This Privacy Policy describes how Luminfra (“we,” “us”) collects, uses, stores, and protects information provided by visitors to this website and clients engaging our services. We do not sell, rent, or trade your information to third parties.

1. Information we collect

Contact and inquiry information. When you submit a contact form or reach out via email, we collect your name, email address, and the content of your message. This information is used solely to respond to your inquiry and assess whether an engagement is a good fit.

Billing information. For invoicing purposes, we collect your name, business name (if applicable), email address, and billing address. Payment processing is handled through our invoicing platform. Luminfra does not store credit card numbers or payment credentials directly.

System access credentials. For clients who engage us for hands-on server or account work, we may receive login credentials, API keys, SSH access, or control panel credentials. These are stored in a dedicated password manager and are used exclusively to perform agreed services. Access is revoked or transferred back to the client upon request or at the end of an engagement.

Email correspondence. Email communications related to active or prospective engagements are retained as part of the engagement record. This includes scoping discussions, support requests, and any written agreements or approvals.

Website data. This website uses session cookies necessary for basic site functionality. We do not use advertising cookies, behavioral tracking, or third-party analytics platforms. No personally identifiable information is collected through cookies.

2. How we use your information

Information collected by Luminfra is used exclusively for the following purposes: responding to inquiries and evaluating potential engagements, delivering agreed services, processing invoices and managing billing records, and maintaining engagement history for continuity of support.

We do not use client information for marketing purposes, share it with third parties for their commercial use, or use it for any purpose beyond the direct service relationship.

We do not sell, rent, or otherwise disclose personal information to third parties for their commercial purposes. We do not currently respond to Do Not Track signals, as no industry standard for such signals has been established.

3. Third-party tools and processors

Luminfra uses a limited set of third-party tools to deliver services. Each handles client data only as necessary for its specific function.

Billing system. Used to generate invoices, track payments, and manage billing records. Client billing information is stored within this platform. Our billing system is self-hosted, meaning data remains within infrastructure under Luminfra’s control rather than a shared cloud billing service.

Ticket system. Client support requests and engagement communications are managed through a self-hosted ticket system. This includes issue descriptions, system details, and any files or information submitted as part of a support request. As with our billing system, this data remains within infrastructure under Luminfra’s control.

Payment processors. Payments are processed through Stripe and PayPal depending on the method chosen at checkout. These processors handle your payment credentials directly and are governed by their own privacy policies. Luminfra does not receive or store your full card number or payment account credentials. We encourage you to review Stripe’s Privacy Policy and PayPal’s Privacy Policy for details on how they handle payment data.

Password manager. Client credentials and access information are stored in a dedicated password manager with encryption at rest. Credentials are accessed only when performing agreed work and are not shared outside of the engagement.

Monitoring tools. For retainer clients with monitoring included, we use infrastructure monitoring software to track uptime, performance, and alerts for agreed systems. Monitoring data is used solely for the purposes of detecting and responding to issues on your infrastructure.

4. Data retention

Client information — including billing records, email correspondence, and engagement history — is retained indefinitely unless a deletion request is submitted. Billing records may be retained for legal and accounting purposes even following a deletion request, where applicable law requires it.

System access credentials for completed or terminated engagements are deleted from our password manager upon request, or within 30 days of engagement termination if no explicit request is made.

To request deletion of your data, contact us via the contact page. We will confirm receipt and process the request within 14 days.

5. Data security

Luminfra takes reasonable technical and organizational measures to protect client information from unauthorized access, disclosure, or loss. This includes encrypted storage of credentials, access controls on systems holding client data, and use of secure communication channels.

No method of transmission or storage is completely secure. In the event of a data breach affecting client information, we will notify affected clients promptly and take steps to mitigate impact.

6. Your rights

You have the right to request access to the personal information Luminfra holds about you, request correction of inaccurate information, and request deletion of your data subject to the retention considerations described in Section 4.

If you are located in the European Union or United Kingdom, you may have additional rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the right to data portability and the right to lodge a complaint with your local supervisory authority. To exercise any of these rights, contact us via the contact page.

We will respond to all rights requests within 14 days of receipt.

7. Cookies

This website uses only session cookies necessary for standard site functionality, such as session management and form security tokens. These cookies do not track you across other websites, collect personal information, or serve any advertising purpose. You can disable cookies in your browser settings, though this may affect basic site functionality.

8. Changes to this policy

Luminfra may update this Privacy Policy from time to time. The effective date at the top of this page will reflect when changes were last made. For active retainer clients, material changes will be communicated via email. Continued use of our services after an updated policy takes effect constitutes acceptance of the revised terms.