LUMBEN
Legal
At Lumben, we take data protection seriously. We are committed to handling personal data responsibly, securely, and in line with applicable data protection laws and good practice standards.
This page explains our general approach to protecting the personal and health-related information shared through our platform.
Lumben is designed to support patients and clinics through a more structured and transparent dental journey. Because this may involve personal information and sensitive health-related data, we apply a high standard of care to how such data is collected, processed, stored, and accessed.
We aim to ensure that personal data is collected fairly and lawfully, used only for clear and legitimate purposes, limited to what is necessary, kept accurate and up to date where possible, protected against unauthorised access, misuse, loss, or disclosure, and retained only for as long as necessary.
Depending on how Lumben is used, this may include identity and contact details, account and profile information, dental images including X-rays and oral photographs, treatment-related information and case details, communication records, and technical and usage data. Some of this information may be considered special category data or health data under applicable law.
We take appropriate technical and organisational measures to protect the information processed through Lumben. These measures may include restricted access controls, role-based access permissions, secure hosting and storage practices, encrypted data transfer where appropriate, internal confidentiality controls, and monitoring and risk-based security practices.
Access to sensitive data is limited to authorised persons who need it for legitimate operational, technical, or support purposes.
We aim to collect only the data that is relevant and necessary for the services we provide. We do not process personal data for unrelated purposes without an appropriate legal basis.
Where health-related data is involved, we seek to ensure that it is used only in ways that are necessary for platform functionality, case handling, clinic coordination, compliance, safety, or service improvement.
Where necessary, data may be shared with carefully selected third-party service providers, partner clinics, or professional advisers who support the delivery, security, or compliance of our services. We take reasonable steps to ensure that such third parties handle data appropriately and only for permitted purposes.
Where personal data is transferred or stored outside the user's country of residence, Lumben aims to ensure that appropriate safeguards are in place to protect that data in line with applicable legal requirements.
We keep personal data only for as long as reasonably necessary for service delivery, continuity, compliance, record-keeping, dispute resolution, or legitimate business needs. When data is no longer required, we aim to securely delete, anonymise, or otherwise dispose of it appropriately.
Depending on the laws that apply, users may have rights in relation to their personal data, including the right to access their data, request correction, request deletion, restrict or object to certain processing, withdraw consent where consent applies, and raise a complaint with a relevant authority. Requests relating to personal data may be submitted using the contact details below.
Data protection is an ongoing responsibility. Lumben may review and update its practices, safeguards, and internal processes over time to reflect changes in the platform, legal obligations, and operational needs.
If you have any questions about data protection at Lumben, please contact us at: Lumben — Email: info@lumben.com
