Privacidad de datos y cumplimiento de exportación

In today's digital landscape, user privacy is paramount. As a LumoPages user, you are entrusted with sensitive information collected through your forms. While LumoPages is committed to protecting the data within our platform according to our Privacy Policy, it's equally crucial for you to understand your responsibilities when handling, especially exporting, user data.

This guide outlines key considerations for data privacy and compliance when you manage and export responses from your Lumos. It's vital to ensure your practices align with relevant data protection regulations and your own privacy commitments.

---

LumoPages' Commitment to Your Data

LumoPages takes data security and privacy seriously. We store your collected responses securely within our systems and adhere to our comprehensive Privacy Policy. This policy details how we collect, use, store, and protect the data you manage on our platform.

Your Responsibility: Data Privacy Beyond LumoPages

When you export data from LumoPages (whether as CSV, PDF, or via webhooks), you are taking possession of that data, and your handling of it falls under your own privacy obligations. It's critical to understand and comply with applicable data protection laws and regulations, such as:

• GDPR (General Data Protection Regulation): For data related to individuals in the European Union/EEA.
• CCPA (California Consumer Privacy Act): For data related to California residents.
• Other local/industry-specific regulations: Depending on your location, industry, and target audience.

Failure to comply can result in significant legal penalties and damage to your brand reputation.

---

Key Considerations for Data Export and Handling

Before, during, and after exporting user data, ask yourself these questions:

Consent & Transparency

• Did you obtain proper consent? Ensure your Lumo's privacy notice or consent checkboxes clearly inform users about what data you collect, why you collect it, and how it will be used (and by whom, if you share it).
• Is your privacy policy accessible? Link directly to your own comprehensive privacy policy from your Lumo, detailing your data handling practices.

Data Minimization

• Are you collecting only what's necessary? Only collect data that is directly relevant and necessary for your stated purpose.
• Are you exporting only what's necessary? When you export, download only the fields or responses genuinely required for your specific analysis or process.

Data Security

• Where are you storing the exported data? Never store sensitive exported data on unsecured devices or public cloud drives. Use encrypted drives, secure cloud storage, or password-protected systems.
• Who has access? Limit access to exported data only to authorized personnel who need it for legitimate business purposes.
• Is it transmitted securely? If sharing exported data, use secure transfer methods (e.g., encrypted emails, secure file sharing platforms).

Data Retention

• How long are you keeping the data? Don't retain data longer than necessary for the purpose it was collected or as required by law.
• Do you have a deletion policy? Ensure you have a clear process for securely deleting data when it's no longer needed.

Data Subject Rights

• Can users request their data? Be prepared to provide users with copies of their collected data upon request.
• Can users request deletion/correction? Understand your obligation to correct inaccurate data or delete data upon a valid request (the "right to be forgotten").

---

Consult Legal Counsel

This guide provides general information and is not legal advice. Data privacy laws are complex and vary by jurisdiction. If you are unsure about your specific obligations, especially when collecting sensitive data or operating across different regions, we strongly recommend consulting with legal professionals specializing in data privacy.