Legal

Privacy Policy

Last updated May 30, 2026

This Privacy Policy explains how LuminaForge AI LLC ("LuminaForge", "we", "us", or "our") collects, uses, and protects personal information when you visit www.lumina-forge.org, work with our engineering teams, or use any of our websites, applications, platforms, APIs, and related offerings (collectively, the "Services").

LuminaForge is a Wyoming, U.S. company that designs, builds, and operates industrial-grade AI systems and supporting data infrastructure for enterprise customers. Several of our products embed machine-learning and generative-AI capabilities; wherever they do, we will not use customer data or user-submitted material to train general-purpose or foundation models unless you have granted us separate, explicit permission.

By continuing to use the Services, you confirm that you understand and accept the practices described below. If you cannot agree with any part of this Policy, please discontinue use of the Services.

At a glance

We collect only the data we genuinely require to build, run, secure, support, and bill for the Services.
We will not redirect your personal data or uploaded materials into model training absent your separate, explicit consent.
Material you submit is protected with encryption in transit and, where applicable, at rest, alongside disciplined internal access controls.
Where a product offers accounts, you can delete yours from within the product, and you may also request access to, correction of, export of, or erasure of your data.
We do not sell your personal information, nor do we release it to advertising brokers to pursue their own ends.

1. Information We Collect

The data we hold comes from three sources: what you provide to us directly, what is generated as you interact with the Services, and technical signals captured automatically so the Services stay operational, secure, and compliant.

Account and profile details — for example your name, work email, username, hashed password, authentication identifiers, and your role or organization
Communications you direct to us, such as support requests, project specifications, survey answers, and general inquiries
User Content — the prompts, datasets, documents, source code, designs, images, and other materials you upload or transmit while using the Services
Payment and transaction records, covering subscriptions, invoices, and billing details processed by us or our payment partners
Technical and usage signals, including IP address, browser and operating-system details, device identifiers, timestamps, diagnostics, crash reports, and interaction events
Service telemetry such as requested API endpoints, response codes, latency measurements, and rate-limit counters that keep the platform stable

If you choose to enable a third-party sign-in, analytics, payment, or infrastructure integration, we may receive a limited dataset from that provider.

We do not set out to gather special or sensitive categories of personal information. We handle such data only where the law obliges us to, where it is necessary to confirm security, or where you elect to share it during support or a dispute.

2. How We Use Your Information

We process personal information solely for the legitimate operational, contractual, security, and legal purposes tied to delivering the Services.

Establishing, verifying, administering, and supporting accounts and customer engagements
Operating our websites, applications, platforms, and APIs, together with the project and support communications that accompany them
Processing subscriptions, invoices, payments, and refunds, and meeting our tax and accounting responsibilities
Protecting the Services — identifying abuse, blocking fraud, investigating incidents, and enforcing our agreements
Maintaining reliability through diagnostics, capacity monitoring, and ongoing quality work
Satisfying obligations under applicable law, lawful requests, court orders, and our contractual commitments

Where information has been aggregated or de-identified so it can no longer reasonably be linked to a person, we may use it for analytics, capacity planning, research, product development, and abuse prevention.

We will not place personal data or uploaded content into the training of general-purpose AI or foundation models without your separate, explicit consent.

3. Lawful Bases for Processing

If you reside in a region that requires a lawful basis for processing personal data, we rely on one or more of the recognized bases below, depending on the activity in question.

Performance of a contract, where the processing is necessary to provide Services you have asked for
Our legitimate interests, including securing the Services, strengthening reliability, deterring misuse, and running our business prudently
Compliance with legal obligations, such as tax, accounting, sanctions screening, and responses to lawful authority
Your consent, where the law calls for it — for instance certain marketing, cookies, or optional capabilities

Where our processing depends on consent, you may withdraw it at any time; withdrawal does not affect the lawfulness of processing carried out beforehand.

5. Cookies and Tracking Technologies

We rely on cookies, pixels, local storage, and similar technologies to operate the website and to improve how it functions, performs, and remains secure.

Essential technologies that drive core functionality, sign-in sessions, security, and your saved preferences
Performance and analytics technologies that help us understand usage patterns and keep the Services stable
Preference storage that remembers choices such as language or interface settings

You can control cookies through your browser or device settings. Disabling some of them may diminish the availability or performance of parts of the Services.

7. How Long We Keep Data

We retain personal information only for as long as it is reasonably necessary for the purposes set out in this Policy, unless the law allows or requires a longer period.

Retention periods depend on factors such as account status, statutory requirements, fraud-prevention needs, tax and financial recordkeeping, active support or disputes, and our backup cycles.

Once retention can no longer be justified, we delete, anonymize, or securely isolate the information in accordance with our retention and disposal procedures.

8. Information Security

We operate administrative, technical, and organizational safeguards intended to protect the confidentiality, integrity, and availability of information.

Encryption in transit and, where applicable, at rest
Identity and access management, least-privilege permissions, and audit logging
Hardened environments, continuous monitoring, controlled backups, and a defined incident-response plan
Diligence reviews and contractual safeguards for the critical subprocessors and infrastructure partners we depend on

No system connected to the internet can be guaranteed perfectly secure. You remain responsible for protecting your credentials and for using the Services responsibly.

9. Cross-Border Data Transfers

Because we serve customers and run infrastructure across multiple regions, your information may be processed outside the country in which you live.

Where the law requires it, we apply appropriate safeguards for cross-border transfers, such as standard contractual clauses or comparable mechanisms with our affiliates and service providers.

By using the Services, you acknowledge that your information may be transferred to, stored in, and processed in the United States and in other jurisdictions where we or our service providers operate.

10. Privacy of Minors

The Services are intended for users who have reached the age of majority in their jurisdiction and are not directed to children under 13 (or the relevant local minimum age).

We do not knowingly collect personal information from children. If we learn that we have collected such information without verifiable parental consent, we will take reasonable steps to delete it.

11. Your Data Rights

Depending on where you live, you may have the right to access, correct, port, restrict, object to, or delete your personal information.

Request access to the personal information we maintain about you
Request correction of information that is inaccurate or incomplete
Request deletion of your account and associated personal information, subject to legal exceptions
Request an export or copy of certain information where that option is available
Object to or restrict specific processing activities where the law permits
Withdraw consent where our processing relies on it

Where a product supports it, you can delete your account directly within the product. You may also contact us for assistance with access, correction, export, or deletion requests.

We may need to verify your identity before acting on certain requests, and we may decline a request where the law allows us to do so.

12. Do-Not-Track Signals

Some browsers and devices include a Do-Not-Track setting. Because no common standard yet governs how these signals should be honored, we do not currently respond to them in a uniform manner.

Should a recognized standard be adopted in the future and apply to our Services, we will revise this Privacy Policy to describe how we respond.

13. Notice to California Residents

If you are a California resident, you may hold additional rights under California privacy law, subject to that statute's limits and exemptions.

The right to know the categories of personal information collected, used, disclosed, or shared
The right to request deletion of personal information, subject to exceptions
The right to correct inaccurate personal information
The right to be free from discrimination for exercising your privacy rights

We do not sell personal information, and we do not share it for cross-context behavioral advertising as those terms are defined under California law.

14. Notice to Virginia Residents

If you are a Virginia resident, you may hold rights under the Virginia Consumer Data Protection Act, subject to its exceptions.

The right to confirm whether we are processing your personal data
The right to access, correct, delete, or obtain a copy of certain personal data
The right to opt out of targeted advertising, the sale of personal data, or certain profiling where applicable

We do not sell personal data, and we do not use your personal data or uploaded content to train general AI models without your separate, explicit consent.

15. Changes to This Notice

We may revise this Privacy Policy periodically to reflect legal, operational, product, or technical developments.

When a change is material, we will update the effective date on this page and, where required by law or contract, provide you with additional notice.

16. How to Reach Us

If you have questions about this Privacy Policy, wish to exercise a privacy right, or have a data-protection concern, please get in touch.

Company: LuminaForge AI LLC
Website: www.lumina-forge.org
Email: ops@lumina-forge.org
Address: 30 N Gould St, Ste R, Sheridan, WY 82801, United States

17. Reviewing and Removing Your Data

You can review, update, or delete certain account information through the relevant product settings or by contacting us.

Where a product supports it, a self-service account-deletion option is provided. If you submit a deletion request by email, please include enough detail for us to verify your identity and locate the correct account.

In certain cases we may need to retain limited information for legal, accounting, fraud-prevention, dispute-resolution, or security reasons.