Privacy Policy

1. Introduction

lumenx SAS ("lumenx", "we", "our", "us") operates lumenx.ai, an AI-powered research interview platform. We are committed to protecting your privacy and complying with applicable data protection laws including the EU General Data Protection Regulation (GDPR), UK Data Protection Act, and US state privacy laws.

This Privacy Policy explains how we collect, use, protect, and share information when you use our services.

2. Scope and Definitions

This policy applies to:

• Customers: Organizations that purchase and use our platform
• Website Visitors: Individuals who visit lumenx.ai
• Interview Participants: Individuals who participate in AI-conducted interviews

Key Terms:

• Personal Data: Any information relating to an identified or identifiable person
• Pseudonymization: Processing personal data so it can no longer be attributed to a specific person without additional information
• Processing: Any operation performed on personal data

3. Information We Collect

• Account information: company name, contact person, email, phone
• Authentication data: email, hashed passwords
• Billing information: processed by our payment provider
• Usage data: feature usage, session information, support interactions

Legal basis: Contract performance and legitimate interests

Data processed:

• Audio recordings: Temporarily processed for transcription only, then immediately deleted
• Transcripts: Stored in pseudonymized form
• Analysis results: Aggregated insights with no personal identifiers

AI Processing: We use AI services via APIs that do not train on or retain your data.

Legal basis: Legitimate interests of our customers in conducting research

• IP address and approximate location
• Browser type, device information, operating system
• Pages visited, referring sites, interaction data
• Cookies and similar technologies (see Section 9)

Legal basis: Legitimate interests in security and service improvement

4. How We Use Your Information

• Provide our AI interview and analysis services
• Manage customer accounts and billing
• Ensure platform security and prevent fraud
• Improve our services and develop new features
• Comply with legal obligations

• Generate aggregated research insights
• Improve our AI models and algorithms
• Create industry benchmarks and reports

5. Data Sharing and Disclosure

• AI language model providers (for transcription and analysis)
• Cloud infrastructure providers
• Payment processors
• Analytics providers

Sub-processor List: Available upon request

• Law enforcement requests with proper legal authority
• Court orders or legal proceedings
• Protection of our rights, safety, or property

We never sell personal data.

6. Your Privacy Rights

• Access your personal data
• Rectify inaccurate data
• Request erasure ("right to be forgotten")
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent

US Privacy Rights (California, Virginia, Colorado, Connecticut, Utah):

• Know what personal information we collect
• Delete personal information
• Opt-out of sale (we don't sell data)
• Non-discrimination
• Correct inaccurate information

• Email: privacy@lumenx.ai
• Response time: Within 30 days (GDPR) or 45 days (CCPA)
• Verification: We may request information to verify your identity
• No fee unless requests are excessive or unfounded

7. Contact Information

For Privacy Inquiries:

lumenx SAS Data Protection Officer: Antoine Ferrere Email: privacy@lumenx.ai