Privacy Policy

This Privacy Policy describes how Lumioos ("we", "us", "our") collects, uses, and shares information when you use our website mylumioos.com and related services (the "Service").

1. Information We Collect

• Account data: name, email, hashed password.
• Authentication data: Google email & profile photo if you sign in with Google.
• Usage data: chat messages, video prompts, interview answers, uploaded resumes/PDFs.
• Payment data: processed by Stripe — we never see your card details.
• Technical data: IP address, browser, device type, error logs.

2. How We Use Your Information

To operate the Service, manage your subscription, send transactional emails, detect abuse, and comply with legal obligations.

3. Third-Party Sub-Processors

OpenAI / Anthropic / Google (AI), Stripe (payments), Resend (emails), MongoDB Atlas (database), Emergent (hosting).

4. Cookies & Local Storage

JWT session token + language preference only. No advertising cookies.

5. Data Retention

Account data retained while account is active. Deleted within 30 days on request, except legally-required financial records (up to 7 years).

6. Your Rights (GDPR / KVKK / CCPA)

Access, correct, delete, export your data, or lodge a complaint with your local data-protection authority. Contact privacy@mylumioos.com.

7. Security

bcrypt password hashing, HTTPS everywhere, signed JWT tokens. We never store card numbers.

8. Children's Privacy

Not directed to children under 13 (16 in EU). We don't knowingly collect data from minors.

9. Changes

Material changes will be announced via email and on this page.

10. Contact

For any privacy question: privacy@mylumioos.com