Privacy Policy

This Privacy Policy explains how lummie.app ("Company," "we," or "us") collects and processes your personal data in compliance with the General Data Protection Regulation (GDPR/RODO).

• Personally Identifiable Information (PII): Name, email address, and authentication tokens from third-party services (e.g., Google).
• Service Data: Natural language prompts you submit for code and image generation.
• Technical Data: IP address, browser type, device identifiers, and usage patterns collected via cookies.

We process your data based on:

• Art. 6(1)(b) GDPR: Performance of a contract (to provide the Services).
• Art. 6(1)(f) GDPR: Legitimate interests (to secure the platform and monitor for abuse).
• Art. 6(1)(a) GDPR: Consent (for marketing communications, where applicable).

We share specific data with the following categories of processors:

• AI Providers: Your text prompts are transmitted to Reve API to generate visual content. Please review the Reve Privacy Policy for their specific data handling.
• Cloud Infrastructure: To host the platform and databases.
• Payment Services: PCI-compliant providers to process your subscriptions.

Some data may be processed in the United States. We ensure protection via Standard Contractual Clauses (SCCs) approved by the European Commission to maintain an equivalent level of data protection as in the EEA.

We retain your PII for as long as your account is active. Upon account deletion, PII is removed or anonymized within 90 days, except where longer retention is required for legal or financial compliance.

Under Polish and EU law, you have the right to access, rectify, or erase your data, as well as the right to data portability and the right to object to processing.

If you are in Poland, you have the right to lodge a complaint with the President of the Personal Data Protection Office (Urząd Ochrony Danych Osobowych - UODO).

For data-related inquiries, contact us at: legal@lummie.app