Privacy Policy
Effective Date:
Privacy Policy
Luma — AI Meeting Copilot Effective Date: May 18, 2026 Last Updated: June 14, 2026
Luma ("we," "our," or "us") operates the Luma mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the App. The App is available in the United States, United Kingdom, Canada, Australia, New Zealand, and Ireland.
By using the App, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
Your first name
Your email address
A securely hashed password (we never store your password in plain text)
1.2 Onboarding Profile Data
During onboarding, we collect information to personalize your experience:
Your professional role
Types of meetings you attend
Meeting frequency
Meeting challenges and goals
1.3 Meeting Data
When you use Luma during a meeting, we collect and process:
Audio: The App captures audio from your device's microphone during active meeting sessions. Audio is processed on-device using Apple's Speech Recognition framework to generate a text transcript. Audio is not transmitted to or stored on our servers. Only the resulting text transcript is sent to our servers for AI analysis.
Transcripts: The on-device transcript text is sent to our servers for AI analysis. Transcripts are associated with your account and stored to provide meeting summaries, suggestions, and history.
AI-Generated Content: Suggestions, summaries, key points, action items, and quiz questions generated from your meeting transcripts.
Feedback: Your responses to suggestion cards (e.g., helpful or not helpful) and quiz answers.
Before transcripts are sent to our AI service provider for the first time, the App presents an in-app disclosure screen that names the third-party AI service (Anthropic) and asks for your explicit consent. You may revoke consent at any time by deleting your account.
1.4 Usage and Billing Data
We track meeting minutes consumed per billing period to enforce plan limits. Usage records include the duration and timestamp of each meeting session.
1.5 Subscription Data
If you subscribe to a paid plan, your subscription status, plan type, and billing period are managed through Apple's In-App Purchase system and our subscription management provider. We do not collect or store your payment card details.
1.6 Crash and Diagnostic Data
We collect crash reports and basic diagnostic data (device model, OS version, app version) to identify and fix bugs. This data does not include meeting content or personal information.
2. How We Use Your Information
We use the information we collect to:
Provide, operate, and maintain the App
Transcribe meeting audio and generate AI-powered suggestions, summaries, and quizzes
Personalize your experience based on your role, meeting types, and goals
Track usage against your plan's meeting minute allocation
Process and manage subscriptions
Diagnose technical issues and improve app stability
Communicate with you about your account or changes to our services
Comply with legal obligations
We do not use your meeting transcripts or content to train AI models.
3. How We Share Your Information
We do not sell your personal information. We share data with the following categories of service providers, solely to operate the App:
Provider | Purpose | Data Shared |
|---|---|---|
Supabase | Authentication, database, and server infrastructure | Account info, profile data, transcripts, meeting data |
Anthropic (Claude AI) | AI analysis of meeting transcripts | Transcript text (processed in real time, not retained by Anthropic for training) |
RevenueCat | Subscription and billing management | User ID, subscription status |
Sentry | Crash reporting and diagnostics | Device info, crash logs (no meeting content) |
Apple | Speech recognition (on-device), in-app purchases | Audio (on-device only), payment processing |
Each of the service providers listed above is bound by written data-processing terms requiring them to maintain data protection standards substantially equivalent to those described in this policy, to use shared data only for the purposes listed, and to safeguard it against unauthorized access or disclosure.
We may also disclose your information if required by law, regulation, legal process, or governmental request.
4. Data Storage and Security
Your data is stored on servers operated by our infrastructure provider, Supabase, located in the United States. We implement industry-standard security measures including:
Encrypted data transmission (TLS/HTTPS)
Row-level security policies on all database tables
Authentication tokens with secure session management
Service-role access controls for server-side operations
While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure.
5. Data Retention
Account and profile data is retained for as long as your account is active.
Meeting transcripts, summaries, and suggestions are retained for as long as your account is active. You may delete individual meetings from your meeting history at any time.
Usage records are retained for billing and compliance purposes and may persist after meeting deletion.
Crash reports are retained for up to 90 days.
When you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
6. Your Rights and Choices
All Users
You may:
Access your personal data through the App's Profile screen
Update your name and profile information at any time
Delete individual meetings and their associated data
Delete your account from the Profile screen in the App. Tap Delete account and confirm to permanently remove your profile, meetings, transcripts, suggestions, and associated data from our servers. Deletion is initiated and completed entirely in the App — no email or customer-service request is required.
Revoke microphone access at any time through your device's Settings, though this will prevent the App from functioning during meetings
California Residents (CCPA)
If you are a California resident, you have the right to:
Request disclosure of the categories and specific pieces of personal information we have collected
Request deletion of your personal information
Opt out of the sale of personal information (we do not sell personal information)
Not be discriminated against for exercising your privacy rights
To exercise these rights, contact us at the address listed in Section 11.
United Kingdom Residents
If you are a UK resident, under the UK General Data Protection Regulation (UK GDPR), you have additional rights including:
The right to access, rectify, or erase your personal data
The right to restrict or object to processing
The right to data portability
The right to lodge a complaint with the Information Commissioner's Office (ICO)
Our legal basis for processing your data is the performance of our contract with you (providing the App's services) and our legitimate interests in improving the App.
Canadian Residents
Under the Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to access and correct your personal information. To make a request, contact us at the address listed in Section 11.
7. Children's Privacy
The App is not intended for use by anyone under the age of 4. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly.
8. Microphone and Notification Permissions
Microphone: The App requests microphone access to capture meeting audio for transcription. Audio capture only occurs during active meeting sessions that you explicitly start. You may revoke microphone permission at any time in your device's Settings.
Notifications: The App requests notification permission to alert you when AI-generated suggestions are available during meetings. Notifications are optional and can be disabled at any time.
9. Meeting Recording and Consent
Luma captures and processes audio from meetings you participate in. It is your sole responsibility to ensure that your use of the App complies with all applicable laws regarding recording conversations in your jurisdiction. Many regions require the consent of one or all parties to a conversation before recording or processing audio. By using the App, you represent that you have obtained any required consent from all meeting participants before activating Luma's listening features. We are not responsible for any unauthorized or unlawful use of the App's recording and transcription capabilities.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the App and updating the "Last Updated" date above. Your continued use of the App after changes are posted constitutes acceptance of the revised policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:
Email: support@lumameetings.com

