Lumo operates as a personal finance and money-tracking application, and this Privacy Policy governs all data practices across our global user base regardless of jurisdiction, encompassing compliance with the EU General Data Protection Regulation, UK GDPR, India's Digital Personal Data Protection Act of 2023, and United States privacy frameworks including CCPA and CPRA. By accessing or using Lumo, you acknowledge and consent to the practices described herein.
Scope and Applicability
The scope of this policy extends to all users worldwide, with local legal requirements applied as necessary supplements to these global standards.
Information We Collect
We collect several categories of information to provide our services, beginning with personal and account information such as your name, email address, and profile photo when provided through Google or Apple authentication systems, though we explicitly do not collect or store passwords from these third-party providers. Your financial and transaction data forms the core of our collection, encompassing transaction amounts, dates, categories, merchant names, descriptive notes, and any uploaded receipts or files, all of which serve exclusively to power Lumo's tracking, budgeting, analytics, forecasting, and visualization capabilities.
Personal and Account Information
When you create an account, we may collect your name, email address, profile photo if provided via Google or Apple sign-in, and authentication identifiers provided by those platforms. We do not collect or store account passwords for Google or Apple.
Financial and Transaction Data
We collect financial data that you voluntarily provide, including transaction amounts, dates, categories, merchant names, notes or descriptions, and uploaded receipts or files. This data is used exclusively to provide Lumo's core features such as tracking, budgeting, analytics, forecasting, and visualization.
Receipt Images and File Uploads
When you upload receipt images or files, our systems process these to extract transaction information, incorporating that data into your history while potentially retaining original files for user access or reprocessing purposes, though we explicitly do not sell, rent, or commercialize receipt data under any circumstances.
Device and Security Data
Device and security data collection includes device identifiers, login timestamps, and security audit logs, with biometric authentication handled entirely by your device's operating system without any biometric data transmission to or storage by Lumo.
One-Device Policy and Account Recovery
Lumo maintains a strict one-device policy per account, requiring manual authorization or valid recovery codes when logging in from new devices, with recovery codes generated at account setup and encrypted for security. Users must securely store these codes independently, as loss of recovery codes may render account recovery impossible.
Purpose and Legal Basis for Processing
We process personal data based on contractual necessity for service provision, user consent for optional features and notifications, legitimate interest for security and fraud prevention, and legal obligation for compliance purposes. Notably, Lumo does not utilize third-party AI services or external APIs for financial prediction, employing exclusively deterministic, non-AI mathematical models for all forecasting functionality.
Data Security and Storage
All data transmitted between your device and Lumo is encrypted in transit using industry-standard TLS protocols. Data stored in our database is encrypted at rest by our infrastructure provider using AES-256 encryption, protecting against physical hardware compromise and network interception. However, Lumo is not an end-to-end encrypted application. Your transaction data, including amounts, merchant names, and descriptions, is stored in plaintext within our database tables to enable real-time querying, analytics, synchronization, and export functionality. This means that while your data is protected from external attackers intercepting network traffic or accessing physical storage media, it is technically accessible to our backend systems for processing purposes. Authentication credentials, recovery codes, and other security-sensitive data undergo additional application-layer encryption before storage, rendering them inaccessible even to our internal systems. We implement strict access controls, audit logging, and principle-of-least-privilege policies to ensure that only authenticated users can access their own data, and we do not access user financial data for purposes other than technical debugging with explicit consent or when legally required.
Data Portability, Import and Export
Lumo actively prevents vendor lock-in by enabling users to import data at any time and export all personal and transaction data in standard JSON, PDF, and other non-proprietary formats, facilitating free movement between platforms. Imported data becomes subject to this Privacy Policy.
Data Deletion and Right to Erasure
Regarding data deletion and the right to erasure, users may delete individual transactions, entire transaction histories, or complete accounts, with all deleted data permanently removed from active systems and rendered unrecoverable. Deleted data is not utilized for analytics, predictions, or internal processing, and users bear responsibility for exporting data prior to deletion, as the process is irreversible to the maximum extent permitted by law.
No Backup or Reuse of Deleted Data
Lumo does not maintain user-accessible backups of deleted transaction data or accounts, though minimal residual data may temporarily persist in encrypted logs required for security, debugging, or legal compliance, automatically purged according to retention schedules and never used for analytics or profiling.
Data Sharing and Disclosure
We do not sell personal data, share data with advertisers, or monetize user financial information, disclosing limited data only when legally obligated, responding to lawful requests, or protecting user rights, safety, security, or Lumo's operational integrity.
International Data Transfers
International data transfers may occur to countries where Lumo or its infrastructure providers operate, with appropriate safeguards protecting cross-border transfers as required by applicable laws.
User Rights
Depending on jurisdiction, users possess rights to access, correct, delete, export, restrict, or object to processing, and to withdraw consent, exercisable through the contact details provided below.
Children's Privacy
Lumo is not intended for individuals under 13 years of age or the minimum legal age in their jurisdiction, and we do not knowingly collect personal data from children.
Data Retention
Personal data is retained while accounts remain active, permanently deleted within a reasonable timeframe upon account deletion unless legally required otherwise, with aggregated or anonymized data that cannot identify individuals potentially retained.
Changes to This Privacy Policy
We may update this Privacy Policy periodically, communicating material changes via the app or email, with continued use indicating acceptance.
Contact Information
For questions, concerns, or data requests, contact us at 99marafay@gmail.com