Legal
Privacy Policy
This policy explains what data Lumina ERP collects across our website, Platform, and consulting services, how it is processed and stored, which third parties are involved, and how you can exercise your rights regarding your personal data.
Introduction
Lumina ERP, LLC ("we," "us," or "our") operates lumina-erp.com, provides the Lumina AI, Lumina Agents, and Lumina Voice platform services (collectively, the "Platform"), and offers consulting and professional services for third-party ERP systems such as Prophet 21 and Epicor Kinetic (the "Consulting Services").
This Privacy Policy explains how we collect, use, store, and protect information when you visit our website, use our Platform, engage our Consulting Services, or otherwise interact with us. It applies to all users, including website visitors, trial users, paying subscribers, and consulting clients.
Information We Collect
We collect information you provide directly, data generated through your use of the Platform, and limited technical information captured automatically.
- Account information such as name, email address, phone number, company name, job title, and billing details.
- ERP data you provide or connect to the Platform for AI model training, including transactional records, inventory data, purchasing history, and operational metrics.
- Call recordings and transcriptions generated through Lumina Voice.
- Usage analytics including feature interactions, API call volumes, model inference requests, and session activity.
- Technical data such as browser type, device type, IP address, approximate location, pages visited, and navigation flow.
- Communications you send us, including support requests, feedback, form submissions, and live chat messages.
- Profile details you choose to share when using optional LinkedIn sign-in to auto-fill a contact form, such as your name, email address, and headline.
- For Consulting Services, information about your existing ERP and business systems that you share with us under a separate engagement agreement.
How We Use Information
We use collected information for the following purposes:
- Provide, operate, and maintain the Platform and its features, including Lumina AI, Lumina Agents, and Lumina Voice.
- Train and fine-tune AI models using your ERP data exclusively for your organization. Your data is never used to train models for other customers.
- Process and transcribe voice calls and generate AI-powered insights.
- Execute autonomous agent workflows such as purchase order creation, exception handling, and demand forecasting.
- Send transactional communications including invoices, service updates, security alerts, and support responses.
- Analyze usage patterns to improve Platform performance, reliability, and user experience.
- Comply with legal, regulatory, and security obligations.
Data Isolation and AI Model Training
Each customer's AI model is trained exclusively on that customer's data within an isolated environment. Customer data is never pooled, shared, or used to improve models belonging to other customers.
Fine-tuned models are logically isolated per customer account. You retain full ownership of your source data and any outputs generated by your models.
Consulting and Professional Services
When you engage our Consulting Services, we may be given access to your existing ERP systems, databases, and related business data to perform the agreed work. Each engagement is governed by a separate services agreement or statement of work that defines the scope of access and how your data is handled.
We access client systems only as needed to deliver the engagement, use the data solely for that purpose, and do not use it to train Platform models or benefit other clients. Access is removed at the end of the engagement unless you ask us to stay on under an ongoing support arrangement.
Data Storage and Infrastructure
We process and store data using the following infrastructure:
- Cloudflare Workers, D1, R2, and KV for application hosting, structured data storage, file storage, and caching.
- All data is encrypted in transit via TLS and at rest where supported by the underlying storage provider.
- Infrastructure is distributed across Cloudflare's global network to provide low-latency access and high availability.
Third-Party Processors
We use the following third-party service providers to operate the Platform. Each processor is contractually bound to handle data only as instructed by us.
- Deepgram: Real-time speech-to-text transcription for Lumina Voice.
- Google Gemini: AI model capabilities for intelligent analysis and agent suggestions.
- Twilio: Voice calling infrastructure, phone number provisioning, and SMS delivery.
- Cloudflare: Hosting, CDN, security, DNS, Workers compute, and data storage (D1, R2, KV).
- Datadog: Application monitoring, real user monitoring (RUM), session replay, and performance analytics.
- Google (Tag Manager and Analytics 4): Website traffic analysis and interaction measurement, loaded through Google Tag Manager.
- Meta (Facebook): The Meta Pixel measures website conversions and supports our advertising. This involves sharing limited event data with Meta.
- Intercom: Live chat and customer messaging on our website and within the Platform.
- LinkedIn: Optional sign-in used to auto-fill contact forms when you choose to use it.
- Stripe: Payment processing and subscription billing (Stripe never has access to your ERP data).
Cookies
We use cookies that are essential for security and service operation, analytics cookies to understand and improve the website experience, and marketing cookies that help us measure and improve our advertising. We do not sell your personal information.
- Cloudflare Access cookies (CF_Authorization) for authentication and session management.
- Cloudflare security cookies (__cf_bm, cf_clearance) for bot protection.
- Datadog RUM cookies for application performance monitoring and session replay.
- Google Analytics cookies (_ga, _ga_*), loaded via Google Tag Manager, for website traffic analysis.
- Meta Pixel cookies (_fbp, and _fbc when present) for advertising measurement and conversion tracking.
- You can manage or decline non-essential cookies through your browser settings, and adjust ad personalization through your Meta and Google account preferences. Some Platform functionality may be affected if essential cookies are blocked.
Data Retention
We retain data only as long as necessary for the purposes described in this policy or as required by law.
- ERP data and trained models: retained for the duration of your subscription plus 30 days after cancellation to allow data export.
- Call recordings: retained for 90 days from the date of the call, then automatically deleted.
- Transcripts: retained indefinitely while your account is active, then deleted 30 days after account cancellation.
- Application and access logs: retained for 30 days.
- Analytics event data: retained according to provider settings, typically up to 14 months for Google Analytics.
- Billing records: retained as required by applicable tax and accounting regulations.
Your Rights Under GDPR
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
- Right to Restrict Processing: Request that we limit how we use your data in certain circumstances.
- Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
- Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
- To exercise any of these rights, contact us at privacy@lumina-erp.com. We will respond within 30 days.
Your Rights Under CCPA
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:
- Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected.
- Right to Delete: Request deletion of personal information we have collected from you.
- Right to Opt-Out of Sale or Sharing: We do not sell personal information. We do use advertising tools such as the Meta Pixel, which may qualify as "sharing" for cross-context behavioral advertising under California law. You can opt out by declining non-essential cookies in your browser and adjusting your Meta advertising preferences.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
- To submit a request, email privacy@lumina-erp.com. We will verify your identity and respond within 45 days.
Security
We implement administrative, technical, and organizational safeguards appropriate to the sensitivity of the data we process. These include TLS encryption for all data in transit, Cloudflare Access for identity-based authentication, role-based access controls, isolated model environments, and regular security reviews.
While no system is perfectly secure, we are committed to protecting your data and promptly addressing any security incidents.
International Data Transfers
Our infrastructure is distributed globally via Cloudflare's network. Data may be processed in jurisdictions outside your country of residence. Where required, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms to ensure adequate protection.
Children's Privacy
The Platform is designed for business use and is not directed to individuals under 18. We do not knowingly collect personal information from children.
Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via email to account holders and reflected on this page with a revised last-updated date. Continued use of the Platform after changes constitutes acceptance of the revised policy.
Contact
For privacy-related inquiries, data requests, or to exercise your rights:
- Company: Lumina ERP, LLC
- Email: privacy@lumina-erp.com
- General inquiries: hello@lumina-erp.com
- Mailing Address: 8080 Westpark Drive, Ste 80341, Houston, TX 77063