Privacy Policy

Last updated: December 22, 2025

At LuxeDetect, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. Please read this policy carefully. If you have any questions, contact us at info@luxedetect.com.

1. Introduction

Welcome to LuxeDetect ("LuxeDetect," "we," "us," or "our"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy ("Policy") explains how we collect, use, store, share, and protect information about you when you interact with our websites, mobile applications, or related services (together, the "Services"). Our aim is to be transparent about what data we handle and why, and to help you understand your rights and choices. Please take a moment to read this Privacy Policy carefully so you know how we process your personal data and how you can contact us if you have any questions. Where we rely on your consent — for example, for marketing communications or optional analytics — we will always ask for it clearly and give you an easy way to withdraw it at any time. If you have any questions about this Policy or how we handle your data, you can reach us at: info@luxedetect.com

2. Who We Are

LuxeDetect provides independent authentication of branded goods and related services. Company Name: LuxeDetect Address: New York, NY Email: info@luxedetect.com When you use our websites, apps, or related services, LuxeDetect acts as the data controller — meaning we determine how and why your personal data is processed. In some cases, we work with trusted third-party service providers (for example, for hosting, analytics, or payments). These providers act as data processors under our instructions and are bound by data protection agreements to keep your information secure. LuxeDetect operates completely independently and is not affiliated with, sponsored by, or endorsed by any of the brands we authenticate or reference in our materials.

3. Scope of This Policy

This Privacy Policy explains how we handle personal data when you interact with LuxeDetect through any of our websites, mobile applications, or related digital services (together, the "Services"). For example, this Privacy Policy applies when you: a) visit or browse our websites, including luxedetect.com or any connected pages; b) purchase authentication services or use our API-based services as a business client; c) communicate with us by email, chat, or through customer support; d) interact with our marketing, social media, or advertising content. This Policy covers personal data that we collect directly from you or through third-party integrations we use to deliver our Services. It does not apply to anonymized or aggregated data that can no longer identify you. If you access third-party websites, apps, or platforms through our Services (for example, by clicking external links or viewing embedded content), those services are governed by their own privacy policies, and we are not responsible for how they handle your data.

4. Definitions

In this Privacy Policy, the following terms have the meanings set out below: Personal data – any information that identifies, relates to, or can reasonably be used to identify a person, either directly or indirectly. Examples include your name, email address, billing details. Processing – any operation performed on personal data, whether automated or not. This includes collecting, recording, organizing, storing, altering, using, disclosing, transmitting, or deleting personal data. Data subject – the natural person to whom the personal data relates (for example, a customer, website visitor, or course participant). Controller – the person or organization that determines the purposes and means of processing personal data. For all data collected through LuxeDetect's Services, the controller is LuxeDetect. Processor – a third party that processes personal data on behalf of the controller, following its documented instructions and under a binding data processing agreement. Services – all websites, mobile applications, online platforms, APIs, and related tools operated or managed by LuxeDetect, including authentication services and API integrations. Cookies and similar technologies – small files or tracking technologies stored on your device (e.g., browser cookies, pixels, or tags) that help us operate the website, remember preferences, measure usage, or personalize content and advertising. Supervisory authority – an independent public authority responsible for monitoring the application of data protection law (for example, the relevant data protection authority in your location). Applicable law – all laws and regulations governing data protection and privacy that apply to LuxeDetect's operations, including, where applicable, the EU General Data Protection Regulation (GDPR) and national implementations thereof.

5. What Data We Collect

We collect different types of personal data depending on how you use our Services. This includes information you share with us directly, data we collect automatically when you use our websites or apps, and data we receive from trusted third parties that help us run our business. 5.1 Information you provide to us We collect the information you share with us when you create an account, place an order, or contact us for support. This may include: • Account details – your name, email address, and password (stored securely in encrypted form). • Billing and contact information – your billing address and other details needed to complete your order. • Authentication data – photos and descriptions of items you submit for authentication. All photos are processed securely. Authentication photos may occasionally contain incidental personal data (e.g., a hand, background). These are processed only for the purpose of delivering the service. • Payment information – limited payment details such as the payment method, card brand, last four digits, and billing address. We never store full card numbers or CVC codes — payments are handled securely by Stripe. • Communications – emails, chat messages, or support tickets you send us. • Marketing preferences – your choices about receiving newsletters, offers, or updates. 5.2 Information we collect automatically When you visit our websites or use our apps, we automatically collect certain data to help us keep the platform secure, improve performance, and understand how people use our Services. This may include: • Technical data – your IP address, browser type, device model, operating system, time zone, and the pages you visit. • Usage data – interactions with our website or app, such as logins, actions performed, or time spent on a page. • Cookies and similar technologies – small files that help the site work properly, remember your preferences, and analyze performance. You can learn more in Section 9. 5.3 Information we receive from others We also receive some data from third-party partners and services that help us operate smoothly. For example: • Payment processors (like Stripe) send us confirmation of successful or failed payments. • Analytics and advertising partners (like Google, Meta) help us measure performance and improve our website. • Business clients and API users may share limited information when using our authentication service through integrations. • Cloud and AI service providers process de-identified images to help with authentication workflows. We do not collect any sensitive personal data such as health information, political opinions, or biometric data.

6. Why We Use Your Data

We only use your personal data when we have a valid legal reason to do so — for example, to provide our services, meet legal requirements, or improve your experience.

Below are the main reasons we collect and process your data, together with the legal bases that allow us to do so:

PurposeDescriptionLegal Basis
To provide our servicesTo create and manage your account, process authentication orders, issue certificates, and deliver our services.Performance of a contract
To process paymentsTo handle billing, complete transactions, and issue invoices through our secure payment partners (e.g., Stripe).Performance of a contract / Legal obligation
To communicate with youTo respond to your inquiries, provide customer support, and send order updates or service notifications.Legitimate interests
To improve our servicesTo analyze how users interact with our website or app, fix errors, and make our platform faster and more reliable.Legitimate interests
To ensure security and prevent misuseTo protect our platform, detect fraudulent activity, and ensure compliance with our Terms of Service.Legitimate interests / Legal obligation
To send marketing and updates (if you opt in)To send you newsletters, offers, or product updates that you've chosen to receive. You can unsubscribe anytime.Consent
To manage cookies and analyticsTo remember preferences, understand site performance, and improve marketing relevance.Consent
To comply with laws and regulationsTo meet accounting, tax, and legal obligations that apply to our business.Legal obligation
To support AI-assisted workflowsTo use AI tools for image quality checks or metadata enrichment. Images are de-identified, and no automated decisions are made that affect you.Legitimate interests

We do not use your personal data for any automated decision-making that produces legal or similarly significant effects on you.

7. Third-Party Services and Processors

To deliver our Services, we rely on carefully selected third-party providers that help us operate securely and efficiently — for example, to host our infrastructure, process payments, or manage analytics. Each provider processes personal data only to the extent necessary to perform its functions and is contractually bound by data protection terms that comply with applicable data protection laws and reflect recognized industry standards. We engage such providers for purposes including cloud hosting and data storage; payment processing and e-commerce; customer support and communication tools; analytics, marketing, and consent management; automation, reporting, and AI-based image analysis to support authentication workflows. These providers maintain their own robust security and compliance programs, and we periodically review their practices to ensure they remain appropriate and effective. We do not sell, rent, or trade personal data with any third parties. If you would like to know more about the specific service providers we work with, you can contact us at info@luxedetect.com

8. Data Transfers

Some of our trusted service providers are located, or store data, outside your country of residence. When this happens, we take all necessary steps to make sure your personal data remains protected and is processed in line with applicable data protection standards. For transfers subject to GDPR, we rely on one or more of the following safeguards: a) Adequacy decisions confirming that the destination country offers an equivalent level of data protection; b) Standard Contractual Clauses (SCCs) approved by the European Commission, which legally require our partners to protect your data to EU standards; c) Additional contractual, organizational, and technical measures, such as encryption and access control, to safeguard data during transfer and storage. Our key infrastructure and processing partners, such as cloud hosting and AI service providers, may process data in the United States or other locations. These transfers are always subject to appropriate safeguards designed to ensure the security and lawfulness of processing in accordance with applicable data protection laws.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website to make it work properly, understand how it is used, and improve your overall experience. What cookies are Cookies are small text files placed on your device (computer, tablet, or phone) when you visit a website. They help remember your actions and preferences — such as login details or language — for a period of time. Some cookies are essential for the website to function, while others are used for analytics or marketing. How we use cookies • Essential cookies – required for the basic operation of the website, such as enabling secure login or saving cookie preferences. • Analytics cookies – help us understand how visitors use our website and improve performance (for example, via Google Analytics). • Marketing cookies – used to deliver relevant ads and measure the effectiveness of our marketing across platforms such as Google and Meta. Managing your preferences When you first visit our website, you will see a cookie banner that allows you to choose whether to accept or reject non-essential cookies. You can change or withdraw your consent at any time using the banner or through your browser settings. Please note that disabling certain cookies may affect website functionality or limit your experience.

10. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy or to comply with legal, accounting, or regulatory requirements. When data is no longer needed, we securely delete or anonymize it.

Type of DataTypical Retention PeriodPurpose / Notes
Account and order informationUp to 24 months after your last activity (or longer if required by law)To manage your account, process transactions, and meet tax or accounting obligations.
Uploaded images and authentication-related content6–12 months after authentication completionTo allow for post-verification review or customer inquiries. Deleted sooner upon request.
Customer support communicationsUp to 24 months after issue resolutionTo maintain service records and improve support quality.
Marketing preferences and consentsUntil you unsubscribe or withdraw consentTo manage subscriptions and comply with marketing regulations.
Analytics and technical logsGenerally up to 13 monthsTo monitor website performance and security.

If we must keep certain information longer (for example, to comply with tax or legal retention rules), it will be stored only for the minimum time required and securely deleted afterward. Copies of data may remain temporarily in encrypted system backups for continuity and recovery purposes, accessible only to authorized personnel under strict security controls.

11. Your Rights

Under applicable data protection laws (including the GDPR where applicable), you have several important rights in relation to your personal data. You can exercise these rights at any time by contacting us at info@luxedetect.com.

Your RightWhat It Means
AccessYou can request a copy of the personal data we hold about you.
CorrectionYou can ask us to correct or update inaccurate or incomplete information.
Erasure ("Right to be Forgotten")You can request the deletion of your personal data where there is no valid reason for us to keep it.
Restriction of ProcessingYou can ask us to temporarily stop using your data while we verify or resolve a concern.
Data PortabilityYou can request your data in a structured, commonly used, and machine-readable format so it can be transferred to another provider.
ObjectionYou can object to the processing of your personal data where it's based on legitimate interests or for direct marketing purposes.
Withdraw ConsentIf we process your data based on consent (for example, for marketing or cookies), you can withdraw it at any time.
Lodge a ComplaintYou can contact your local data protection authority if you believe your rights have been violated.

How to Exercise Your Rights

To make a privacy request, please email us at info@luxedetect.com with a short description of your request and the email address linked to your account or order. We may ask you to verify your identity before processing the request.

We will confirm receipt and respond as soon as possible — and always within one month. If your request is complex or involves large volumes of data, we may need more time, but we will always inform you of the delay and explain the reason.

12. Marketing Communications

We may occasionally send you marketing or promotional messages about LuxeDetect services — for example, updates on authentication features or special offers that we believe may be relevant to you. We rely on our legitimate interest in keeping existing customers informed about our own similar products and services. This applies only if you have purchased from us before or provided your contact details in connection with a LuxeDetect service.

You are always in control of your preferences. You can unsubscribe at any time by clicking the "Unsubscribe" link included in every marketing email, or by contacting us directly at info@luxedetect.com.

We do not sell, rent, or share your contact details with third parties for their own marketing purposes.

13. Data Security

We take the security of your personal data very seriously and use a combination of technical and organizational measures to protect it against unauthorized access, loss, misuse, or disclosure. These measures typically include:

  • • Encryption of data in transit and at rest;
  • • Access controls and authentication procedures that limit access to authorized personnel only;
  • • Regular monitoring and security reviews of our systems and infrastructure;
  • • Hosting on trusted cloud providers with strong data-protection standards; and
  • • Internal guidelines and confidentiality agreements for all team members and contractors who handle personal data.

While we do everything reasonably possible to keep your information secure, no online service can guarantee absolute security. If we ever become aware of a personal data breach that poses a risk to your rights or freedoms, we will notify the relevant supervisory authority and affected individuals as required by law.

14. Children's Privacy

Our Services are not intended for children under 16 years of age, and we do not knowingly collect or process personal data from anyone under this age.

If you are under 16, please do not provide any personal data through our websites, mobile apps, or other communication channels.

If we become aware that we have collected personal data from a child without verified parental consent, we will delete that information as soon as possible. Parents or guardians who believe their child may have provided us with personal data can contact us at info@luxedetect.com to request deletion.

15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.

When we make significant updates, we will let you know by posting a clear notice on our website or by sending you an email before the changes take effect. The "Last Updated" date at the top of this page always shows when this Policy was last revised.

We encourage you to review this Policy periodically to stay informed about how we protect your personal data.

16. Contact Us

If you have any questions about this Privacy Policy, how we handle your personal data, or wish to exercise your privacy rights, please contact us:

LuxeDetect

New York, NY

Email: info@luxedetect.com