Privacy Policy

1. Data controller

LumenFlow is the data controller for personal data processed through the service. You can reach us at thomas.j.martin@me.com.

2. What we collect

We collect information necessary to provide the service:

• Account information: name, email address, and authentication details when you sign up.
• Usage data: workspace activity, Sidekick conversations, tool calls, and action logs generated during your use of the service.
• Billing information: payment details processed by Stripe. We do not store card numbers directly.
• Technical information: IP address, browser type, and device information for security and performance purposes.
• Model provider API keys: if you use bring-your-own-key, your API keys are encrypted at rest with AES-256 on our servers and used solely to route requests to your chosen provider. Provider keys are never stored on or transmitted from your mobile device — the LumenFlow mobile app only authenticates to LumenFlow servers, and we forward requests to model providers on your behalf.
• Voice / audio (mobile dictation): when you use voice dictation in the LumenFlow mobile app, your microphone audio is streamed through LumenFlow servers to OpenAI’s Realtime API to produce a transcription. A visible indicator is shown while the microphone is active. We do not retain the audio after the dictation session ends; OpenAI’s retention follows their published policy. See section 5 for the third-party AI processing detail.

3. How we use your data

We use your data to: operate and improve the LumenFlow service; process your Sidekick requests and tool calls; generate action logs, cost tracking, and audit records; handle billing and account management; communicate with you about the service; and detect and prevent abuse.

4. Legal basis (UK GDPR)

We process your personal data under the following legal bases:

• Contract performance: processing necessary to provide the service you signed up for.
• Legitimate interests: service improvement, security monitoring, and fraud prevention, balanced against your rights.
• Consent: where required, such as for optional marketing communications.

5. AI model processing

When you use Sidekick, your prompts and context are sent to third-party AI model providers (such as OpenAI and Anthropic) to generate responses. We do not use your data to train AI models. If you use managed inference, we select the provider; if you use bring-your-own-key, requests are routed to your chosen provider. Third-party providers process data under their own privacy policies and data processing agreements:

• OpenAI— used for text inference and, when you dictate from the mobile app, for voice transcription via the OpenAI Realtime API. See the OpenAI privacy policy.
• Anthropic— used for text inference (managed-inference tier). See the Anthropic privacy policy.

On mobile, all model-provider traffic is forwarded by LumenFlow servers. Provider API keys are never stored on or transmitted from your device.

6. Data retention

Workspace data (action logs, conversations, audit records) is retained according to your plan:

• Free: 7 days
• Team: 90 days
• Enterprise: 365 days

When data reaches the end of its retention period, it is permanently deleted by an automated process — not archived or soft-deleted. Account information is retained for as long as your account is active and deleted upon account closure, subject to any legal retention obligations.

7. Account and data deletion

You can delete your LumenFlow account and the data we hold for it at any time. We provide two paths so the option remains available whether or not you can sign in:

• In-app: open the LumenFlow web app or mobile app, then go to Settings → Account → Delete account. The same deletion job runs from either surface.
• By email: contact thomas.j.martin@me.com from the email address registered to the account. Use this if you have lost access to the in-app flow.

When you confirm account deletion we remove your account record, workspace memberships you authored, Sidekick chat history and action logs authored by you, any bring-your-own-key material stored against your account, and any push tokens registered to your account. Limited records may be retained where the law requires (for example tax records for paid subscriptions, or evidence of abuse handling), and we will tell you if that applies.

8. Third-party processors

We use the following third-party services to operate LumenFlow:

• Supabase: database hosting and authentication (EU/US infrastructure).
• Vercel: application hosting and edge delivery.
• Stripe: payment processing for paid plans (web only).
• OpenAI: text inference and, for mobile dictation, voice transcription via the OpenAI Realtime API. Forwarded server-side; not invoked directly from your device.
• Anthropic: text inference under the managed-inference tier.
• Expo / EAS: mobile push token issuance and over-the-air update delivery for the mobile app.

9. Data security

We protect your data with: AES-256 encryption at rest for sensitive data including model API keys; HTTPS with HSTS for all data in transit; row-level security for workspace isolation at the database layer; and per-workspace key derivation via envelope encryption. See our Security page for more detail.

10. International transfers

Some of our processors are based outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including standard contractual clauses or adequacy decisions as applicable.

11. Your rights

Under UK GDPR, you have the right to:

• Access: request a copy of the personal data we hold about you.
• Rectification: ask us to correct inaccurate data.
• Erasure: request deletion of your personal data, subject to legal obligations.
• Portability: receive your data in a structured, machine-readable format.
• Restriction: ask us to limit how we process your data in certain circumstances.
• Objection: object to processing based on legitimate interests.

To exercise any of these rights, contact us at thomas.j.martin@me.com. We will respond within one month.

12. Cookies

LumenFlow uses essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies. Analytics, where used, relies on privacy-respecting, cookieless approaches.

13. Children

LumenFlow is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

14. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

15. Changes to this policy

We may update this privacy policy from time to time. Material changes will be communicated via email or an in-product notice. The “last updated” date at the top of this page reflects the most recent revision.

16. Contact

For privacy-related questions or to exercise your data rights, contact us at thomas.j.martin@me.com.