Lumetra Privacy Policy

Effective Date: May 22, 2026
Last Updated: May 22, 2026

Lumetra (“Lumetra,” “we,” “us,” or “our”) provides the Engram platform, websites, applications, and related services (the “Service”). This Privacy Policy explains how we collect, use, disclose, sell, share, and protect personal information when you use the Service, and describes your rights and choices.

If you do not agree with this Privacy Policy, do not use the Service.

Who we are / contact

1) Quick summary

2) Key definitions

3) What we collect

A. Information you provide

B. Information we generate or derive

C. Information collected automatically

D. Information from third parties

4) How we use information

Legal bases (EEA/UK, if applicable): contract necessity; legitimate interests (e.g., security, improvement); consent (where required, e.g., certain cookies/ads); compliance with law.

5) Disclosures of information

We disclose personal information to:

We do not disclose Paid Account personal information for sale; see Section 6.

6) Sale/share and plan‑specific practices

Free Accounts

Paid Accounts

Enterprise

Enterprise Rider may modify or override the above (e.g., disabling training, custom retention, custom subprocessors). The rider controls for that enterprise account.

7) Cookies and tracking

We use cookies and similar technologies for authentication, security, performance, analytics, and—Free Accounts only—advertising/measurement (where permitted).

Manage preferences at [Cookie Settings link] and (where required) via consent banners. We honor GPC for sale/share opt‑outs in supported regions.

8) Data retention

We retain personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and protect our rights. Typical ranges:

As stated in the ToS, we do not guarantee retention and may retain, anonymize, or delete Data at our discretion, subject to applicable law and any enterprise rider.

9) Security

We implement reasonable technical and organizational measures designed to protect personal information (e.g., encryption in transit/at rest, access controls, logging, segregation, secure development practices). No system is perfectly secure. If we discover a security incident affecting your personal information, we will notify you without undue delay as required by law.

10) International data transfers

We may transfer, store, and process personal information in countries other than where it was collected (including the United States). Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for cross‑border transfers.

11) Your privacy rights

Depending on your location, you may have rights to:

How to exercise: Email privacy@lumetra.io with your request. We will verify your identity (and agent authorization where applicable) and respond within the time required by law. You will not be discriminated against for exercising your rights; however, the Free tier may offer reduced functionality without sale/share, and you may choose a Paid plan to avoid sale/share by design.

California notices (CPRA):

12) Children’s privacy

The Service is for adults (18+) only. We do not knowingly collect personal information from anyone under 18. Do not use the Service if you are under 18. If you believe a minor has provided personal information, contact privacy@lumetra.io for deletion.

13) Sanctions and restricted persons

We do not do business with anyone under U.S. sanctions and may collect/use identifiers, geolocation signals, and screening data to comply with sanctions and export controls.

14) Publicity (logos)

If you use the Service, you grant Lumetra the right to display your name and logo to identify you as a customer on our websites and marketing materials, consistent with our Terms. Enterprise riders may customize publicity permissions.

15) Third‑party services and links

Third‑party services you connect to (or that we use to provide the Service) have their own terms and privacy practices. We are not responsible for their practices. Review their policies before enabling integrations.

16) Changes to this Privacy Policy

We may update this Policy from time to time. We will update the “Last Updated” date and, for material changes, provide notice (e.g., email, in‑product) consistent with applicable law. Your continued use of the Service after the effective date constitutes acceptance.

17) How to contact us

Questions or requests? Email privacy@lumetra.io

18) U.S. “Notice at Collection” (California‑style summary)

Categories we collect → Examples → Sources → Purposes → Disclosed to → Sold/Shared (Free only?)

We do not intentionally collect sensitive personal information and instruct users not to submit regulated categories absent a governing addendum.

19) Your choices

20) Role and processing agreements

By default, Lumetra acts as an independent business/controller for the Service. For certain enterprise features, Lumetra may act as a processor under a Data Processing Addendum (DPA) incorporated into the Enterprise Rider. See [DPA link] for details, including cross‑border transfer mechanisms (e.g., SCCs).