Privacy Policy

Introduction

Lumepixa is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you use our mobile application and web portal.

Information We Collect

Account Information

• Email address (for authentication)
• Authentication tokens from Apple Sign-In or Google Sign-In

Usage Data

• Product photos you submit for processing
• Generated output images
• Credit usage and transaction history
• App usage statistics (feature usage, generation counts)

Technical Data

• Device information (platform, OS version)
• App version
• Error logs and crash reports
• Performance metrics

How We Use Your Information

• Provide AI-powered product photo processing services
• Store and manage your generated photos in your gallery
• Track your credit balance and usage
• Sync data across your devices (mobile app and web portal)
• Improve app performance and features
• Provide customer support
• Process credit purchases (via RevenueCat)

AI Processing

• Lumepixa uses generative AI to transform your product photos into professional, store-ready images through a multi-step processing pipeline
• Your product photos are sent to Replicate, Inc. (a US-based AI processing service) for processing
• Only product images are shared — no personal identifiers (name, email, user ID) are sent to Replicate
• Images are used solely for generating your requested output and are not used to train AI models
• Processing data is automatically deleted after your results are delivered
• All data is transmitted securely via HTTPS encryption
• Users are asked for explicit consent before their first photo is processed

Data Storage and Security

Database

• All user data is stored securely in Supabase (PostgreSQL)
• Data is encrypted in transit (HTTPS/TLS)
• Data is encrypted at rest
• Row Level Security (RLS) policies ensure users can only access their own data

Third-Party Services

Supabase (Database & Authentication)

• Stores user profiles, photos, credit balances
• Privacy Policy: supabase.com/privacy

RevenueCat (In-App Purchases)

• Manages credit pack purchases
• Privacy Policy: revenuecat.com/privacy

Replicate, Inc. (AI Processing)

• Product photos are sent to Replicate, Inc. (US-based) for AI processing
• Only product images are shared — no personal identifiers (name, email, user ID)
• Images are not stored permanently on Replicate's servers
• Results are delivered back to your device and stored in your account
• By using the photo processing feature, you consent to your product images being sent to Replicate, Inc. for AI processing
• Privacy Policy: replicate.com/privacy

Expo (App Framework)

• Analytics and crash reporting
• Privacy Policy: expo.dev/privacy

Data Retention

• Active accounts: Data retained while account is active
• Deleted accounts: All user data permanently deleted within 30 days
• Generated photos: Automatically deleted 30 days after creation. Download your photos before they expire
• Backups: Retained for 30 days for disaster recovery

Your Rights

You have the right to:

• Access: View all your data at any time in the app
• Delete: Delete specific photos or your entire account
• Modify: Update your profile and preferences

Data Sharing

We do NOT:

• Sell your personal data
• Share data with advertisers
• Use your data for marketing to third parties
• Show ads in the app

We DO share data with:

• Supabase (hosting and authentication)
• RevenueCat (purchase management)
• Replicate, Inc. (product photos only — no personal identifiers shared)
• Law enforcement (if legally required)

International Data Transfers

Your data may be transferred to and processed in:

• European Union (Supabase EU servers)
• United States (AI processing, RevenueCat)

All transfers comply with GDPR requirements for EU users.

Cookies and Tracking

• We do NOT use advertising cookies
• We use essential cookies for authentication only
• We use minimal analytics for app improvement

Children's Privacy

Lumepixa is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via in-app notification or by updating the "Last Updated" date at the top of this document. Continued use of the app after changes means you accept the new policy.

GDPR Compliance (EU Users)

If you are in the European Union, you have additional rights under GDPR:

• Right to be forgotten (account deletion)
• Right to data portability
• Right to restrict processing
• Right to object to processing
• Right to lodge a complaint with your supervisory authority

CCPA Compliance (California Users)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale (we don't sell data)
• Right to non-discrimination

Contact Us

If you have questions about this Privacy Policy or your data:

Email: support@qedamio.app