Luma

Last updated: April 28, 2026

Privacy policy

This privacy policy describes how Luma Calendar ("Luma," "we," "our") collects, uses, stores, and shares information about you when you use our website, mobile-friendly web application, and tablet display experiences (collectively, the "Service"). Luma is operated by an individual proprietor based in the United States. Contact: privacy@lumacalendar.com.

1. Information we collect

We collect only what we need to provide the Service. Specifically:

  • Account data. Email address, full name (optional), password hash (managed by our authentication provider, Supabase Auth — we never see your plaintext password), and the timestamps of account creation and last sign-in.
  • Household data. Household name, household timezone, list of household members, role of each member (owner / admin / member), and pending invite records.
  • Calendar data. Native Luma calendars and events you create (title, description, location, start/end times, recurrence rules, the calendar a given event belongs to). For households that connect Google Calendar, we also cache events synced from Google so we can render them on the tablet display in real time.
  • Encrypted OAuth tokens. When you connect a third-party calendar provider (Google), we receive an OAuth refresh token and access token from that provider. We encrypt these tokens at rest using AES-256-GCM with a key held in a server-side secret. Tokens are never written to our database in plaintext.
  • Lists data. Items in your household's grocery and to-do lists.
  • Tablet device data. When you pair a tablet with your household, we store a name you give the tablet, a hashed device refresh token, and a "last seen" timestamp.
  • Operational telemetry. Page views, in-app event names (e.g., "event_created", "tablet_active"), and crash reports. Telemetry is associated with your user id, never your email. We use PostHog for product analytics (including session replay with input fields masked by default) and Sentry for error tracking.
  • Server logs. Standard request logs (IP address, user agent, timestamp, URL) retained for up to 30 days for security and debugging. We do not sell or share these logs.

2. How we use your information

  • To operate the Service and synchronize your calendars between providers.
  • To send transactional emails (welcome, password reset, household invite).
  • To diagnose bugs and improve the product. Session replays are reviewed only when we are investigating a specific issue you've reported or a bug we've detected.
  • To enforce our Terms of Service and prevent abuse.

We do not use your information for advertising. We do not sell your information. We do not train AI models on your calendar contents.

3. How we share information

We share information only with service providers who help us operate Luma. We have contracts with each that limit their use of your data to providing services to us:

  • Supabase (database, authentication)
  • Vercel (hosting)
  • Resend (transactional email delivery)
  • Google (only the calendars you choose to connect)
  • PostHog (product analytics, session replay)
  • Sentry (error tracking)

We may disclose information if compelled by valid legal process, or to protect the rights, property, or safety of Luma, our users, or the public.

4. Where data is stored

Luma stores data on infrastructure operated by Supabase and Vercel, in U.S.-based data centers. If you access the Service from outside the United States, your data will be transferred to and processed in the United States.

5. Data security

We use industry-standard security controls: TLS for all transport, AES-256-GCM encryption for OAuth tokens at rest, Postgres Row-Level Security to ensure one household cannot see another's data, hashed and rotated tablet refresh tokens, and access logs. No system is perfectly secure. If we discover a breach affecting your data we will notify you within 72 hours.

6. Data retention and deletion

  • Account and household data is retained as long as your account is active. When you delete your account, we delete your account data within 30 days.
  • Encrypted OAuth tokens are deleted immediately when you disconnect a calendar provider.
  • Server logs are retained for 30 days.
  • Telemetry events are retained for 24 months.

Email privacy@lumacalendar.com to request access to, correction of, or deletion of your data.

7. Your rights

Depending on where you live, you may have rights under the GDPR, CCPA, or similar laws to access, correct, delete, or port your personal information. To exercise any of these rights, email privacy@lumacalendar.com. We will respond within 30 days.

8. Children

Luma is not directed to children under 13. We do not knowingly collect personal information from children under 13. Parents may add a child's name to their family calendar; this is data the parent controls and can remove at any time.

9. Changes to this policy

We will post any changes to this policy on this page and update the "Last updated" date. If changes are material, we will notify you by email.

10. Contact

Questions, concerns, or requests: privacy@lumacalendar.com.