Cookie Policy

1. Introduction

This Cookie Policy explains how Lucid Technology Labs ("we", "us", "our") uses cookies and similar technologies on lucidpic.com. This policy should be read alongside our Privacy Policy and Terms of Service.

For non-essential cookies, we will obtain your explicit consent before placing them on your device. We present cookie choices with equal prominence for "Accept all" and "Reject all", and we do not set non-essential cookies unless and until you consent. You can withdraw consent any time via Cookie Settings (link in our footer).

2. What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They help us provide a better experience by remembering preferences and understanding usage patterns. Similar technologies include web beacons, pixels, and local storage.

3. UK PECR Compliance

Under the UK Privacy and Electronic Communications Regulations (PECR), we must obtain consent before placing non-essential cookies. We comply by:

• Obtaining clear consent before setting non-essential cookies
• Providing clear information about each cookie's purpose
• Not setting non-essential cookies if you decline consent
• Providing easy mechanisms to manage preferences

4. Types of Cookies We Use

Essential Cookies (Strictly Necessary):

These cookies are necessary for the website to function and cannot be switched off. They do not require consent under PECR.

• laravel_session: Maintains your session (expires on browser close)
• XSRF-TOKEN: CSRF protection (expires after 2 hours)
• __cf_bm: Cloudflare bot management (expires after 30 minutes)
• Authentication and security cookies

Functional Cookies (Consent Required):

• remember_web: Keeps you logged in (expires after 30 days)
• User preferences (theme, language)
• Recently viewed content

Analytics Cookies (Consent Required):

• _ga: Google Analytics (expires after 2 years)
• _gid: Google Analytics (expires after 24 hours)
• Performance monitoring cookies

5. Legal Bases for Using Cookies

Under UK GDPR and PECR, we rely on:

• Essential cookies: Legitimate interests (GDPR Art. 6(1)(f)) in providing a secure, functional service
• Functional cookies: Consent (GDPR Art. 6(1)(a) and PECR Reg. 6)
• Analytics cookies: Consent (GDPR Art. 6(1)(a) and PECR Reg. 6)

You can withdraw consent at any time through browser settings or our cookie management tools. Withdrawal does not affect the lawfulness of processing before withdrawal.

6. Third-Party Cookies

Some cookies are placed by third-party services integrated into our platform:

• Stripe: Payment processing and fraud prevention - stripe.com/cookies-policy/legal
• Google OAuth: Authentication services - policies.google.com/technologies/cookies
• Cloudflare: Security and performance - cloudflare.com/privacypolicy

We do not control these third-party cookies. Please refer to the relevant third-party websites for information.

7. Managing Your Cookie Preferences

Browser Settings:

• Chrome: Settings → Privacy and security → Cookies
• Firefox: Settings → Privacy & Security → Cookies
• Safari: Preferences → Privacy → Manage Website Data
• Edge: Settings → Cookies and site permissions

Impact of Disabling Cookies: Disabling essential cookies will prevent you from using our Service. Disabling functional cookies may reduce personalization features.

8. Cookie Retention Periods

We retain cookies only for as long as necessary:

• Session cookies: Deleted when you close your browser
• Persistent cookies: Retained for specific periods (see Section 4)
• Analytics cookies: Maximum 2 years
• Consent cookies: 365 days to remember preferences

9. Your Rights

Under UK GDPR and PECR, you have the right to:

• Withdraw consent for non-essential cookies at any time
• Access information about cookies we use
• Object to processing based on legitimate interests
• Erasure of cookie data
• Data portability for cookie-related data
• Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk

10. International Data Transfers

Some cookies may result in data transfers outside the UK/EEA:

• Google Analytics: Data transferred to US under Standard Contractual Clauses
• Cloudflare: Global CDN with data processing agreements
• Stripe: Payment data processed under PCI DSS standards

We ensure appropriate safeguards are in place for all international transfers in compliance with UK GDPR Chapter V.

11. Children's Privacy

Our Service is not directed to individuals under 18. We do not knowingly collect personal data via cookies from children. If you become aware that a child has provided us with personal data, please contact us.

12. Changes to This Policy

We may update this Cookie Policy to reflect changes in our practices or legal requirements. Material changes will be notified by:

• Posting the updated policy with a new "Last updated" date
• Requesting fresh consent for non-essential cookies where required
• Email notification for registered users (for significant changes)

13. Contact Information

For questions about this Cookie Policy or to exercise your rights:

• Email (Privacy): privacy@lucidpic.com
• Email (General): hello@lucidpic.com
• Data Protection Officer: dpo@lucidpic.com
• Address: Lucid Technology Labs, 71-75 Shelton Street, London, WC2H 9JQ, United Kingdom

14. Additional Resources

For more information about cookies and your privacy:

• ICO: ico.org.uk/your-data-matters/online/cookies/
• All About Cookies: allaboutcookies.org
• Your Online Choices: youronlinechoices.com/uk/