Sign in Subscribe

Privacy Policy

Last Updated: April 4, 2026

1. Introduction

Luca by the Way ("we," "our," or "us") is committed to protecting your privacy. This policy explains how we collect, use, and protect data when you visit our website lucabytheway.com.

2. Information We Collect

Personal Information: Name and email address collected when you subscribe to our newsletter, submit the contact form, or create an account.

Usage Data: Pages visited, time spent, clicks, navigation paths, referral URLs, and similar analytics data.

Device Information: Device type, operating system, browser details, IP address, and mobile network data.

3. How We Use Your Information

  • Providing and improving our website and content
  • Sending newsletters and updates you've subscribed to
  • Responding to inquiries submitted through our contact form
  • Analyzing trends and usage patterns to improve user experience
  • Meeting legal obligations

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Service providers (hosting, analytics, email delivery)
  • Legal authorities when required by law
  • With your consent

5. Data Storage and Security

We use SSL/TLS encryption in transit and implement industry-standard security measures to protect your data. No method of transmission over the Internet is 100% secure, but we apply best practices to safeguard your information.

6. Third-Party Services

Our website may use third-party services such as Google Analytics, Ghost (CMS), and email delivery platforms. We encourage you to review their respective privacy policies.

7. Cookies and Tracking Technologies

Essential Cookies: Required for basic website functionality and security.

Analytics Cookies: Help us understand visitor traffic and usage patterns.

Functionality Cookies: Remember your preferences and personalize your experience.

You can control cookie settings through your browser preferences.

8. Your Rights and Choices

You may request:

  • Access to your personal information
  • Corrections to inaccurate data
  • Deletion of your information
  • Opt-out of marketing communications
  • Data portability

We will respond to requests within 30 days or as required by applicable law.

9. California Privacy Rights (CCPA/CPRA)

California residents have the right to know what personal information is collected, request deletion, correct inaccurate information, opt out of sales or sharing, and receive non-discriminatory treatment. We respond within 45 days after identity verification.

10. International Users (GDPR)

Users in the EEA, UK, and Switzerland have additional rights under GDPR, including access, rectification, erasure, restriction of processing, portability, and objection to automated decision-making. International data transfers are governed by Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

Our website is not directed to users under 13 (or 16 in the EEA). We do not knowingly collect personal information from children.

12. Data Retention

We retain information only as long as necessary for the purposes stated in this policy, legal requirements, and dispute resolution. Unused data is securely deleted or anonymized.

13. Changes to This Policy

We may update this policy from time to time. Changes will be posted with a revised "Last Updated" date. Continued use of the website constitutes acceptance of any changes.

14. Contact Us

If you have questions about this Privacy Policy, please reach out through our contact page.