Lumi Privacy Policy
Last Updated: June 3, 2026
LumiMind ("Lumi," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, share, and protect your information when you use the Lumi application and website (the "Service").
1. Information We Collect
Information You Provide
- Account information: Name, email address, password (managed via our authentication provider, Clerk)
- Profile and onboarding responses: Information about your ADHD experience, preferences, and goals
- User content: Conversations with Lumi, mood check-ins, brain dumps, notes, reflections, focus session data, medication tracking entries, and sleep logs
- Payment information: Billing details processed by Stripe (we do not store your full card details)
- Communications: Messages you send to our support team
Information Collected Automatically
- Usage data: Features used, session duration, interaction patterns
- Device information: Device type, operating system, browser, IP address
- Cookies and similar technologies: For authentication, analytics, and Service functionality
Information from Third Parties
- Authentication providers: Clerk provides basic account information
- Payment processors: Stripe shares billing status and transaction data
- Analytics providers: We use analytics tools (e.g., Google Analytics, Vercel Analytics) to understand usage patterns
Data Shared with AI Provider (Anthropic)When you interact with Lumi's AI companion, the following information is sent to our AI provider (Anthropic) to generate a response:
- The text of your messages to Lumi
- Your current mood selection (if logged)
- Recent context from your current chat session
- Your focus session context (when relevant to the conversation)
The following information is NOT sent to Anthropic:
- Your name or email address
- Your payment information
- Your medication log entries
- Your sleep log entries
- Your specific health data or medical history
- Any data from other users
2. How We Use Your Information
We use your information to:
- Provide, maintain, and improve the Service
- Personalize Lumi's responses to your needs
- Generate AI-powered responses (see Section 3 for details on AI processing)
- Process payments and manage subscriptions
- Communicate with you about updates, features, and support
- Analyze usage patterns to improve the Service
- Detect, prevent, and address security issues
- Comply with legal obligations
3. AI Processing (Anthropic / Claude)
Lumi's conversational features are powered by Claude, an artificial intelligence service operated by Anthropic, PBC ("Anthropic"). When you interact with Lumi's AI companion:
Who receives your data: Anthropic, PBC — a third-party AI provider based in the United States.
What is shared with Anthropic:
- The content of your messages to Lumi
- Your current mood selection (when logged)
- Recent conversational context from your current chat
- Your focus session task (when relevant)
What is NOT shared with Anthropic:
- Your name, email address, or account credentials
- Your payment or billing information
- Your medication tracking data
- Your sleep tracking data
- Specific health or medical history
- Any data belonging to other users
How Anthropic uses this data:
- Anthropic uses your input solely to generate responses to your messages
- Anthropic does not use your input to train their AI models
- Anthropic retains limited data for up to 30 days for abuse-prevention purposes
- Anthropic's full data handling practices are governed by their privacy policy, available at: https://www.anthropic.com/legal/privacy
Your consent and control:
- Before your first conversation with Lumi, you will be asked to explicitly consent to this data sharing through an in-app disclosure
- You can decline the AI features and still use other parts of the Service
- You can withdraw consent at any time by ceasing use of the AI features and contacting us to delete your conversation history
Legal basis: We process your data with Anthropic on the basis of your consent and contractual necessity (to provide the AI features you signed up for).
4. How We Share Your Information
We do not sell your personal information.
We share information only with:
- Anthropic (AI processing): As described in Section 3, message content and conversation context are sent to Anthropic to power Lumi's AI features.
- Service providers: Vendors that help operate the Service, including Clerk (authentication), Supabase (database), Stripe (payments), Vercel (hosting), and analytics providers.
- Legal requirements: When required by law, court order, or to protect rights, property, or safety
- Business transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
- With your consent: When you explicitly authorize sharing
All service providers and processors are bound by contractual obligations to protect your data and use it only for the purposes for which it was shared.
4a. Medical Disclaimer
Lumi is not a medical application. Lumi does not provide medical advice, diagnosis, or treatment, and should not be used as a substitute for professional medical care. While Lumi offers personal tracking features for medications, sleep, and mood, these are for personal reference only. Always consult a qualified healthcare provider for medical decisions, including any changes to medication or treatment.
5. Data Storage and Security
Your data is stored in secure, encrypted databases (currently Supabase). We use industry-standard security practices including:
- Encryption in transit (TLS) and at rest
- Authentication via Clerk
- Limited access controls
- Regular security reviews
No system is perfectly secure. You use the Service at your own risk.
6. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account:
- Account and user content data is deleted within 30 days
- Anonymized or aggregated data may be retained for analytics
- Certain records may be retained longer for legal, tax, or compliance purposes
- Data previously sent to Anthropic is subject to Anthropic's retention practices (up to 30 days for abuse prevention) and is not within our direct control
7. Your Rights
Depending on your location, you may have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and data
- Portability: Request a portable export of your data
- Opt-out: Opt out of certain data processing, including AI-powered features
- Withdraw consent: Withdraw consent where processing is based on consent
California Residents (CCPA/CPRA)You have the right to know what personal information we collect, request deletion, opt out of the sale of personal information (we do not sell), and not be discriminated against for exercising your rights.
EU/UK Residents (GDPR)You have additional rights under GDPR, including the right to lodge a complaint with a supervisory authority. Our legal bases for processing include your consent, contractual necessity, and legitimate interests.
To exercise any rights, contact: hello@lumimind.app
8. Cookies
We use cookies and similar technologies for:
- Essential cookies: Authentication, security, Service functionality
- Analytics cookies: Understanding how the Service is used
- Preference cookies: Remembering your settings
You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.
9. Third-Party Links
The Service may include links to third-party websites. We are not responsible for their privacy practices. Review their policies before providing any information.
10. Children's Privacy
Lumi is not intended for individuals under 18. We do not knowingly collect information from anyone under 18. If you believe we have collected such information, contact us immediately.
11. International Users
Lumi is operated from the United States. If you use the Service from outside the US, your information will be transferred to, stored, and processed in the US. Anthropic also operates from the United States. By using the Service, you consent to this transfer.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes — including any changes to how we handle data with our AI provider — will be communicated via email or in-app notice. Continued use of the Service after changes constitutes acceptance.
13. Contact Us
Questions, concerns, or requests regarding your privacy?
LumiMind
Email: hey@lumimind.app
Website: https://lumimind.app