Privacy policy

Last updated: April 2026

IMPORTANT: This document is a draft and has not been reviewed by legal counsel. It must be reviewed and approved by a qualified attorney familiar with GDPR, CCPA, and applicable data protection laws before publication. Do not publish as-is.

This Privacy Policy explains how [Your Company Legal Name] ("Company", "we", "us", or "our") collects, uses, stores, and protects your information when you use the Lumi application ("App") and the Lumi website ("Website").

1. Information we collect

Information you provide directly

  • Account information: email address, name, and payment information when you create an account or subscribe to a paid plan
  • Voice input: audio captured when you activate the microphone to give Lumi a command (see Section 3 for how voice data is processed)
  • Text input: text commands you type into the App
  • Preferences: language, notification settings, and feature preferences you configure

Information collected through service connections

When you connect Lumi to third-party services, Lumi accesses data from those services to fulfill your requests. This may include:

  • Calendar data: event titles, times, participants, and locations from Google Calendar, Outlook, or other calendar services
  • Contact data: names, phone numbers, and email addresses from your device contacts or connected services
  • Email data: subject lines, sender/recipient information, and email body content from Gmail, Outlook, or other email services
  • Document data: file names, content, and metadata from Google Drive, OneDrive, Dropbox, Notion, or other document services
  • Messaging data: message content, channel names, and user information from Slack, Microsoft Teams, or other messaging services
  • Project data: issue titles, descriptions, assignees, and statuses from Jira, Asana, Linear, or other project management tools
  • CRM data: contact records, deal information, and activity logs from Salesforce, HubSpot, or other CRM services

Lumi accesses this data only when you issue a command that requires it. Lumi does not continuously monitor or index your connected services unless you have enabled the Company Knowledge feature (Business and Enterprise plans only — see Section 6).

Information collected automatically

  • Device information: device type, operating system version, app version, and device identifiers
  • Usage data: which features you use, how often you use them, and general interaction patterns (not the content of your commands)
  • Crash reports: technical logs when the App encounters an error, which may include device state information

Information we do NOT collect

  • Biometric data: Lumi does not store voiceprints or use voice data for identification
  • Location tracking: Lumi accesses your location only when you request location-based actions, and does not track your location in the background
  • Browsing history: Lumi does not access your web browsing history
  • Photos or media: Lumi does not access your photo library unless you explicitly request a photo-related action through a connected service (such as Google Photos)

2. How we use your information

We use collected information to:

  • Fulfill your requests: execute the commands and tasks you give Lumi
  • Improve the service: analyze usage patterns (not content) to improve features, performance, and reliability
  • Provide customer support: respond to your questions and troubleshoot issues
  • Process payments: manage subscriptions and billing
  • Send service communications: account notifications, security alerts, and product updates (not marketing unless you opt in)
  • Maintain security: detect and prevent abuse, fraud, and unauthorized access

We do NOT use your information to:

  • Train AI models: your conversation history, voice recordings, connected service data, and command content are never used to train or fine-tune large language models or any other AI system
  • Sell to third parties: we do not sell, rent, or trade your personal information to any third party
  • Target advertising: Lumi does not display advertisements and does not use your data for ad targeting
  • Profile you: we do not build behavioral profiles for marketing purposes

3. Voice data processing

When you activate Lumi's microphone:

1. Audio capture: your voice is recorded only while the microphone is active (indicated by the on-screen microphone indicator). Lumi does not listen passively or use a wake word.

2. Speech-to-text: your audio is converted to text. When your device supports on-device speech recognition, this happens locally and no audio leaves your device. When on-device recognition is not available, audio is sent to a speech-to-text service over an encrypted connection.

3. Text processing: the resulting text is processed by Lumi's AI to determine your intent and plan the appropriate actions.

4. Audio deletion: raw audio recordings are deleted immediately after speech-to-text conversion. We do not store audio recordings.

The text transcript of your commands is stored as part of your conversation history (see Section 4).

4. Data storage and retention

Conversation history

Your conversation history (text commands, Lumi's responses, action results) is stored locally on your device. It is not uploaded to our servers unless:

  • You explicitly enable cloud backup of conversation history (optional feature)
  • You contact support and choose to share conversation logs for troubleshooting

Connected service tokens

OAuth access tokens for connected services are stored in your device's secure storage (Android Keystore or iOS Keychain). These tokens are encrypted at rest and are never transmitted to our servers.

Account data

Account information (email, name, subscription status) is stored on our servers and protected with industry-standard encryption (AES-256 at rest, TLS 1.3 in transit).

Data retention periods

Data typeRetention periodWhere stored
Conversation historyUntil you delete itYour device
Voice audioDeleted immediately after transcriptionProcessed in memory only
Service access tokensUntil you disconnect the serviceYour device secure storage
Account informationUntil you delete your accountOur servers
Usage analytics24 months, then anonymizedOur servers
Crash reports90 daysOur servers
Payment recordsAs required by tax law (typically 7 years)Payment processor

Data deletion

You can delete your data at any time:

  • Conversation history: delete individual conversations or all history from the App's settings
  • Connected services: disconnect any service to immediately revoke Lumi's access
  • Account: request complete account deletion through the App or by emailing privacy@lumi.app. We will delete your account data within 30 days, except records we are legally required to retain

5. How we share your information

We share your information only in these circumstances:

  • With connected services: when you command Lumi to perform an action on a connected service (such as sending a Slack message), Lumi sends the necessary data to that service through their API. This is the action you requested.
  • With service providers: we use third-party providers for payment processing, analytics, crash reporting, and infrastructure hosting. These providers are contractually bound to use your data only for the services they provide to us.
  • For legal compliance: we may disclose information if required by law, regulation, legal process, or governmental request.
  • In a business transfer: if the Company is acquired, merged, or sells assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

We do NOT share your information with:

  • Advertisers or ad networks
  • Data brokers
  • AI model training providers
  • Any third party for marketing purposes

6. Business and enterprise data handling

Company knowledge feature

Lumi Business and Enterprise plans include a Company Knowledge feature that indexes content across connected organizational services (Slack channels, shared drives, Notion workspaces, email archives) to enable cross-service search and summarization.

When enabled by an administrator:

  • Indexed data is stored in an encrypted, tenant-isolated vector database
  • Access control respects the source system's permissions — users can only retrieve information they already have access to in the original service
  • Scope is admin-controlled — administrators choose which services, channels, and repositories are indexed
  • Personal content is excluded — direct messages, private channels, and personal drives are never indexed unless the channel or drive owner explicitly opts in
  • Deletion is immediate — when an administrator disables the feature or disconnects a service, the associated index data is deleted within 24 hours

Audit logging

Lumi Business and Enterprise plans log actions taken on organizational integrations:

  • Logs include: timestamp, user, action type, target service, and result (success/failure)
  • Logs do NOT include: message content, document content, file contents, or other substantive data
  • Logs are accessible only to organization administrators
  • Logs are retained for the period configured by the administrator (default: 12 months)
  • Logs are exportable in JSON and CSV formats

Data residency

Enterprise customers may request that their organizational data (Company Knowledge index, audit logs) be stored in a specific geographic region. Available regions are specified in the Enterprise agreement. Data residency applies only to organizational data, not to individual device-stored data.

7. Security measures

We protect your information with:

  • Encryption in transit: all data transmitted between the App, our servers, and third-party services uses TLS 1.3
  • Encryption at rest: account data and organizational data stored on our servers is encrypted with AES-256
  • Secure token storage: service access tokens are stored in your device's hardware-backed secure storage
  • Access controls: our employees access user data only when necessary for support (with your consent) or to maintain the service, and all access is logged
  • Regular audits: we conduct regular security assessments and are pursuing SOC 2 Type II certification
  • Incident response: we maintain an incident response plan and will notify affected users within 72 hours of discovering a data breach, as required by applicable law

8. Your rights

Depending on your location, you may have the following rights:

  • Access: request a copy of the personal data we hold about you
  • Correction: request correction of inaccurate personal data
  • Deletion: request deletion of your personal data
  • Portability: request your data in a structured, machine-readable format
  • Objection: object to certain processing of your personal data
  • Restriction: request that we limit processing of your personal data
  • Withdraw consent: withdraw consent for processing where consent is the legal basis

To exercise these rights, contact us at privacy@lumi.app. We will respond within 30 days (or sooner as required by applicable law).

For California residents (CCPA/CPRA)

You have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information. To submit a request, contact privacy@lumi.app.

For European Economic Area residents (GDPR)

Our legal bases for processing personal data are:

  • Contract performance: processing necessary to provide the Lumi service you requested
  • Legitimate interests: usage analytics and service improvement, balanced against your privacy interests
  • Consent: optional features like cloud backup and marketing communications
  • Legal obligation: tax and financial record-keeping

You may lodge a complaint with your local data protection authority.

9. Children's privacy

Lumi is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we discover that we have collected information from a child under 16, we will delete it promptly. If you believe a child under 16 is using Lumi, contact us at privacy@lumi.app.

10. International data transfers

If you use Lumi outside of [Your Country], your data may be transferred to and processed in [Your Country]. We ensure appropriate safeguards for international transfers, including Standard Contractual Clauses where required by GDPR.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email at least 30 days before the changes take effect. The "Last updated" date at the top reflects the most recent revision.

12. Contact us

For questions about this Privacy Policy or to exercise your privacy rights:

  • Email: privacy@lumi.app
  • Mail: [Your Company Legal Name], [Your Address]

For data protection inquiries in the EU, our Data Protection Officer can be reached at dpo@lumi.app.