✨ Lumina Privacy Policy
Last Updated: December 7, 2024
TL;DR: Lumina collects minimal data (access codes and conversations) to provide tutoring services. We don't collect personal information, don't sell your data, and don't track you across the web. Your learning conversations are stored to maintain context across sessions.
1. Introduction
Welcome to Lumina! We are committed to protecting your privacy and being transparent about what data we collect and how we use it. This Privacy Policy explains our practices regarding the information we collect through the Lumina browser extension.
Lumina is an AI-powered Socratic tutor designed for students aged 13-16. We help you learn through guided discovery, not by giving direct answers.
2. Information We Collect
2.1 What We Collect
- Access Code: A unique code used to authenticate your sessions and associate your conversations with your learning profile.
- Conversation History: Your questions and Lumina's responses are stored to maintain context across sessions and improve your learning experience.
- Session Data: Session IDs, timestamps, and conversation metadata to track learning continuity.
- Learning Patterns: Anonymized data about topics you discuss and learning progress to help personalize your experience.
2.2 What We Do NOT Collect
- ❌ No personal information (name, email, phone number, address)
- ❌ No payment information (the extension is accessed via access codes)
- ❌ No browsing history or tracking across websites
- ❌ No location data or device information beyond basic browser compatibility
- ❌ No biometric data or behavioral tracking
- ❌ No data from pages you visit (we only store what you actively share in conversations)
3. How We Use Your Information
We use the collected information solely for educational purposes:
- Maintain Conversation Context: Store your conversation history so you can pick up where you left off, even after closing your browser.
- Improve Tutoring Quality: Analyze learning patterns to provide more effective guidance tailored to your needs.
- Track Learning Progress: Help you (and potentially your teacher/parent who provided the access code) understand topics you're working on.
- Enhance Product: Use anonymized, aggregated data to improve Lumina's teaching methods and effectiveness.
4. Data Storage & Security
4.1 Where Your Data is Stored
- Database: MongoDB Atlas (cloud database with enterprise-grade security)
- Backend Server: Railway.app (encrypted communication, secure hosting)
- Local Storage: Session IDs stored in your browser's local storage (never leaves your device)
4.2 Security Measures
- All communications between your browser and our servers use HTTPS encryption
- Database connections are encrypted in transit and at rest
- Access to conversation data is restricted to your access code only
- No passwords stored - access code-based authentication only
- Regular security updates and monitoring
5. Third-Party Services
Lumina uses the following third-party services to provide its functionality:
5.1 Anthropic Claude API
- Purpose: AI language model that generates tutoring responses
- Data Shared: Your questions and conversation history
- Privacy Policy: Anthropic Privacy Policy
- Note: Anthropic does not use data from API calls to train their models
5.2 MongoDB Atlas
- Purpose: Database for storing conversation history and user profiles
- Data Shared: Access codes, conversations, session metadata
- Privacy Policy: MongoDB Privacy Policy
5.3 Railway
- Purpose: Cloud hosting for our backend server
- Data Shared: Server logs (no personal data)
- Privacy Policy: Railway Privacy Policy
6. Data Retention
- Active Conversations: Retained indefinitely to provide continuous learning support
- Inactive Sessions: Marked as inactive but preserved for your learning history
- Learning Profiles: Maintained as long as you use the service
- Deletion Requests: You can request deletion of your data at any time (see Your Rights below)
7. Children's Privacy (COPPA Compliance)
Lumina is designed for students aged 13-16 years old.
For Users Under 13: We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you are under 13, please have a parent or guardian contact us before using Lumina.
- Access codes should be provided by parents, guardians, or teachers
- We do not collect personal identifying information from any users
- Parents can request access to or deletion of their child's data
- No marketing or advertising to children
8. Your Rights & Choices
You have the following rights regarding your data:
8.1 Access Your Data
- Request a copy of all conversation history associated with your access code
- View your learning profile and patterns
8.2 Delete Your Data
- Request complete deletion of all conversations and learning data
- Deletion is permanent and cannot be undone
8.3 Opt-Out
- Stop using the extension to stop data collection
- Uninstall the extension to remove local session data
8.4 Data Portability
- Request your data in a machine-readable format (JSON)
9. Data Sharing & Sale
We do NOT:
- ❌ Sell your data to third parties
- ❌ Share your data for advertising purposes
- ❌ Use your data for marketing
- ❌ Share identifying information with anyone
We MAY share anonymized, aggregated data:
- For educational research (e.g., "Students asked 500 questions about biology this month")
- To improve AI tutoring methods
- All shared data is completely anonymized - no access codes or identifying information
10. Cookies & Tracking
- No Cookies: Lumina does not use cookies
- No Tracking: We do not track you across websites
- Local Storage: We only use browser local storage to save your session ID (stays on your device)
- No Analytics: We do not use Google Analytics or similar tracking services
11. International Users
Lumina is operated from the United States. If you use Lumina from outside the United States, please be aware that your data will be transferred to and stored in the United States.
- We comply with applicable data protection laws
- Data is protected with the same security measures regardless of location
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons.
- Material changes will be communicated through the extension
- The "Last Updated" date at the top will be changed
- Continued use after changes constitutes acceptance
13. Legal Basis for Processing (GDPR)
For users in the European Union, our legal basis for processing your data:
- Consent: By using Lumina, you consent to data collection as described
- Legitimate Interest: Improving educational services and tutoring effectiveness
- Performance of Contract: Providing the tutoring service you've accessed
14. California Privacy Rights (CCPA)
California residents have additional rights under CCPA:
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale (we don't sell data)
- Right to non-discrimination for exercising privacy rights