Privacy Policy

This Privacy Policy ("Policy") governs the manner in which lummie.dev ("Company," "we," "us," or "our") collects, uses, maintains, and discloses information collected from users ("User," "you," or "your") of the lummie.dev platform and any related services (collectively, the "Services"). Your access to and use of the Services is contingent upon your acceptance of and compliance with this Policy.

1. Information We Collect

We may collect information from and about you in various ways, including but not limited to, the following categories:

• Personally Identifiable Information (PII): Information that can be used to identify you, which you voluntarily provide upon registration or during your use. This includes:
  • Contact Data: Your name and email address.
  • Account Credentials: Encrypted password or authentication tokens from third-party sign-in services (e.g., Google).
• Service Data (Prompts and Generated Code): We collect and store the natural language prompts you submit and the resulting source code generated by our Services. This data is integral to the core functionality of our platform.
• Payment Data: When you purchase a subscription, we do not directly store your full credit card number. We collect limited payment data (e.g., last four digits of the card, expiry date) and rely on a PCI-DSS compliant third-party payment processor to handle the transaction.
• Usage Data: We automatically collect certain information when you access and use the Services. This includes your Internet Protocol (IP) address, browser type, operating system, access times, pages viewed, and other diagnostic data.

2. Use of Your Information and Legal Basis for Processing (GDPR)

We use the information we collect for various purposes, supported by the following legal bases required by GDPR:

3. Service Data (Prompts and Code) Clarification

We utilize Service Data (prompts and generated code) for the continuous improvement of our artificial intelligence models and service offerings.

Important Note: We implement measures to prevent the unintentional inclusion of Personally Identifiable Information (PII) within our AI model training data. However, you are responsible for ensuring that you do not input sensitive personal, proprietary, or confidential information into the service prompts. By submitting prompts, you acknowledge and agree that this Service Data will be used for model training and service enhancement, and you waive any confidentiality claims regarding the input data.

4. Disclosure and International Transfer of Your Information

We do not sell, trade, or rent your PII to others. We may share information we have collected about you as follows:

• Third-Party Service Providers: We share information with vendors who perform services on our behalf (e.g., cloud hosting, payment processing, data analysis, AI model provisioning). These providers are contractually obligated to maintain the confidentiality and security of your information.
• Business Transfers: Your information may be transferred as part of a merger, sale of assets, or acquisition.
• Legal Requirements: We may disclose your information if required by law, regulation, or a legal process (e.g., court order or subpoena).

International Data Transfers

Since we operate globally, your information may be transferred to, and stored in, countries outside your state, province, or country of residence, including the United States, where data protection laws may differ from those in your jurisdiction. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy, utilizing mechanisms such as Standard Contractual Clauses (SCCs) where required by GDPR.

5. Data Security and Retention

Security: We employ administrative, technical, and physical security measures to protect your personal information. While we strive to use commercially acceptable means to protect your data, no method of transmission over the Internet is 100% secure.

Data Retention: We retain your Personal Data only for as long as is necessary for the purposes set out in this Policy. Generally, we will retain your PII for the duration your account is active and for a reasonable period thereafter (e.g., 90 days) to allow for account recovery or internal backup purposes, unless a longer retention period is required or permitted by law.

6. Your Data Protection Rights (GDPR and Global Users)

Depending on your location, you may have the following rights regarding your Personal Data:

• Right of Access (Right to Know): The right to request copies of your Personal Data.
• Right to Rectification: The right to request that we correct any information you believe is inaccurate or incomplete.
• Right to Erasure (Right to be Forgotten): The right to request that we delete your Personal Data, under certain conditions.
• Right to Restrict Processing: The right to request that we limit the way we use your Personal Data.
• Right to Data Portability: The right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.
• Right to Object: The right to object to our processing of your Personal Data.

To exercise any of these rights, please contact us using the details below. We will respond to your request within the timeframe required by applicable law.

7. Policy for Children

Our Services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13.

8. Changes to This Privacy Policy

We reserve the right, at our sole discretion, to modify or replace this Policy at any time. We will alert you about any changes by updating the "Effective Date" of this Policy and notifying you via email or a prominent notice on the Services prior to the change becoming effective.

9. Contact Us

Should you have any questions or comments regarding this Privacy Policy, please do not hesitate to contact us at:

Email: legal@lummie.dev