We do not sell your personal data to third parties. Ever.
Account information (name, email, password), payment information (processed by Stripe, we never see your card number), craft/profession details, content you create or upload, and chat conversations with AI agents.
Usage data (features used, agents interacted with, fuel consumption), device information (browser type, operating system), and IP address (for security and abuse prevention only).
If you connect Google, Twitter/X, Telegram, or Buffer, we access only the data required to perform the actions you authorize. We do not read your personal emails, browse your files, or access data beyond what is needed for the specific features you enable.
To provide and improve the Service, to process payments and manage subscriptions, to send transactional emails (confirmations, briefs, receipts), to enable AI agents to perform authorized tasks on your behalf, and to protect against fraud and abuse.
| Provider | Purpose | Data Shared |
|---|---|---|
| Anthropic (Claude) | AI processing | Your prompts and conversation context |
| Stripe | Payments | Email, payment method (handled by Stripe) |
| Supabase | Database | Account data, conversations, settings |
| Resend | Email delivery | Email address, email content |
| Railway | Hosting | Server logs, IP addresses |
| OAuth + Drive/Gmail | Only scopes you authorize | |
| Serper | Web search | Search queries (no personal data) |
| Buffer | Social posting | Post content for connected channels |
LUNARI uses Anthropic's Claude API. Per Anthropic's data policy, API inputs are NOT used to train their models. Your conversations, prompts, and content are not used for AI training by any party. We retain conversation history to provide context for your AI agents. You may delete your data at any time.
Account data: retained while your account is active, deleted 30 days after account closure. Chat history: retained while active, deleted with account. Payment records: retained for 7 years per tax/legal requirements (managed by Stripe). Server logs: retained for 12 months for security purposes.
You have the right to: access your personal data, correct inaccurate data, delete your data (email system@lunari.pro), export your data, opt out of marketing emails, and disconnect any third-party integration at any time.
California Residents (CCPA): You have the right to know what personal information is collected, request deletion, and opt out of any sale of personal information. We do not sell personal information.
We use industry-standard encryption (TLS/SSL), secure authentication (Supabase Auth with bcrypt password hashing), and access controls. However, no method of transmission over the internet is 100% secure. API keys and OAuth tokens are encrypted at rest.
We use only essential cookies for authentication (Supabase session tokens). We do not use tracking cookies, advertising cookies, or analytics cookies. No third-party tracking.
The Service is operated from the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. We do not currently offer GDPR-specific compliance mechanisms.
Material changes will be communicated via email. Continued use after changes constitutes acceptance.
For privacy questions or data requests: system@lunari.pro