guarantee absolute security, and any transmission of Personal Data to us is at your own risk. In the event of a data breach that poses a significant risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law.
       
       

      9. YOUR RIGHTS AS A DATA SUBJECT

       
      Depending on your country or region of residence, you may have the following rights under applicable data protection laws (including GDPR, CCPA/CPRA, and other global privacy regulations):
       

      9.1 Core User Rights

       
      1. Right to Access: The right to request confirmation that we are processing your Personal Data, and to request a copy of the Personal Data we hold about you.
      2. Right to Rectification: The right to request that we correct inaccurate, incomplete, or out-of-date Personal Data we hold about you.
      3. Right to Erasure: The right to request that we delete your Personal Data, where the data is no longer necessary for the purposes it was collected, you withdraw your consent, you object to the processing, the processing is unlawful, or deletion is required to comply with a legal obligation.
      4. Right to Restrict Processing: The right to request that we restrict the processing of your Personal Data, where the accuracy of the data is contested, the processing is unlawful, we no longer need the data but you require it for legal claims, or you have objected to the processing.
      5. Right to Data Portability: The right to receive the Personal Data you have provided to us, in a structured, machine-readable, commonly used format, and to request that we transfer this data to another data controller, where technically feasible.
      6. Right to Object: The right to object to the processing of your Personal Data that is based on our legitimate interests, including processing for direct marketing purposes.
      7. Right to Withdraw Consent: Where we process your Personal Data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
      8. Right to Lodge a Complaint: The right to lodge a complaint with a competent data protection supervisory authority if you believe our processing of your Personal Data violates applicable law.
       

      9.2 How to Exercise Your Rights

       
      To exercise any of the rights listed above, please submit a request to us via email at lumaredz-official@outlook.com, or via post at the address listed in Section 12.
       
      To protect your privacy and security, we will verify your identity before fulfilling any request, by requesting sufficient proof of identity (e.g., confirmation of the email address associated with your account). We will not respond to requests from third parties unless you have provided explicit, written authorization for them to act on your behalf.
       
      We will respond to all valid requests within the timeframe required by applicable law (typically 1 month for GDPR requests, 45 days for CCPA requests). We may extend this timeframe for complex requests, as permitted by law. We reserve the right to reject requests that are unfounded, repetitive, excessive, or where we are not legally required to fulfill the request (e.g., where data must be retained to comply with a legal obligation).
       

      9.3 California Privacy Rights (CCPA/CPRA)

       
      For California residents, in addition to the rights above, you have the following rights under the CCPA/CPRA:
       
      • The right to opt out of the “sale” or “sharing” of your Personal Data for cross-context behavioral advertising. We do not sell your Personal Data for monetary consideration. We may share your data with our advertising partners for personalized advertising, which may be deemed a “sale” or “sharing” under CCPA/CPRA. You can opt out of this sharing via our Cookie Consent Banner, or by emailing us at the address listed in Section 12.
      • The right to non-discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights, including by denying you goods or services, charging different prices, or providing a different level of service.
       
       

      10. CHILDREN’S PRIVACY

       
      Our Services are intended for adults, and are not directed to children under the age of 16 (or the applicable minimum age in your jurisdiction). We do not knowingly collect, use, or process Personal Data from children under the age of 16. If you are a parent or legal guardian and become aware that a child under 16 has provided us with Personal Data without your consent, please contact us immediately. We will take all reasonable steps to permanently delete the child’s Personal Data from our systems as soon as possible.
       
       

      11. THIRD-PARTY WEBSITES & SERVICES

       
      Our Services may contain links to third-party websites, applications, or services that are not owned or operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. This Policy applies solely to Personal Data collected by us through our Services. We strongly encourage you to read the privacy policies of any third-party website or service before accessing or using them.
       
       

      12. LIMITATION OF LIABILITY

       
      TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL WE, OUR PARENTS, AFFILIATES, DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE TO YOU FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS, LOST REVENUE, LOSS OF DATA, OR BUSINESS INTERRUPTION) ARISING OUT OF OR IN CONNECTION WITH THIS POLICY OR THE PROCESSING OF YOUR PERSONAL DATA, WHETHER BASED IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
       
      NOTWITHSTANDING THE FOREGOING, OUR TOTAL AGGREGATE LIABILITY TO YOU FOR ANY CLAIM ARISING OUT OF THIS POLICY OR THE PROCESSING OF YOUR PERSONAL DATA SHALL IN NO EVENT EXCEED THE TOTAL AMOUNT YOU HAVE ACTUALLY PAID TO US FOR PRODUCTS OR SERVICES IN THE 12 MONTHS PRIOR TO THE CLAIM ARISING. THIS LIMITATION DOES NOT APPLY TO LIABILITY THAT CANNOT BE LAWFULLY EXCLUDED OR LIMITED UNDER APPLICABLE LAW, INCLUDING DEATH OR PERSONAL INJURY CAUSED BY OUR GROSS NEGLIGENCE, OR FRAUDULENT MISREPRESENTATION.
       
       

      13. GOVERNING LAW & JURISDICTION

       
      This Policy, and all disputes arising out of or relating to this Policy or the processing of your Personal Data, shall be governed by and construed in accordance with the laws of Colorado, without regard to its conflict of law principles.
       
      For users in the EEA/UK: Nothing in this Policy limits your rights under the GDPR or UK GDPR, and you may bring proceedings in the data protection supervisory authority or courts of your country of residence.
       
      For all other users: Any dispute arising from this Policy shall be subject to the exclusive jurisdiction of the courts of Colorado.
       
       

      14. CONTACT US

       
      If you have any questions, concerns, or requests regarding this Privacy Policy, our data processing practices, or your rights as a data subject, please contact us at:
       
      Email: lumaredz-official@outlook.com
       
      Postal Address: 1942 Broadway St, STE 314C, Boulder, CO, US, 80302, Attn: ZHENCHEN LLC

      Service

      Fast delivery
      30 day refund guarantee
      Worry free guarantee
      Lifetime customer support
      Search | Privacy Policy | Terms of Use | Shipping Policy | Returns Policy |
      Copyright © Lumaredz

      Cart

      loading