How Lumen BI handles your data

Lumen BI does not use customer data to train any AI model. We do not operate, fine-tune, or retrain foundation models on your uploaded files, datasets, dashboards, or chat history.

AI requests are routed through the Lovable AI Gateway to enterprise API endpoints from providers such as Google and OpenAI. These providers' standard API terms state that content submitted through their paid API is not used to train their models. The applicable terms are set by the upstream provider; Lumen BI relies on those contracts rather than making an independent guarantee on the provider's behalf.

Customer data is stored in a managed Postgres database. Every table that contains customer content has Row-Level Security (RLS) enabled, and policies restrict reads and writes to the owning user and workspace. Isolation is enforced at the database layer, not only in the application UI.

When an AI feature is invoked, the request includes:

• The user's prompt or the specific chart, KPI, or finding being analyzed.
• A bounded business-context summary (for example, a small set of KPI values, project totals, or aggregated chart data) needed to answer the request.

The following are not sent to AI providers:

• Raw uploaded files.
• Full source datasets in their entirety.
• Connected data-source credentials.
• Other users' or other workspaces' data.

Credentials for connected data sources (databases, sheets, APIs) are encrypted at rest using authenticated encryption (AES-GCM) before being stored. They are decrypted only inside server-side connection handlers and are never exposed to browser code or sent to AI providers.

Data in the managed database is encrypted at rest by the underlying infrastructure provider, and all traffic between your browser, the application, and AI providers uses TLS.

You can delete your data at any time from the Security Center. Two actions are available:

• Delete all my data — removes datasets, analyses, dashboards, KPIs, alerts, SOPs, chat history, recommendations, and connected source credentials owned by your account. Your profile and sign-in remain so you can re-onboard.
• Close account — performs the deletion above and also removes your profile and role assignments, then signs you out.

AI prompts and responses sent to upstream providers are subject to those providers' own retention windows on their API tier. Lumen BI does not retain a separate copy of provider request bodies beyond what is needed to render results in the app.

Lumen BI relies on the following infrastructure subprocessors:

• Lovable Cloud — application hosting, managed Postgres database, authentication, and file storage.
• Lovable AI Gateway — proxy to enterprise AI API endpoints (currently Google and OpenAI) used to generate explanations, summaries, and chart interpretations.

Any data source you choose to connect (for example a Postgres database or Google Sheet) is a customer-controlled system, not a Lumen BI subprocessor.

This page describes controls implemented in the product. It is not an audit report and does not claim SOC 2, ISO 27001, HIPAA, PCI-DSS, or GDPR certification. If your organization requires specific contractual commitments (DPA, regional data residency, zero-data-retention API tiers, named subprocessor list) please contact us so we can scope them explicitly.

Security or privacy questions: security@lumenbi.app.