Privacy Policy

Lumina is the data controller for personal data collected through the Platform. If you have questions about this policy or your personal data, contact us at privacy@luminahq.com.

Where organisations use the Platform to manage their employees' leave and attendance data, that organisation acts as the data controller for its employees' data, andLumina acts as a data processor on their behalf.

2.1 Account and identity data

• Name and email address (required to create an account)
• Profile information you provide (job title, department, hire date)
• Authentication credentials (passwords are hashed; we never store them in plain text)
• SSO tokens if you sign in via Google or Microsoft

2.2 Leave and attendance data

• Leave requests: type, dates, reason, and status history
• Attendance records: shift schedules, overrides, incident notes
• Penalty and reward ledger entries: activity type, monetary amounts, points, notes
• Approval and rejection actions taken by managers

2.3 Usage and technical data

• Browser type, operating system, and device type
• IP address and approximate geolocation (country/region)
• Pages visited, features used, and timestamps
• Error logs and crash reports to help us fix bugs

2.4 Data we do not collect

We do not collect payment card numbers (billing is not yet active during the beta period). We do not collect health or medical information beyond what an employee voluntarily includes in a leave request reason. We do not run advertising trackers or sell data to third parties.

We do not use your data for automated decision-making or profiling that has legal or similarly significant effects on you.

We share personal data only in the following circumstances:

• Firebase / Google Cloud— our database, authentication, and hosting infrastructure. Data is stored in the region selected for your deployment. Google processes data as a sub-processor under Google's Data Processing Terms.
• Your organisation's administrators— if you are an employee user, your leave, attendance, and penalty/reward data is visible to your organisation's Administrator and Manager roles as configured.
• Legal requirements — we may disclose data if required by law, court order, or to protect the rights, property, or safety of Lumina, our users, or the public.
• Business transfers — if Lumina is acquired or merges with another entity, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

We do not sell, rent, or otherwise share personal data with advertisers or data brokers.

We retain personal data for as long as your account is active or as needed to provide the Platform. Specific retention periods:

• Account data — retained while your account is active. If you deactivate your account, data is retained for 30 days to allow export, then deleted.
• Leave and attendance records— retained for the life of the organisation's account. Organisations can export all data via the Reports page at any time.
• Penalty and reward ledger— retained as an immutable audit log for the life of the organisation's account. Individual entries can be voided (flagged) but are not hard-deleted; this is by design for audit integrity.
• Usage logs — retained for up to 12 months for debugging and security purposes, then deleted or anonymised.

We implement technical and organisational measures appropriate to the risk of processing personal data, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256) via Firebase
• Firestore security rules that enforce strict per-tenant data isolation — no user can read another tenant's data
• Role-based access control enforced at three layers: edge proxy, application guard, and database rules
• Password hashing using Firebase Authentication's bcrypt-based scheme
• No plain-text credentials stored anywhere in the system

No system is completely secure. If you discover a security vulnerability, please report it responsibly to security@luminahq.com before public disclosure.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

To exercise any of these rights, email privacy@luminahq.com. We will respond within 30 days. If you are an employee user, some requests (e.g. deletion of leave records) may need to be directed to your organisation's Administrator, who acts as the data controller for your employment records.

The Platform uses the following client-side storage:

• Session cookie (__session) — stores your authentication state (user ID, role, tenant). Required for the Platform to function. Expires when your session ends or you sign out.
• Locale cookie (NEXT_LOCALE) — stores your preferred language. Expires after 1 year.
• IndexedDB (offline queue) — stores pending writes when you are offline. Cleared automatically after successful sync.
• Firebase Auth persistence — stores authentication tokens in localStorage to keep you signed in between sessions.

We do not use advertising cookies, third-party tracking cookies, or analytics services that track you across other websites.

The Platform is designed for use by adults in a professional workplace context. We do not knowingly collect personal data from anyone under 16 years of age. If you believe a minor has provided us with personal data, please contact us at privacy@luminahq.com and we will delete it promptly.

The Platform is hosted on Google Cloud infrastructure via Firebase. Depending on your deployment region, data may be stored and processed outside your country. Where data is transferred from the European Economic Area (EEA) to a third country, we rely on Google's Standard Contractual Clauses as the transfer mechanism.

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you by email or via an in-app notice. Your continued use of the Platform after changes become effective constitutes your acceptance of the updated policy.

For privacy questions, data requests, or concerns, contact us at:

You also have the right to lodge a complaint with your local data protection authority if you believe your rights under applicable data protection law have been infringed.