Privacy Policy 

Last updated: January 7, 2018

This Privacy Policy (“Policy”) relates to the operations of the websites,, and any affiliated mobile applications (“Site”) and describes the types of information Luma Therapeutics, Inc. (“Luma,” “us,” “we,” or “our”) may collect from you or your authorized representative (“you”). The Policy also describes our practices for collecting, using, maintaining, protecting, and disclosing information about you, and expresses our commitment to protecting your privacy in accordance with law.

Agreement to Terms and Changes

Please read this policy carefully. If any term is unacceptable to you, please do not use the Site or provide any personal information. If you do access or use the Site, it will mean you expressly agree to the terms of this Privacy Policy.

This Privacy Policy may change from time to time, and your use of the Site after we make changes is deemed to be your acceptance of those changes, so please check the Site periodically for updates.

General Description of the Site and Information Luma May Collect and Store

The Site provides the technology that permits you to connect with a dermatologist, to receive medical advice and, if appropriate, treatment, including a prescription to illuvinate (“Products”). Luma does not practice medicine. Luma does administer health information, including collecting and securely maintaining health information from users who become patients and processing payment for services provided through the Site.

When you use the Site and communicate with us, we collect health information that individually identifies you, called Protected Health Information (“PHI”) and other private information.  Applicable state and federal laws (“Laws”), this Policy, and your Physician’s Notice of Privacy Practices (“NPP”) govern how Luma may use and disclose this information about you.

The provisions in this Policy also apply to PHI but it focuses on the information collected by and through the Site and on information we collect that is not healthcare information, such as:

  • Technical information about how and when you use the Site;
  • Technical information about your mobile device or computer, including the operating system you use;
  • Your general location when you use the Site;
  • Your internet protocol address and MAC address.

How We May Use and Disclose Information We Collect

Luma collects, stores, uses, and provides access to your information to your Physician so that your Physician can provide you with services, as described in the NPP.

We use cookies so the Site can remember who you are and your preferences and to assure your Physician that you are who you say you are. We may also use your location information to confirm you are located in a state where we operate. For these reasons, we may not respond to “do not track” signals in your browser.

We use other information to help us improve the overall quality of the Site and the services we provide.

We may share your information with third parties who are legally bound by the restrictions of this Policy and the law. As examples, we share your PHI and other information with organizations that help us run and maintain the technology and security infrastructure that supports the Site and the care that affiliated doctors provide through the Site, with secure storage facilities or hosts, and with our online payment processor and bank. We may also share your PHI with the pharmacy if an affiliated doctor prescribes medication to you through the Site and with intermediaries who enable us to send prescriptions electronically.

We also may use your information to tell you about health-related products and services we offer, and we may share it with a third party if we merge, are acquired, or undergo an asset sale.

How We Protect Your Security

We do not transfer information about you to users that do not have a legal right to access it, and we use industry standard technologies, physical security, and administrative processes to help safeguard against unauthorized users gaining access. While we cannot guarantee that unauthorized access to, or loss, misuse, or alteration of data will not occur, we use various safeguards to avoid such occurrences.

Mobile Applications

A mobile device application (an “App”) is included in the Products. When available, If you choose to use it, we will collect information about you through the App. This may include (1) location data, (2) device identification, and (3) other information about usage. We may use this information to track your location and ensure you are in a state where we operate, to improve the App., and to otherwise communicate with you. Additionally, we send push notifications through the App. from time to time to update you about certain services. If you do not wish to receive such communications, you will be able to turn them off at the device level.

How to Contact Us

Questions or comments regarding this Policy should be submitted to