PRIVACY POLICY

LUMO — PRIVACY POLICY

Effective Date: May 19, 2026
Last Updated: May 19, 2026

1. Introduction

LUMO (“we,” “our,” or “us”) operates the LUMO mobile application (the “App”), a personal budgeting tool available on iOS and Android. We are committed to protecting your privacy and being transparent about how we handle your information.

This Privacy Policy explains what information we collect, how we use it, with whom we share it, and what rights you have regarding your information.

Please read this policy carefully before using the App. By downloading, installing, or using LUMO, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this policy, do not use the App.

2. Information We Collect

2.1 Financial Data You Enter

When you use LUMO, you manually enter the following financial information:

  • Income sources — name, amount, frequency, start date, and any linked bank account
  • Expenses — name, amount, category, due date, frequency, and payment source
  • Loans — name, balance, interest rate, minimum payment, and payment due day
  • Bank accounts — name, manually entered balance snapshot, and balance date
  • Savings goals — name, target amount, and linked account information
  • Goal allocations — records of funds designated toward specific savings goals
  • Account transfers — records of transfers between your tracked accounts
  • Credit accounts — credit card name, credit limit, and current balance
  • Credit card payments — payment history against credit accounts
  • Settings and preferences — display preferences and in-app configuration

By default, this data is stored exclusively on your device in a local database. If you choose to enable Cloud Sync (see Section 2.5), this data is also transmitted to and stored on cloud servers to enable cross-device access.

2.2 Subscription and Purchase Information

If you purchase a subscription (Personal, Plus, Household, Student, Founder, or Lifetime), your in-app purchase is processed through RevenueCat, Inc. and the respective app platform (Apple App Store or Google Play Store). Through RevenueCat, we receive:

  • Your subscription tier and billing cycle (monthly or annual)
  • Your subscription status and entitlement (active, expired, or cancelled)
  • A RevenueCat-assigned anonymous customer identifier
  • Purchase timestamps and receipt validation data

We do not receive or store your payment card number, billing address, or any raw payment instrument data. That information is handled exclusively by Apple, Google, and RevenueCat.

2.3 Calendar Data (Optional — Permission Required)

If you grant LUMO permission to access your device calendar, the App will:

  • Create a dedicated “LUMO Budget” calendar on your device
  • Write events for upcoming income deposits, bill due dates, and loan payment deadlines up to 3 months ahead
  • Read calendar metadata solely to locate or create the LUMO calendar

Calendar data is processed entirely on your device and is never transmitted to our servers. You may revoke calendar access at any time in your device settings, which stops future event creation but does not automatically remove events already created.

2.4 Microphone and Speech Recognition Data (Optional — Permission Required)

If you grant microphone and speech recognition permissions, the App uses your device’s native speech recognition service to convert spoken words into text for hands-free transaction logging. This processing:

  • Occurs in real time solely to capture your spoken input
  • Is handled by your device’s operating system (Apple Speech Recognition on iOS; Android SpeechRecognizer on Android)
  • Is not recorded, retained, or transmitted by us

We do not store audio recordings. Once your speech is converted to text, the audio is immediately discarded.

2.5 Cloud Sync Data (Optional — Opt-In)

If you choose to enable Cloud Sync in the App’s settings, all financial data listed in Section 2.1 is transmitted to and stored on servers operated by Supabase, Inc. to enable access across multiple devices.

Key details about Cloud Sync:

  • No account required. Cloud Sync does not require you to create a LUMO account or provide an email address. Sync is linked to a device-generated anonymous identifier stored on your device. This identifier has no connection to your real-world identity.
  • Cross-device access. Enabling Cloud Sync on a second device using the same anonymous identifier allows your data to be shared across both devices.
  • Data location. Your synced data is stored on Supabase’s cloud infrastructure, hosted in West US (Oregon)
  • Encryption. Your data is encrypted in transit using TLS and encrypted at rest using AES-256 at the storage layer. Access controls are enforced using Supabase Row-Level Security (RLS), ensuring that only requests authenticated with your device’s anonymous identifier can access your data.
  • Our access. Because Cloud Sync data is not end-to-end encrypted, we, as the application operator, have technical access to it at the server level. We access cloud-stored data only as necessary to provide technical support, investigate security incidents, or comply with legal obligations.
  • Disabling sync. You may disable Cloud Sync at any time in the App’s Settings. Disabling sync stops future data transmission but does not automatically delete data already stored in the cloud. To request deletion of your cloud data, contact us at the address in Section 12.

2.6 Push Notification Data (Optional — Permission Required)

If you grant notification permissions, the App sends local device notifications to remind you of upcoming bills, income deposits, or other financial events you have configured. These notifications are generated and delivered locally on your device and do not route through our servers.

2.7 Diagnostic and Crash Data

We may receive aggregated, de-identified crash reports and diagnostic data through the App’s build infrastructure. This data does not contain your financial information and is used solely to identify and resolve technical issues.

3. How We Use Your Information

We use the information described above only for the following purposes:

PurposeInformation Used
Provide and maintain the App’s budgeting featuresFinancial data (local and cloud)
Enable cross-device access via Cloud SyncFinancial data (cloud, opt-in only)
Process and validate in-app subscriptionsSubscription and purchase data
Send local reminders for bills and incomeNotification permission, financial data
Sync financial events to your device calendarCalendar permission, financial data
Enable voice transaction loggingMicrophone and speech recognition
Diagnose crashes and improve performanceAggregated diagnostic data

We do not use your financial data for advertising, behavioral profiling, or any commercial purpose beyond operating the App.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share information only in the following limited circumstances:

4.1 RevenueCat, Inc.

We use RevenueCat to manage in-app subscriptions. RevenueCat acts as a data processor on our behalf and receives the subscription and purchase data described in Section 2.2. RevenueCat’s practices are governed by the RevenueCat Privacy Policy.

4.2 Supabase, Inc. (Cloud Sync Only)

If you enable Cloud Sync, your financial data is stored on servers operated by Supabase, Inc. Supabase acts as a data processor on our behalf and stores your data solely to provide the sync service. Supabase does not use your financial data for its own commercial purposes. Supabase’s practices are governed by the Supabase Privacy Policy. If you do not enable Cloud Sync, your data is never shared with Supabase.

4.3 Apple App Store and Google Play Store

Your in-app purchases are processed by the relevant app platform. Apple and Google handle payment transactions under their own privacy policies and terms of service.

4.4 Legal Requirements

We may disclose information when required by law, regulation, legal process, or governmental request, or when we have a good-faith belief that disclosure is necessary to protect the rights, property, or safety of LUMO, our users, or the public.

4.5 Business Transfers

If LUMO is involved in a merger, acquisition, asset sale, or insolvency proceeding, user information may be transferred as part of that transaction. We will notify you via in-app notice before your information becomes subject to a materially different privacy policy.

5. Data Storage and Security

5.1 Local Storage

Your financial data is stored in an SQLite database on your device and is protected by your device’s native security mechanisms, including screen lock, full-device encryption, and Secure Enclave on iOS. If your device is lost or compromised, data may be accessible to anyone who gains physical access to it. We strongly recommend enabling full-device encryption and using a strong passcode.

If you do not enable Cloud Sync, your data exists only on the device where it was entered. Uninstalling the App will permanently delete all locally stored financial data. We recommend using your device’s built-in backup mechanism (iCloud device backup or Android local backup), where your encrypted app data may be included.

5.2 Cloud Storage (Cloud Sync Only)

If you enable Cloud Sync, your financial data is additionally stored on Supabase’s cloud servers with the following protections:

  • In transit: All data is transmitted over TLS (Transport Layer Security).
  • At rest: Data is encrypted using AES-256 at the storage layer.
  • Access controls: Row-Level Security (RLS) policies ensure that each device’s data is accessible only by authenticated requests tied to that device’s anonymous identifier.

5.3 Subscription Data

Subscription data transmitted to RevenueCat is protected by encryption in transit (TLS) and encryption at rest, in accordance with RevenueCat’s security practices.

6. Your Choices and Controls

6.1 Device Permissions

You may grant or revoke the following permissions at any time through your device’s Settings app:

PermissionEffect of Revoking
CalendarStops new financial event creation
MicrophoneDisables voice transaction logging
Speech RecognitionDisables speech-to-text input
NotificationsStops all local reminder notifications

Revoking a permission does not delete data already entered in the App.

6.2 Cloud Sync

You may enable or disable Cloud Sync at any time in the App’s Settings. Disabling sync stops future data transmission immediately.

To request permanent deletion of all data stored in the cloud, contact us at the address in Section 12. We will confirm and complete deletion within 30 days.

6.3 Deleting Your Financial Data

  • Local data: You may delete individual records (income sources, expenses, accounts, goals, etc.) from within the App at any time. Uninstalling the App permanently deletes all locally stored data.
  • Cloud data: Contact us to request full cloud data deletion (see Section 6.2).

6.4 Subscription Management

You may view, modify, or cancel your subscription at any time through your platform’s native subscription screen:

  • iOS: Settings → [Your Name] → Subscriptions → LUMO
  • Android: Google Play → Account → Subscriptions → LUMO

Cancellation takes effect at the end of your current billing period. We do not issue refunds except as required by Apple, Google, or applicable law.

7. Data Retention

Data TypeRetention Period
Financial data — localUntil you delete individual records or uninstall the App
Financial data — cloud (Cloud Sync)Until you request deletion; see Section 6.2
Anonymous sync identifierStored on device until App is uninstalled; deleted from cloud upon request
Subscription and entitlement recordsRetained by RevenueCat per their policy; we retain entitlement status while active
Calendar eventsRetained in your device calendar until you delete them manually
Crash and diagnostic dataUp to 12 months in aggregated, de-identified form

8. Children’s Privacy

LUMO is not directed to children under the age of 13, or under the age of 16 in the European Economic Area. We do not knowingly collect personal information from children. If you believe a child has provided personal information through the App, please contact us at the address in Section 12 and we will promptly delete that information.

9. California Residents — Your Rights Under the CCPA/CPRA

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know — Request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete — Request deletion of your personal information, subject to certain legal exceptions.
  • Right to Correct — Request correction of inaccurate personal information.
  • Right to Opt-Out of Sale or Sharing — We do not sell or share your personal information for cross-context behavioral advertising. No opt-out action is required.
  • Right to Limit Use of Sensitive Personal Information — We use sensitive personal information (your financial data) only to provide the App’s core features, not for inferring characteristics or any secondary purpose.
  • Right to Non-Discrimination — We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, contact us at jjosuemp07@gmail.com. We will respond to verifiable requests within 45 days as required by law.

10. European Users — Your Rights Under the GDPR

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) or applicable equivalent law:

  • Right of Access (Art. 15) — Request a copy of the personal data we hold about you.
  • Right to Rectification (Art. 16) — Request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17) — Request deletion of your personal data.
  • Right to Restriction of Processing (Art. 18) — Request that we limit how we process your data.
  • Right to Data Portability (Art. 20) — Request your data in a structured, machine-readable format.
  • Right to Object (Art. 21) — Object to processing based on legitimate interest.
  • Right to Lodge a Complaint — You have the right to contact your local data protection supervisory authority.

Legal bases for processing: We process personal information on the basis of performance of contract (subscription management, core app features) and, for optional features (Cloud Sync, calendar, microphone, notifications), your explicit consent. You may withdraw consent at any time.

Data transfers: If you enable Cloud Sync, your data is transferred to and stored on servers in the United States. These transfers are conducted under appropriate safeguards, including Supabase’s data processing agreements and standard contractual clauses where applicable.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  1. Update the “Last Updated” date at the top of this policy.
  2. Notify you via in-app notice upon your next launch of the App.
  3. Where required by law, seek your renewed consent before the updated policy takes effect.

Your continued use of the App after the effective date of an updated policy constitutes your acceptance of the revised terms. If you do not agree with the updated policy, you must stop using the App and may request deletion of your cloud data as described in Section 6.2.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices — including requests to access, correct, or delete your personal information — please contact us:

Pioneer Pathways LLC
Email: info@lumoforecast.com

We will respond to all legitimate inquiries within 30 days.

This Privacy Policy was last reviewed and updated on May 19, 2026.