Your Privacy Matters
Privacy Policy
Learn how we collect, use, and protect your personal information when you use Luminary's platform.
Last Updated: January 27, 2026
Learn how we collect, use, and protect your personal information when you use Luminary's platform.
Last Updated: January 27, 2026
You have full control over your data with rights to access, correct, or delete your information.
We use encryption, access controls, and secure infrastructure to protect your data.
We're clear about what data we collect, how we use it, and who we share it with.
At Luminary, we are committed to protecting your privacy and being transparent about our data practices. This policy explains our practices in detail. If you have questions, please contact us at privacy@luminary.ai.
We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third-party sources. This includes:
Personal Information: When you register for an account, we collect your name, email address, company name, and payment information. You may also provide additional profile information.
AI Agent Content: When you create or deploy AI agents, we collect the code, configurations, prompts, training data references, and metadata associated with your agents.
Usage Data: We automatically collect information about how you interact with our Service, including pages viewed, features used, time spent, search queries, and click patterns.
Device Information: We collect information about the device and browser you use to access our Service, including IP address, device type, operating system, browser type, and unique device identifiers.
Marketplace Activity: Transaction history, purchase records, seller performance metrics, reviews you write or receive, and communication through our marketplace platform.
Communication Data: When you contact us, we collect the content of your messages, support tickets, and any attachments you send.
We use the information we collect for various purposes, including:
Service Delivery: To provide, maintain, and improve our platform; process transactions; enable AI agent deployment; and deliver customer support.
Personalization: To customize your experience, recommend relevant AI agents and features, and provide personalized content and communications.
Communication: To send you technical notices, security alerts, support messages, marketing communications (with your consent), and updates about our Service.
Analytics & Improvement: To understand how users interact with our Service, analyze trends, measure effectiveness of features, and develop new products and features.
AI Model Training: To improve our AI models and platform capabilities using aggregated, anonymized usage patterns. We do not use your proprietary AI agent code for training without explicit permission.
Security & Fraud Prevention: To detect, prevent, and address technical issues, fraudulent activity, security threats, and violations of our Terms of Service.
Legal Compliance: To comply with legal obligations, enforce our agreements, respond to legal requests, and protect our rights and the rights of our users.
We share your information only in the following circumstances:
With Your Consent: We share information when you explicitly authorize us to do so, such as when you publish an AI agent to our marketplace or integrate with third-party services.
Service Providers: We share information with third-party vendors who perform services on our behalf, including hosting, analytics, payment processing, email delivery, and customer support. These providers are bound by confidentiality agreements.
Marketplace Transactions: When you purchase or sell AI agents, we share necessary information between buyers and sellers to facilitate transactions, including usernames, transaction details, and communication.
Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
Legal Requirements: We may disclose information if required by law, subpoena, court order, or government request, or if we believe disclosure is necessary to protect our rights, prevent fraud, or ensure safety.
Aggregated Data: We may share aggregated, anonymized data that does not identify you personally for research, analytics, marketing, or other business purposes.
Public Content: Information you choose to make public (such as published AI agents, reviews, community posts) is accessible to other users and may be indexed by search engines.
We implement industry-standard security measures to protect your information:
Encryption: We use TLS/SSL encryption for data in transit and AES-256 encryption for sensitive data at rest.
Access Controls: We restrict access to personal information to employees, contractors, and agents who need it to perform their job functions.
Infrastructure Security: Our platform is hosted on secure, SOC 2 compliant cloud infrastructure with regular security audits and monitoring.
Security Practices: We employ firewalls, intrusion detection systems, regular security testing, and vulnerability assessments.
Incident Response: We have procedures in place to detect, respond to, and notify users of security breaches in accordance with applicable laws.
However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy:
Account Information: We retain your account information for as long as your account is active or as needed to provide services to you.
AI Agent Data: Your AI agent code, configurations, and associated data are retained as long as you maintain them on our platform. Deleted agents are permanently removed within 30 days.
Usage Data: We typically retain usage logs and analytics data for up to 24 months for operational and analytical purposes.
Transaction Records: Marketplace transaction records are retained for 7 years to comply with financial and tax regulations.
Legal Holds: We may retain information longer when required by law or to protect our legal rights.
After the retention period, we securely delete or anonymize your information.
Depending on your location, you may have the following rights regarding your personal information:
Access: You can request a copy of the personal information we hold about you.
Correction: You can request that we correct inaccurate or incomplete information.
Deletion: You can request deletion of your personal information, subject to certain legal exceptions.
Portability: You can request a copy of your data in a structured, machine-readable format.
Opt-Out: You can opt out of marketing communications and certain data processing activities.
Restriction: You can request that we limit how we use your information.
Object: You can object to certain types of processing of your information.
To exercise these rights, contact us at privacy@luminary.ai. We will respond to your request within 30 days.
We use cookies and similar tracking technologies to collect and track information about your usage of our Service:
Essential Cookies: Required for the Service to function, including authentication and security.
Analytics Cookies: Help us understand how users interact with our Service using tools like Google Analytics.
Preference Cookies: Remember your settings and preferences.
Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness.
You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service.
We also use web beacons, pixels, and similar technologies for analytics and advertising purposes.
Our Service may integrate with third-party services and contain links to third-party websites. These include:
Authentication providers (Google, GitHub, etc.), Payment processors (Stripe, PayPal), Analytics services (Google Analytics, Mixpanel), Communication tools (SendGrid, Intercom), Cloud infrastructure providers (AWS, Vercel).
We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing information to them.
Luminary is based in the United States, and our servers are located in the United States and Canada. If you access our Service from outside these countries, your information may be transferred to, stored in, and processed in the United States or other countries.
We comply with applicable data protection laws regarding international data transfers. For users in the European Economic Area (EEA), we use Standard Contractual Clauses approved by the European Commission to ensure adequate protection.
By using our Service, you consent to the transfer of your information to countries outside your country of residence.
Our Service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children.
If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information as soon as possible.
If you believe we have collected information from a child, please contact us at privacy@luminary.ai immediately.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
Right to Know: You can request information about the categories and specific pieces of personal information we have collected, the sources, purposes, and third parties we share it with.
Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out: You can opt out of the "sale" of your personal information. Note: We do not sell personal information in the traditional sense.
Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your privacy rights.
To exercise these rights, contact us at privacy@luminary.ai or call our toll-free number.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):
We process your personal information based on the following legal bases: Contract performance (to provide our services as outlined in our Terms of Service), Legitimate interests (to improve our services, prevent fraud, and ensure security), Consent (for marketing communications and certain data processing activities), Legal obligations (to comply with applicable laws and regulations).
You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.
Given the nature of our platform, we want to be transparent about how we use AI and machine learning:
Training Data: We may use aggregated, anonymized usage data to train and improve our AI models. Your proprietary AI agent code is not used for training unless you explicitly opt in.
Model Improvement: Interactions with our platform features may be analyzed to enhance AI performance, but personal identifiers are removed.
Agent Monitoring: We may monitor AI agent behavior for security, compliance, and quality purposes.
Research: We may conduct research using anonymized data to advance AI technology, which may result in academic publications or product improvements.
You can contact us to opt out of having your anonymized data used for research purposes.
We may send you marketing communications about our products, features, events, and promotions. You have control over these communications:
Opt-In: We obtain your consent before sending marketing emails where required by law.
Opt-Out: You can unsubscribe from marketing emails at any time by clicking the "unsubscribe" link in any email or by updating your preferences in your account settings.
Transactional Emails: Even if you opt out of marketing communications, we will still send you transactional and service-related emails necessary for your use of the Service.
We do not sell your email address or contact information to third parties for their marketing purposes.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
When we make material changes, we will notify you by: Posting the updated policy on our website with a new "Last Updated" date, Sending you an email notification if you have an account, Displaying a prominent notice on our Service.
We encourage you to review this Privacy Policy periodically. Your continued use of our Service after changes are posted constitutes your acceptance of the updated policy.
Material changes will take effect 30 days after notification, except where required by law to take effect sooner.
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Email: privacy@luminary.ai
Data Protection Officer: dpo@luminary.ai
Mailing Address: Luminary Inc., Attn: Privacy Team, Alexandria, VA, United States
For general inquiries: hello@luminary.ai
We will respond to your inquiry within 30 days.
We're here to help. Contact our privacy team for any questions or concerns about how we handle your data.