Privacy Policy

This website ("website") is operated by Luma Inc., which includes Luma stores, and Luma Private Sales. This privacy policy only covers information collected at this website, and does not cover any information collected offline by Luma. All Luma websites are covered by this privacy policy.

Luma Security

Personal information provided on the website and online credit card transactions are transmitted through a secure server. We are committed to handling your personal information with high standards of information security. We take appropriate physical, electronic, and administrative steps to maintain the security and accuracy of personally identifiable information we collect, including limiting the number of people who have physical access to our database servers, as well as employing electronic security systems and password protections that guard against unauthorized access.

Our website uses encryption technology, like Secure Sockets Layer (SSL), to protect your personal information during data transport. SSL encrypts ordering information such as your name, address, and credit card number. Our Customer Care center and stores also operate over a private, secure network. Please note that email is not encrypted and is not considered to be a secure means of transmitting credit card information.

Luma Privacy Policy

To help us achieve our goal of providing the highest quality products and services, we use information from our interactions with you and other customers, as well as from other parties. Because we respect your privacy, we have implemented procedures to ensure that your personal information is handled in a safe, secure, and responsible manner. We have posted this privacy policy in order to explain our information collection practices and the choices you have about the way information is collected and used.

As we continue to develop the Luma website and take advantage of advances in technology to improve the services we offer, this privacy policy likely will change. We therefore encourage you to refer to this policy on an ongoing basis so that you understand our current privacy policy.

The Information We Collect

Generally, you may browse the Luma website without providing any personally identifiable information. However, we may ask you to provide personally identifiable information at various times and places on this website. In some cases, if you choose not to provide us with the requested information, you may not be able to access all parts of this website or participate in all of its features, pricing, and product selection.

We may collect the following information:

  • name
  • contact information including email address
  • demographic information such as postcode, preferences and interests
  • other information relevant to customer surveys and/or offers

For the exhaustive list of cookies we collect see the List of cookies we collect section. From your purchases and other interactions with us, we obtain information concerning the specific products or services you purchase or use. When you visit this website, our web server automatically collects anonymous information such as log data and IP addresses, and may collect general information concerning your location. We may use the automatically collected information for a number of purposes, such as improving our site design, product assortments, customer service, and special promotions.

How We Use The Information We Collect

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping.
  • We may use the information to improve our products and services.
  • We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
  • From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customize the website according to your interests.


We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Others With Whom We Share Your Information.

The Luma Group: All of the above information that we collect, as described above, may be shared among all Luma entities, including Luma Venia and Luma Terra stores, website and Private Sales.

Service Providers: We also may disclose information to outside companies that help us bring you the products and services we offer. For example, we may work with an outside company to: (a) manage a database of customer information; (b) assist us in distributing emails; (c) assist us with direct marketing and data collection; (d) provide us storage and analysis; (d) provide fraud prevention; and (e) provide other services designed to assist us in maximizing our business potential. We require that these outside companies agree to keep confidential all information we share with them and to use the information only to perform their obligations in our agreements with them.

Other Companies: We may provide information to carefully selected outside companies when we believe their products or services may be of interest to you.

Business Transitions: We may transfer or share a copy of personal information about you in the event that Luma or one of its properties, affiliates, or subsidiaries goes through a business transition, such as a merger, being acquired by another company, or selling a portion of its assets. You will be notified via email or prominent notice on our website prior to a change of ownership or control of your personal information, if your personal information will be used contrary to this policy. However, nothing in this Privacy Policy is intended to interfere with the ability of Luma to transfer all or part of its business and/or assets to an affiliate or independent third party at any time, for any purpose, without any limitation whatsoever.

Luma specifically reserves the right to transfer or share a copy of personally identifiable information collected from its websites to the buyer of that portion of its business relating to that information.

Compliance with Law: We may provide access to information when legally required to do so, to cooperate with police investigations or other legal proceedings, to protect against misuse or unauthorized use of our website, to limit our legal liability, and to protect our rights or to protect the rights, property, or safety of visitors of this website or the public.

Luma partners with advertising companies to place our advertising on publisher websites on the Internet. These advertising companies collect anonymous information about your visits to our web site. This technology involves the use of third party cookies that allow them to develop personalized advertising so that it directly relates to offers that may be of interest to you. You may choose to opt-out of this service we have with our third-party advertising partner. We may also use Luma cookies to provide similar enhanced online marketing to you based on your interests and preferences. You may also choose to opt out of these enhanced online marketing ads.

Your Choices Regarding Use Of The Information We Collect

You have several choices regarding our handling of your nonpublic personally identifiable information.

Direct Mail or Telephone Marketing: If you shop at the Luma or Private Sales stores and wish to be removed from the list of customers that receive direct mail or telemarketing calls, please either write to Luma Customer Care at 112 West 34th Street, 18th Flr. New York, NY 10120 or call +1 800-403-8838. If you choose to write to us, please include your name, address, and credit card account number (if you have one), and state one of the following:

  • "NO MAIL OFFERS" (if you don't want to receive offers by mail);
  • "NO PHONE OFFERS" (if you don't want to receive offers by phone);
  • "NO PHONE OR MAIL OFFERS" (if you don't want to receive either).

Because customer lists often are prepared well in advance of an offering (sometimes a few months before the offer is made), you may continue to receive some offers after you send us a request not to use your information for specified marketing purposes. We appreciate your patience and understanding in giving us time to carry out your request.

Your California Privacy Rights

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice describing what categories of personal customer information we share with third parties or corporate affiliates for those third parties or corporate affiliates' direct marketing purposes. That notice will identify the categories of information shared and will include a list of the third parties and affiliates with which it was shared, along with their names and addresses. If you are a California resident and would like a copy of this notice, please submit a written request to the following address: Luma Customer Care, 112 West 34th Street, 18th Floor, New York, NY 10120. Please allow 30 days for a response.

Cookies, Web Beacons, and How We Use Them

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

A "web beacon" or "pixel tag" or "clear gif" is typically a one-pixel image, used to pass information from your computer or mobile device to a website.

We use cookies and web beacons to keep track of what you have in your shopping cart and to remember you when you return to the website as well as to identify the pages you click on during your visit to our site and the name of the website you visited immediately before clicking to the Luma website. We use this information to improve our site design, product assortments, customer service, and special promotions. You can, of course, disable cookies and web beacons on your computer by indicating this in the preferences or options menus in your browser. However, it is possible that some parts of our website will not operate correctly if you disable cookies. We may also use web beacons, and other technologies, to help track whether our communications are reaching you, to measure their effectiveness, or to collect certain non-personal information about your computer, device, or browser in order to allow us to better design future communications to you.

We may contract with third parties who may use cookies and web beacons and collect information on our behalf or provide services such as credit card processing, shipping, promotional services, or data management. We call them our Customer Care Partners. These third parties are prohibited by our contract with them from sharing that information with anyone other than us or our other Customer Care Partners.

List of cookies we collect

The table below lists the cookies we collect and the information they store.

COOKIE name COOKIE Description
CART The association with your shopping cart.
CATEGORY_INFO Allows pages to be displayed more quickly.
COMPARE The items that you have in the Compare Products list.
CUSTOMER An encrypted version of your customer id.
CUSTOMER_AUTH An indicator if you are signed into the store.
CUSTOMER_INFO An encrypted version of the customer group you belong to.
CUSTOMER_SEGMENT_IDS Stores your Customer Segment ID
EXTERNAL_NO_CACHE A flag that, indicates whether caching is on or off.
FRONTEND Your session ID on the server.
GUEST-VIEW Allows guests to edit their orders.
LAST_CATEGORY The last category you visited.
LAST_PRODUCT The last product you looked at.
NEWMESSAGE Indicates whether a new message has been received.
NO_CACHE Indicates whether it is allowed to use cache.
PERSISTENT_SHOPPING_CART A link to information about your cart and viewing history if you have asked the site.
RECENTLYCOMPARED The items you recently compared.
STF Information on products you emailed to friends.
STORE The store view or language you have selected.
USER_ALLOWED_SAVE_COOKIE Indicates whether a customer authorized cookies.
VIEWED_PRODUCT_IDS The products that you recently looked at.
WISHLIST An encrypted list of products added to your wish list.
WISHLIST_CNT The number of items in your wish list.

Online Account Registration

To make online shopping faster and easier, you may register on the Luma website. As a registered customer, you only have to enter your shipping addresses and billing information once; they will be securely stored with us for your future use. Using your name and a password of your choice, you may access your account online at any time to add, delete, or change information. If you are using a public computer, we strongly encourage you to Sign Out when you finish shopping. Your information will still be stored with us but it will not be accessible to anyone else from that computer.


You will receive promotional emails from us only if you have asked to receive them. If you do not want to receive email from Luma or its affiliates you can click on the "Unsubscribe" link at the bottom of any email communication sent by us. Please allow us 3 business days from when the request was received to complete the removal, as some of our promotions may already have been in process before you submitted your request.


By using this website, you accept the policies set forth in this Privacy Policy.

Questions for Luma?

Contact Us

This policy sets out how ID Warehouse Pty Ltd ACN 064 168 574 (“Company”, “we” “us”) collects, uses and discloses your personal information, credit information and credit eligibility information (“credit related information”), including information about your applications for credit and credit accounts with Company and your credit reporting information that we derive from credit reporting bodies (CRBs) and other credit providers.

Company appreciates the importance of protecting the personal information and credit related information that you have provided us in the course of business. This Privacy Policy is based on Part IIIA of the Privacy Act 1988 (“the Act”), complies with the Australian Privacy Principles set out in the Privacy Amendment (Enhancing Privacy Protection) Act 2012, and explains how your personal information and credit related information will be managed when dealing with Company.

When you engage Company to provide you with any goods or services, apply or complete an application for commercial credit, or communicate with Company through email, by telephone, in writing, or use any of Company’s other services, including the Company websites, you agree to the use and disclosure of your personal information and credit related information in the manner described in this policy.

  • The kinds of credit related information that Company collects and holds

    Company collects and holds various types of personal information and credit related information, including;

    • your identity particulars such as; your name, sex, address (and previous addresses), date of birth, occupation, name of employer, and drivers licence number;
    • financial information, including your assets, liabilities, income and expenses;
    • your bank account details and credit card information;
    • email, user ID's and passwords;
    • any goods, services or credit provided to you;
    • records of your communications with Company;
    • court proceedings information, personal insolvency information and credit-related publicly available information;
    • personal website usage information.
    • that you have applied for commercial or consumer credit and the amount;
    • that we and other credit provider are or have been a credit provider to you;
    • payments which become overdue more than 60 days and for which debt collection action has commenced;
    • advice on payments being no longer overdue;
    • advice that cheques drawn by you have been dishonoured more than once;
    • in specified circumstances that in our opinion you have committed a serious credit infringement (that is, acted fraudulently or shown an intention not to comply with your credit obligations);
    • that credit provided to you by us has been paid or otherwise discharged;
    • court proceedings information, personal insolvency information and credit-related publicly available information;
    • scores, ratings, summaries, evaluations and other information relating to your credit worthiness, which is derived by us or by CRBs. 

    Company does not and will not use a Commonwealth Government identifier (such as tax file numbers, driver’s licence numbers) as a method of identifying an individual or business.  Subject to the Privacy Act, Company will it provide such an identifier to a third party without the individuals consent, unless:

    • disclosure is necessary for Company to fulfil its obligations to the relevant agency;
    • it is required for health or other emergency reasons;
    • it is required to investigate suspected fraud or unlawful activity;
    • it is required or authorised by law;
    • it is required for law enforcement.
  • The purpose for collecting, holding, using and disclosing your personal and credit related information

    The primary purpose of collecting, holding and using your credit related information is for Company’s business operation and as permitted by law which include the use, holding and disclosure of your credit related information for activities, such as:

    • administering, monitoring, evaluating and managing the credit arrangement you have with us;
    • collection of payments under your credit arrangement, internal accounting and administration;
    • to assist you to avoid defaulting on your credit-related obligations;
    • to undertake debt recovery and enforcement activities, and to deal with any credit infringements;
    • providing you with information about other products and services offered by us or a related company ;
    • complying with regulatory requirements;
    • managing our relationship with you;
    • protecting you and us from error or fraud;
    • to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defend our legal rights;
    • to participate in the credit reporting system and providing information to CRBs as permitted by Part IIIA of the Privacy Act and the Credit Reporting Code of Conduct.

    Company will generally collect and use your personal information for the primary purpose of:

    • Company’s general business operations;
    • providing you with Company’s goods and services and entering into transactions with you;
    • communicating with you;
    • responding to your inquires about our goods and services;
    • meeting Company’s legal and regulatory requirements;
    • conducting, improving and developing a business relationship with you;
    • marketing (such as providing individuals with information about our products and promotional notices and offers); and
    • improving Company’s website.

    Your credit related information and personal information is collected by lawful and fair means in a several ways, including:

    • where practicable, directly from you or from a person acting or authorised to act on your behalf;
    • if necessary for Company’s operations;
    • from CRBs and other credit providers;  and
    • publicly available information.

    Company takes reasonable steps to ensure that you are aware of:

    • the likely use of the information including your credit related information;
    • the right of access to the information including your credit related information;
    • the identity and contact details of the organisation collecting your information including your credit reporting information is being collected from or disclosed to;
    • any law requiring collection of the information including your credit related information; and
    • the main consequences of failure to provide any information including your credit related information.
  • How we may disclose your credit related information

    Company may disclose your personal information and your credit related information:

    • for the primary purpose for which it was collected such as those described above i.e. for our business operations, which includes, assessing a credit application form application by you for commercial credit;
    • where you would reasonably expect this;
    • where you have consented;
    • to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defend its legal rights;
    • to other credit providers;
    • to CRBs where the Privacy Act permits us to do so. We share credit information with the following CRBs:

    Dun & Bradstreet
    PO Box 7083 Sydney NSW 2001
    (tel): 02 8270 2940

    • to organisations that perform credit assessment, management and debt collection activities on our behalf;
    • to all of our affiliated companies and distributors;
    • for direct marketing by Company but giving you the opportunity to opt out of such direct marketing. Company includes its contact details in any direct marketing.

    Company does not disclose your credit relation information for any secondary purposes unless your consent has been given or as required by law.

    When we share personal information with third parties, we take reasonable steps to ensure that these third parties will protect the personal information and use it only for the purposes for which it was disclosed. We also reserve the right to disclose or transfer any personal information collected on the Company websites:

    • to protect the security of the Company websites;
    • to protect ourselves and our affiliated companies against liability;
    • to respond to subpoenas or other judicial processes;
    • if we believe in good faith that the law requires it; or
    • in connection with any sale, assignment, or other transfer of all or a part of our business or company or any business or our affiliated companies.
  • Accurate and up-to-date information

    Company takes reasonable steps to ensure that your information is accurate, complete, up-to-date and not misleading by updating its records whenever true and correct changes to the information come to its attention.

    If you believe your information is incorrect, incomplete or not current, you can request that we update this information by contacting our Privacy Officer. To contact our Privacy Officer please see contact details below.

    Company will correct information it has about you if it discovers, or you are able to show to a reasonable standard, the information is incorrect. If you seek correction and Company disagrees that the information is incorrect, Company will provide you with its reasons for taking that view. Company disregards information that seems likely to be inaccurate or out of date by reason of the time that has elapsed since it was collected or by reason of any other information in its possession.

  • Using our Websites/s

    As with most websites, when you visit Company website or use an application on Company website, Company may record anonymous information such as IP address, time, date, referring URL, pages accessed and documents downloaded type of browser and operating system.

    Company uses:

    • IP Addresses. An Internet protocol (IP) address is a unique identifier automatically assigned to a user's computer when logging onto the Internet. IP addresses are used to identify server problems, administer a website, and compile aggregated statistics for marketing and research purposes. Company websites capture IP addresses.
    • Navigational Data. Navigational data includes log files and clickstream data. Navigational data can identify a user's Web browser and operating system, when and for how long a user visits a website, what pages a user views on a website, and the address of the website that the user was visiting previously. This information is typically used to administer a website, improve website content, and compile aggregated statistics for marketing and research purposes. Company websites collect navigational data.
    • Cookies. "Cookies" are small text files sent from a website to the hard drive of a user's computer to store bits of information related to that user. Cookies can store a variety of information, including IP addresses, navigational data, server information, and data transfer times. There are two kinds of cookies: session cookies, which are deleted once a user closes his or her Web browser window or otherwise turns off his computer, and persistent cookies, which remain on a user's computer hard drive until deleted.
      • Session cookies are typically used to aid in website navigation and to collect statistical information.
      • Persistent cookies can also aid in website navigation and collecting statistical information, but are typically used to customize a website for a user, such as by storing passwords and preferences so that users do not have to reenter them each time they visit a website.

    Company websites use session cookies and persistent cookies.  You may adjust your internet browser to disable cookies. If cookies are disabled you may still use the Company websites, but the website may be limited in the use of some of the features.

    • Internet Tags: "Internet Tags" (also known as single-pixel GIFs, clear GIFs, invisible GIFs, and 1-by-1 GIFs) are similar to cookies, but they are smaller and are typically used to collect information such as the IP address and browser type related to the user's computer. Company websites use "Internet Tags."

    The Company websites may contain links to or from other websites. Company is not responsible for the privacy practices of other websites. This privacy policy applies only to the information we collect on the Company’s website. We encourage you to read the privacy policies of other websites you link to from Company’s website.

  • Stop Communications

    If you are receiving marketing communications (brochures, e-mails, etc.) from us or anyone else with whom we may share personal information as described in this policy and you no longer wish to receive such communications, please send an email to
  • Holding and the security of your personal and credit related information

    Transmissions over the Internet are never 100% secure or error-free. As a result, we do not, and cannot, guarantee the security, accuracy, or completeness of the personal information we gather from you. You should be aware that e-mail submitted through the Company websites (including forms submitted via e-mail) may not be secure or encrypted, so you should take particular care in deciding what information you send via e-mail. However, once we receive any personal information you provide to us, we may hold your information in physical form or in electronic form on our systems or the systems of our service providers. Company protects your information including your credit related information from misuse or loss by restricting access to the information in electronic format and by appropriate physical and communications security. Any information destroyed is disposed of in a manner that protects the privacy of information in an appropriate manner.
  • Access to your personal information

    Company acknowledges that you have a general right of access to information we hold concerning you, and to have inaccurate information corrected. You are able to access the information including your credit related information we hold about you by contacting our Privacy Officer.  If access is refused to your information, we will give you a notice explaining our decision to the extent practicable and your options.

    Company reserves the right to deny access to personal information, to the extent permitted by law, if providing access: 

    • could pose a possible threat to life or health;
    • could cause an unreasonable impact on the privacy of others;
    • would be in response to a frivolous or vexatious request;
    • relates to existing or anticipated legal proceedings which could be prejudiced as a result;
    • relates to existing or anticipated commercial negotiations involving Company and Company’s legitimate commercial interests could be prejudiced as a result;
    • is in any way unlawful;
    • could in any way prejudice law enforcement or security;
    • could prejudice the prevention, detection or investigation of seriously improper conduct, either within or external to Company’s operations.
  • Anonymity when dealing with Company

    Company allows individuals the option not to identify themselves when dealing with it, only where it is practicable.
  • Dealing with unsolicited information

    Company takes all reasonable steps to ensure that all unsolicited information is destroyed immediately.
  • Cross border disclosure

    Any personal information and credit related information provided to Company may be transferred to, stored by or disclosed to an overseas recipient. For example, Company may use a server hosted overseas to store data, which may include your personal information.

    Your personal information and credit related information may also be processed by employees or by other third parties operating outside of Australia in countries including United States of America, India, Philippines, and Singapore who work for Company, or by the representative and employees of Company’s parent company.

    Company will take reasonable steps, in the circumstances, before your personal information and credit related information is disclosed to an overseas receipt, to ensure that the overseas recipient does not breach privacy laws in relation to your personal information and credit related information ("the Required Steps").

    The Required Steps do not apply if you consent to the disclosure of your personal information and credit related information to an overseas recipient. By supplying your personal information and credit related information to Company, you consent to the disclosure of your personal information to an overseas recipient and agree that the Required Steps do not apply.

    If you consent to the disclosure of your personal information and credit related information to an overseas recipient, the overseas receipt will not be accountable under the Act, and you will not be able to seek redress for breaches under the Privacy Act.

  • Collecting sensitive information?

    Company does not collect sensitive information unless it is specifically relevant and necessary for the purpose of Company’s business operation and your consent is first obtained. All sensitive information is collected and used in accordance with this privacy policy. Company does not use government identifiers (e.g. tax file numbers) to identify individuals.

  • Complaints and disputes

    We acknowledge that you have a general right to ensure your personal information and credit related information is accurate and up-to-date as well as the general right of access to information concerning you, and to have inaccurate information corrected. If you have reason to believe that we have not complied with our obligations relating to your information or your credit-related information under Part IIIA of the Privacy Act and the Credit Reporting Code, please refer any compliant to queries to our Privacy Officer (details below).

    We will ensure your complaint is handled by our Privacy Officer in an appropriate and reasonable manner. Where necessary we may consult with a credit reporting body or another credit provider in order to deal with your complaint. A written notice of our decision regarding your complaint will be provided to you.

    If you are not satisfied with our response or the way your compliant was handled you may refer your complaint the relevant external dispute resolution (EDR) scheme. Company will become a member of an EDR scheme prior to 12 March 2015 and will provide you with these details once it is a member of an EDR scheme.

  • Who should you contact for further information?

    Privacy Officer

    ID Warehouse Pty Ltd 
    2 Bellevue Circuit
    Greystanes  NSW  2145

    Phone: 02-8717 6300
    Fax: 02-8717 6426
  • How often does this policy changes?

    This policy may change from time to time. A current version of this policy will be published on Company’s website or may be obtained free of charge upon request.

    This Privacy Policy was last revised on March 05th 2020.