Terms of Use for the online payment service

1. Object and Scope of Application

These terms of use for the online payment service (hereinafter, "Terms of Use") govern the relationship between the company COMPAÑÍA LUMISA ENERGÍAS, S.L. (hereinafter, "LUMISA"), with VAT number B65711855, located at Carrer d’Ausiàs March, 67, 08010 Barcelona, and registered in the Barcelona Mercantile Registry, Volume 43048, Page 136, Sheet B 419446, Entry 1, and the user of the online payment service (hereinafter, "the User"), regarding the use of the platform enabled for making electronic payments related to the commercial activity of LUMISA (hereinafter, "the Service").

2. Acceptance of the Terms of Use

The use of the Service by the User implies full acceptance of these Terms of Use, which will be permanently available for consultation through the website www.lumisa.es/en/pago. Access to the Service will be considered as an express declaration that the User has read, understood, and accepted its content.

3. Service Description

The Service allows the User to voluntarily pay amounts corresponding to invoices issued by LUMISA through an electronic payment platform managed via a Virtual POS, provided by the banking entity Caixabank, S.A., and in accordance with the security standards defined by the PCI-DSS protocol. During the payment process, the authentication of the cardholder’s identity may be required through the mechanisms established by the issuing entity to prevent possible fraudulent use. LUMISA also reserves the right to request that the User verify their identity in cases where technical support or customer service related to the payment process is requested.

4. Payment Method Security and Privacy

Accessing the Service implies that banking data is entered directly into platforms managed by authorized third parties in secure environments, with LUMISA never storing, processing, or having access to sensitive payment-related data, such as the card number, expiration date, verification code, or other equivalent elements. Only credit or debit cards issued under the Visa, Mastercard, or Visa Electron brands are accepted as payment methods.

5. User Obligations

The User agrees not to use the Service for purposes other than those expressly authorized, nor to input, transmit, or disseminate content that is contrary to the law, public order, or third-party rights. The User also agrees not to make payments using the personal, banking, or financial data of third parties without their legitimate consent. LUMISA reserves the right to deny, suspend, or cancel, without prior notice, any transactions it deems irregular, suspicious, or contrary to applicable regulations.

6. Cost of the Service

The use of the Service does not involve any additional cost for the User, as it is offered by LUMISA free of charge as an alternative payment method for its clients. The amount of the transaction will always correspond to the amount due from the User according to the company’s internal records.

7. Personal Data Protection

Regarding the protection of personal data collected in the course of using the Service, LUMISA will act as the data controller in accordance with Regulation (EU) 2016/679 of the European Parliament and Council (hereinafter, "GDPR") and Organic Law 3/2018, of December 5, on Personal Data Protection and guarantee of digital rights.

The data provided by the User will be processed for the following purposes:

  • Managing the execution of electronic payments linked to the contractual relationship with LUMISA.
  • Verifying the identity of the User and preventing fraudulent transactions.
  • Complying with legal and tax obligations under applicable regulations.
  • Handling requests, inquiries, or claims related to the transactions performed.

The legal basis for the processing of personal data will, depending on the case, be:

  • The performance of a contract or pre-contractual measures (Art. 6.1.b GDPR).
  • Compliance with legal obligations (Art. 6.1.c GDPR), particularly in matters of taxation, accounting, and the prevention of money laundering and fraud.
  • LUMISA’s legitimate interest in ensuring the security of the Service and addressing the User’s requests (Art. 6.1.f GDPR).
  • The User’s explicit consent, where necessary (Art. 6.1.a GDPR).

The data will be processed lawfully, fairly, transparently, accurately, and limited to the purposes specified, and will be kept up to date. It will be retained for the period necessary to provide the service and, subsequently, for the periods required by applicable legislation regarding commercial, tax, and fraud prevention regulations, being duly blocked during this period.

Personal data will not be transferred to third parties unless:

  • Necessary for the execution of the transaction (e.g., to financial entities).
  • There is a legal obligation to do so.
  • The User has provided explicit consent for this purpose.

In no case will international transfers of personal data outside the European Economic Area be made without appropriate safeguards in accordance with Articles 44 and following of the GDPR.

LUMISA has adopted the appropriate technical and organizational measures to ensure the security of personal data, preventing unauthorized alteration, loss, processing, or access, ensuring its confidentiality, integrity, and availability at all times.

The User, as the data subject, may exercise the following rights at any time:

  • Right of access: to know what data is being processed.
  • Right of rectification: to request correction of inaccurate or incomplete data.
  • Right of erasure: to request deletion of data when no longer necessary.
  • Right to object: to object to processing for reasons related to their particular situation.
  • Right to restrict processing: to limit processing under certain circumstances.
  • Right to data portability: to receive data in a structured, commonly used, and machine-readable format, and transfer it to another data controller.

To exercise these rights, the User may send a written request, signed and accompanied by a copy of their identification document to:

  • Postal Address: COMPAÑÍA LUMISA ENERGÍAS, S.L., Carrer d’Ausiàs March, 67, 08010 Barcelona
  • Email: [email protected]

They may also contact the Data Protection Officer at the same email address: [email protected].

If the User believes their rights have been violated, they may file a complaint with the Spanish Data Protection Agency (www.aepd.es).

8. Cancellation or Refund Process

The cancellation or refund process for a transaction may only be initiated when there is a system error or a justified cause related to the transaction performed. To request the review of a transaction, the User must send a written communication to the email address [email protected], attaching a copy of their identification document and providing precise details of the affected transaction (date, amount, contact details, and relevant information). LUMISA reserves the right to request additional documentation to verify the ownership and legitimacy of the claim. Once the refund is approved, it will be made via bank transfer to a User's account within a maximum of fifteen calendar days from the acceptance of the request.

9. Terms of Use for Adult Individuals

Access to the Service is reserved for adult individuals acting on their own behalf or with duly accredited legal representation. Misuse of the Service, as well as failure to meet any legal or contractual requirements established in these Terms, may result in the cancellation of the transaction and the adoption of the appropriate legal measures.

Have any questions?

Resolve your doubts through our customer service channel.

Spain

Or if you prefer, call us at our totally free customer service phone number

900 811 473

We are the alternative to the big energy companies

Lumisa QR Wechat
About us

Monday to Friday from 9 a.m. to 7 p.m.

C/ de Ausias March, 67, 08010 Barcelona

Calle de Cistierna, 2, local 7, 28947 Fuenlabrada, Madrid

☎️ 900 811 473
📠 931 815 993
WhatsApp 688 100 100

[email protected]

Information
Blog news