Privacy Policy

1. Introduction

Please read this Privacy Policy carefully. It contains important information about your rights and our obligations. This Policy applies to all visitors, registered users, and content creators using hlumi.com, including users in the European Economic Area (EEA), United Kingdom, Switzerland, the United States (including California), and anywhere else in the world.

By accessing or using hlumi.com, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of the platform immediately.

hlumi.com is operated by:
Search Media LLC
1209 Mountain Rd Pl NE STE R, Albuquerque, New Mexico, 87110, USA
Email: [email protected] | Phone: +1 (575)-235-4664

2. Key Definitions

3. Information We Collect

3.1 Information You Provide Directly

• Account registration: Username, email address, password (hashed), and optional profile details (avatar, bio, social links) when you register on hlumi.com
• Content uploads: Video files, titles, descriptions, tags, thumbnails, and captions you upload to the platform
• User interactions: Comments, replies, likes, playlist names, and subscription actions
• Contact enquiries: Name and email address when you submit our Contact Us form or email us directly
• Live streaming: RTMP stream metadata when you broadcast live on hlumi.com

3.2 Information Collected Automatically

When you visit or use hlumi.com, we and our third-party service providers automatically collect:

• IP address (used at country/region level — not GPS precise)
• Browser type, version, and language settings
• Device type, operating system, screen resolution, and device identifiers
• Pages visited, videos watched, watch time, referral URLs, and traffic source data
• Video engagement signals — play events, pause events, completion rate, quality selection
• Interaction data — clicks, scrolls, likes, shares, comments, subscribe events
• Search queries entered on the platform
• Ad impression and click events for advertising measurement
• Server log files including access timestamps and HTTP response codes

3.3 Tracking Technologies Used

3.4 Video Platform Activity Data

As a video platform, hlumi.com tracks the following engagement events for platform operation, content ranking, and ad revenue optimisation:

3.5 Do Not Track (DNT)

Your browser may allow you to transmit a “Do Not Track” signal. There is currently no industry consensus on how websites should respond to DNT signals. Unless and until applicable law requires otherwise, hlumi.com does not alter its data collection or use practices in response to DNT browser signals. For more information, visit www.allaboutdnt.com.

3.6 Information We Do Not Collect

We do not knowingly collect payment card details, bank account numbers, government identification numbers, passport data, or other sensitive financial or identity documents through this platform.

4. How and Why We Use Your Information

• To provide, operate, maintain, and improve the hlumi.com platform and all its features
• To process video uploads, transcode files via FFmpeg, and deliver content via our CDN
• To manage user accounts, channels, subscriptions, and authentication
• To power the trending feed and content recommendation engine using engagement scores
• To understand how users interact with the platform (via Google Analytics 4)
• To serve relevant advertising via Google AdSense display, video (IMA SDK), and RSOC/AFS units
• To respond to contact form submissions, support enquiries, and DMCA requests
• To monitor platform security and detect or prevent fraud (IAB TCF Special Purpose 1)
• To deliver and present advertising and content to you (IAB TCF Special Purpose 2)
• To save and communicate your privacy and consent choices (IAB TCF Special Purpose 3)
• To comply with applicable legal obligations under GDPR, UK GDPR, CCPA, and COPPA
• To enforce our Terms and Conditions and protect our legal rights

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

5.2 EEA, UK & Switzerland — Cookie Consent (GDPR / Google EUUCP)

• Non-essential cookies are NOT activated until you provide explicit, affirmative consent
• Our CMP is Google-certified and compliant with IAB TCF v2.3 (Policies v2025-01-16.5.0.a)
• The CMP lists all Vendors, Purposes, Legal Bases, and retention periods per the IAB Global Vendor List (GVL)
• Default state: OFF for all non-essential Purposes — you must actively click “Accept All” to grant consent
• You may customise per Vendor/Purpose or decline non-essential cookies at any time
• Withdraw consent anytime via “Privacy Settings” in the site footer — withdrawal does not affect prior processing
• If “Accept All” is offered, an equivalent “Withdraw All Consent” is available when CMP is resurfaced (IAB TCF Appendix B)

IAB TCF Purposes Declared on hlumi.com

5.3 Cookie Opt-Out Options

• Google Analytics opt-out: tools.google.com/dlpage/gaoptout
• Google Ads Settings: adssettings.google.com
• Network Advertising Initiative: optout.networkadvertising.org
• Digital Advertising Alliance (US): optout.aboutads.info
• Your Online Choices (EU/UK): www.youronlinechoices.eu
• Browser cookie settings (Chrome, Firefox, Safari, Edge — see your browser Help section)

6. Google AdSense and Display Advertising

hlumi.com uses Google AdSense to display third-party advertisements across all platform pages. Google AdSense is operated by:

• EEA / UK users: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
• All other users: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google AdSense uses the DoubleClick DART cookie and related ad technology cookies to serve ads based on your prior visits to this and other websites in Google’s network, your approximate location, device type, browser settings, contextual signals from page content, and inferred interests (where consent is given).

Ad formats served on hlumi.com include responsive display banners, in-article native ads, in-feed native ads (blending into video grids), multiplex grid recommendation units, sticky anchor ads (bottom bar), desktop side rail ads, and full-screen vignette ads triggered between video page navigations.

7. Google AFS / RSOC Search Advertising

hlumi.com displays search-based ad units powered by Google AdSense for Search (AFS) and Related Search on Content (RSOC). These units appear in the sidebar and below the video description on watch pages. They show contextually relevant search-term suggestions that, when clicked, display paid search results from Google’s Search Partner Network.

RSOC units on hlumi.com are matched to the topic of the video being watched (three-way match: video content ↔ page content ↔ RSOC search terms) in accordance with Google AFS Program Policies and Google’s Restricted Access Features (RAF) policy (effective August 25, 2025).

Feed providers: hlumi.com may operate AFS/RSOC through authorised feed providers including Sedo/TMP, Predicto, MidoWeb, System1, or similar. Search Media LLC remains fully responsible for policy compliance regardless of feed source.

Opt out: Google Ads Settings

8. Video Advertising (Google IMA SDK)

hlumi.com monetises its HTML5 video player using Google AdSense for Video (AFV) via the Google Interactive Media Ads (IMA) SDK v3. Video advertisements may include:

• Pre-roll ads — skippable (after 5s) or non-skippable (≤15s), played before video content begins
• Mid-roll ads — played during videos longer than 8 minutes, at defined cue points (e.g. at 50% for 8–12 min videos)
• Post-roll ads — played after video content ends, primarily on shorter videos
• Non-linear overlay ads — text or image banners overlaid on the lower 20% of the video player while content plays; can be closed by the user
• Companion ads — display banners served outside the video player in the adjacent sidebar, synchronised with the video ad playing inside the player

The IMA SDK and its ad technology partners may use cookies, pixels, and device identifiers to measure video ad viewability, completion rates, and frequency — and to serve relevant video ads based on contextual signals or (where consent is given) inferred interests.

9. Native Advertising and Content Recommendations

hlumi.com may display native advertising widgets and content recommendation units powered by third-party networks including Taboola, Outbrain, or similar platforms. These units blend with the platform’s editorial layout and are labelled “Sponsored” or “Recommended”. Native ad providers may use cookies to serve relevant sponsored content based on your browsing behaviour. Each native ad provider operates under its own privacy policy.

10. Who We Share Your Information With

11. Third-Party Links and External Content

hlumi.com may contain links to third-party websites, embedded external content, or videos imported from external sources. These do not constitute an endorsement. We have no control over the content, privacy practices, or availability of third-party sites. We encourage you to review the privacy policy of any external site before providing personal information. Your use of third-party sites is entirely at your own risk.

12. Third-Party Services and Data Processors

Data transferred to the United States is governed by Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework (Art. 46 GDPR). Hetzner and BunnyCDN are EU-based providers subject to GDPR by default.

13. Data Security

We implement appropriate technical and organisational security measures to protect your personal information, including:

• Encrypted data transmission via HTTPS / TLS across all platform pages
• Password hashing for all user account credentials
• DDoS protection and Web Application Firewall (WAF) via Cloudflare
• Redis session caching with access-controlled server environment on Hetzner VPS
• Restricted server access via SSH key authentication
• Regular server log rotation and data minimisation practices

However, no online data transmission is completely secure and we cannot guarantee absolute security. If you suspect any misuse or breach, please contact us immediately at [email protected].

14. EEA / UK / Switzerland User Rights (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following rights under GDPR and applicable national law:

Legal Basis for Data Processing

Independent Data Controller for EU/UK users (Google): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

To exercise any right, contact [email protected]. We respond within 30 days (extendable by 60 days for complex requests, with notice).

IAB TCF Publisher Attestation (IAB TCF Policy §17(2))

15. US State Privacy Rights

California Residents (CCPA / CPRA)

• Right to Know: Request categories and specific pieces of personal information collected.
• Right to Delete: Request deletion of personal information we hold (subject to exceptions).
• Right to Opt-Out of Sale / Sharing: We do not sell personal information. However, sharing data with ad partners for cross-context behavioural advertising may constitute “sharing” under CPRA. Opt out via adssettings.google.com.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising these rights.

Submit a CCPA/CPRA request: [email protected]

Other US States

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other states with applicable privacy laws may have similar rights. Contact us at [email protected] to exercise any applicable rights.

16. Children’s Privacy

hlumi.com is not directed at children under the age of 13 in the United States (COPPA), or under 16 in the EEA (GDPR Article 8). We do not knowingly collect personal information from children. For EEA/UK/Switzerland users: personalised advertising is not served to users identified as under 18, per Google’s child privacy policies, the EU Age Appropriate Design Code (AADC), and related child safety regulations. The TFUA parameter may be applied in ad tags to request restricted data processing for underage users, disabling personalised ads and third-party vendor requests.

If you believe a child has provided personal data to hlumi.com, please contact us immediately at [email protected] and we will delete it promptly.

17. Data Retention

You may request deletion of your personal data at any time by contacting [email protected].

18. International Data Transfers

hlumi.com is operated from the United States. If you access the platform from the EEA, UK, Switzerland, or any jurisdiction with data protection laws, your information may be transferred to and processed in the United States and other countries. For EEA/UK transfers to the US, we rely on:

• Standard Contractual Clauses (SCCs) — approved by the European Commission under Art. 46(2)(c) GDPR
• EU-US Data Privacy Framework (DPF) — where applicable service providers are certified
• UK International Data Transfer Agreements (IDTA) — for UK transfers where applicable

Note: Our VPS hosting (Hetzner) and video CDN (BunnyCDN) are based in the EU and are subject to GDPR by default, minimising international transfer exposure for video data. Contact [email protected] for details of applicable transfer safeguards.

19. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make material changes, we will update the “Last Updated” date at the top of this page. For significant changes — such as new data collection practices or new advertising partners — we will post a notice on the platform. Your continued use of hlumi.com after any changes constitutes acceptance of the updated Policy. We encourage you to review this page periodically.

20. Contact Us

For questions, concerns, or data rights requests relating to this Privacy Policy, please contact us: