Privacy Policy

Effective Date:

Privacy Policy

Luma — AI Meeting Copilot Effective Date: May 18, 2026 Last Updated: June 14, 2026

Luma ("we," "our," or "us") operates the Luma mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the App. The App is available in the United States, United Kingdom, Canada, Australia, New Zealand, and Ireland.

By using the App, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Your first name

  • Your email address

  • A securely hashed password (we never store your password in plain text)

1.2 Onboarding Profile Data

During onboarding, we collect information to personalize your experience:

  • Your professional role

  • Types of meetings you attend

  • Meeting frequency

  • Meeting challenges and goals

1.3 Meeting Data

When you use Luma during a meeting, we collect and process:

  • Audio: The App captures audio from your device's microphone during active meeting sessions. Audio is processed on-device using Apple's Speech Recognition framework to generate a text transcript. Audio is not transmitted to or stored on our servers. Only the resulting text transcript is sent to our servers for AI analysis.

  • Transcripts: The on-device transcript text is sent to our servers for AI analysis. Transcripts are associated with your account and stored to provide meeting summaries, suggestions, and history.

  • AI-Generated Content: Suggestions, summaries, key points, action items, and quiz questions generated from your meeting transcripts.

  • Feedback: Your responses to suggestion cards (e.g., helpful or not helpful) and quiz answers.

Before transcripts are sent to our AI service provider for the first time, the App presents an in-app disclosure screen that names the third-party AI service (Anthropic) and asks for your explicit consent. You may revoke consent at any time by deleting your account.

1.4 Usage and Billing Data

We track meeting minutes consumed per billing period to enforce plan limits. Usage records include the duration and timestamp of each meeting session.

1.5 Subscription Data

If you subscribe to a paid plan, your subscription status, plan type, and billing period are managed through Apple's In-App Purchase system and our subscription management provider. We do not collect or store your payment card details.

1.6 Crash and Diagnostic Data

We collect crash reports and basic diagnostic data (device model, OS version, app version) to identify and fix bugs. This data does not include meeting content or personal information.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the App

  • Transcribe meeting audio and generate AI-powered suggestions, summaries, and quizzes

  • Personalize your experience based on your role, meeting types, and goals

  • Track usage against your plan's meeting minute allocation

  • Process and manage subscriptions

  • Diagnose technical issues and improve app stability

  • Communicate with you about your account or changes to our services

  • Comply with legal obligations


We do not use your meeting transcripts or content to train AI models.

3. How We Share Your Information

We do not sell your personal information. We share data with the following categories of service providers, solely to operate the App:


Provider

Purpose

Data Shared

Supabase

Authentication, database, and server infrastructure

Account info, profile data, transcripts, meeting data

Anthropic (Claude AI)

AI analysis of meeting transcripts

Transcript text (processed in real time, not retained by Anthropic for training)

RevenueCat

Subscription and billing management

User ID, subscription status

Sentry

Crash reporting and diagnostics

Device info, crash logs (no meeting content)

Apple

Speech recognition (on-device), in-app purchases

Audio (on-device only), payment processing

Each of the service providers listed above is bound by written data-processing terms requiring them to maintain data protection standards substantially equivalent to those described in this policy, to use shared data only for the purposes listed, and to safeguard it against unauthorized access or disclosure.

We may also disclose your information if required by law, regulation, legal process, or governmental request.

4. Data Storage and Security

Your data is stored on servers operated by our infrastructure provider, Supabase, located in the United States. We implement industry-standard security measures including:

  • Encrypted data transmission (TLS/HTTPS)

  • Row-level security policies on all database tables

  • Authentication tokens with secure session management

  • Service-role access controls for server-side operations

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure.

5. Data Retention

  • Account and profile data is retained for as long as your account is active.

  • Meeting transcripts, summaries, and suggestions are retained for as long as your account is active. You may delete individual meetings from your meeting history at any time.

  • Usage records are retained for billing and compliance purposes and may persist after meeting deletion.

  • Crash reports are retained for up to 90 days.

When you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

6. Your Rights and Choices

All Users

You may:

  • Access your personal data through the App's Profile screen

  • Update your name and profile information at any time

  • Delete individual meetings and their associated data

  • Delete your account from the Profile screen in the App. Tap Delete account and confirm to permanently remove your profile, meetings, transcripts, suggestions, and associated data from our servers. Deletion is initiated and completed entirely in the App — no email or customer-service request is required.

  • Revoke microphone access at any time through your device's Settings, though this will prevent the App from functioning during meetings

California Residents (CCPA)

If you are a California resident, you have the right to:

  • Request disclosure of the categories and specific pieces of personal information we have collected

  • Request deletion of your personal information

  • Opt out of the sale of personal information (we do not sell personal information)

  • Not be discriminated against for exercising your privacy rights

To exercise these rights, contact us at the address listed in Section 11.

United Kingdom Residents

If you are a UK resident, under the UK General Data Protection Regulation (UK GDPR), you have additional rights including:

  • The right to access, rectify, or erase your personal data

  • The right to restrict or object to processing

  • The right to data portability

  • The right to lodge a complaint with the Information Commissioner's Office (ICO)

Our legal basis for processing your data is the performance of our contract with you (providing the App's services) and our legitimate interests in improving the App.

Canadian Residents

Under the Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to access and correct your personal information. To make a request, contact us at the address listed in Section 11.

7. Children's Privacy

The App is not intended for use by anyone under the age of 4. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly.

8. Microphone and Notification Permissions

  • Microphone: The App requests microphone access to capture meeting audio for transcription. Audio capture only occurs during active meeting sessions that you explicitly start. You may revoke microphone permission at any time in your device's Settings.

  • Notifications: The App requests notification permission to alert you when AI-generated suggestions are available during meetings. Notifications are optional and can be disabled at any time.

9. Meeting Recording and Consent

Luma captures and processes audio from meetings you participate in. It is your sole responsibility to ensure that your use of the App complies with all applicable laws regarding recording conversations in your jurisdiction. Many regions require the consent of one or all parties to a conversation before recording or processing audio. By using the App, you represent that you have obtained any required consent from all meeting participants before activating Luma's listening features. We are not responsible for any unauthorized or unlawful use of the App's recording and transcription capabilities.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the App and updating the "Last Updated" date above. Your continued use of the App after changes are posted constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: support@lumameetings.com


CTA Image

Your AI Meeting Coach, Right in Your Pocket

Your AI Meeting Coach, Right in Your Pocket

Luma listens, coaches you in real time, and captures everything — so you walk out of every meeting sharper than you walked in.

Luma listens, coaches you in real time, and captures everything — so you walk out of every meeting sharper than you walked in.