Lumacore Consulting Pte. Ltd. is committed to protecting your privacy and ensuring compliance with applicable data protection laws — including Singapore's PDPA, the GDPR, and US and UK frameworks. This policy explains what we collect, why, and how it's handled.
Lumacore Consulting Pte. Ltd. ("Lumacore," "we," "us," or "our") is an operational engineering & digital transformation firm. We provide AI-powered platforms, including the "Business Blueprint" (SOP Builder) & "Grant Compass," dedicated to empowering SMEs to build, automate, & scale their operations. Our mission is to eliminate operational leakage & simplify business management through innovative tools & systemic integrity, while prioritizing the privacy & security of your data. We are committed to ensuring compliance with applicable privacy laws in Singapore (PDPA), the United States, the European Economic Area (GDPR), the United Kingdom, & Switzerland.
This Privacy Policy outlines how Lumacore collects, uses, shares, & processes personal information from users, including founders, directors, & visitors ("User," "you," or "your") of our website, platform, & services (collectively, our "Services"). This Policy incorporates our Terms of Service & any applicable Data Processing Agreement (DPA) by reference. If you do not agree with these terms, please discontinue use of our Services.
"Personal data" means any information relating to an identified or identifiable natural person. This includes names, business email addresses, telephone numbers, IP addresses, authentication tokens, & usage logs generated through our Services. Operational metrics processed independently for security, billing, or product improvement ("Service Data") are handled separately & are not treated as Customer Personal Data.
Lumacore does not intentionally collect special-category or sensitive personal data (e.g., health information, biometric identifiers, or precise geolocation). Users are strictly instructed not to upload such information to the platform.
We collect information you supply when creating an account, purchasing credits, or opening support tickets. Payment information is processed via Stripe; we do not store full payment card details. For usage-based services, we collect Usage Data to meter consumption against your credit balance. Project artifacts, such as process descriptions or prompts, are used only to serve your workspace & improve our internal logic; they are never used to train general-purpose models for other customers without permission.
When you interact with Lumacore, we automatically collect technical data including browser type, operating system, device identifiers, & error logs. Telemetry on service usage is collected to generate invoices & recognize revenue. We record engagement with key features to improve performance.
Lumacore utilizes third-party infrastructure for hosting & AI processing. Your Customer Data may be stored & processed on providers like Supabase or Amazon Web Services. Our "AI Buddy" features act as a proxy to third-party providers (including OpenAI, Google Gemini, & Anthropic). By using these features, you consent to the pass-through transmission of your inputs to these providers under their respective privacy policies.
Our Services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal data from minors. If we discover such data has been collected, it will be promptly deleted.
We process information to provide & maintain Services, personalize your experience, detect & prevent fraud, process authorized transactions, & comply with legal requirements. Lumacore does not engage in automated decision-making that produces legal effects on individuals.
We rely on the Performance of a Contract, Legitimate Interests (platform security), Consent (marketing), & Legal Obligations (tax & accounting).
We engage third-party sub-processors including Stripe, Supabase, & OpenAI/Google. All sub-processors are contractually bound to data protection standards equivalent to our own.
Lumacore safeguards international transfers using legally recognized mechanisms such as Standard Contractual Clauses (SCCs).
We collect Log Data for performance monitoring, retained for up to ninety (90) days. We use strictly necessary & functional cookies. You can manage preferences via browser settings.
We implement industry-standard safeguards including data-at-rest encryption, multi-factor authentication, role-based access, & real-time security monitoring.
We retain personal information only as long as necessary. Customer data is generally deleted within ninety (90) days of account termination, except where legal hold applies.
Depending on jurisdiction, you may have the right to access, port, correct, or delete your data, or withdraw consent. Contact us at privacy@lumacoreconsulting.com to exercise these rights.
Our Services provide AI-assisted tools & blueprints, but they are not a substitute for professional engineering, legal, or financial judgment. Reliance on generated output is at your own risk.
Email: privacy@lumacoreconsulting.com
Mail: Lumacore Consulting Pte. Ltd., Attn: Privacy, Singapore.
We reserve the right to update this Policy. Material changes will be notified via email or in-product banner thirty (30) days in advance.