Overview
This Privacy Policy explains what information Lume ("we", "us", or "our") collects, how we use it, and your choices. By using the Lume iOS app, you agree to this policy.
1. Information We Collect
Photos, Camera & Face Data
Lume requests access to your camera and photo library solely to let you select or capture a selfie for AI transformation. When you take or choose a photo, Apple's Vision framework runs entirely on your device to detect face position and framing only — no biometric templates, facial geometry data, or face embeddings are extracted or stored. The selfie image is then sent to the Google Gemini API (Google LLC) for AI style transformation. For a full description of how face data is handled, see Section 2a. Face Data below.
Original selfie photos are not stored on our servers. They are not retained by us after the Gemini API returns its result.
Device Identifier
We use Apple's UIDevice.identifierForVendor as an anonymous device token for the Community feature. This identifier is specific to our app and cannot be used to identify you personally. It resets when you reinstall the app.
Usage Data
We may collect anonymized, aggregated data about how features are used (e.g., which styles are most popular). This data does not contain photos or personal identifiers.
2. How We Use Your Information
- To process and transform your selfies using AI models (Google Gemini API).
- To display your portrait in the app after transformation.
- To operate the Community feed when you choose to share a result.
- To improve app features using aggregated, anonymized analytics.
We do not use your photos for training AI models. We do not sell, rent, or share your personal data with advertisers.
2a. Face Data
What face data does the app collect?
When you take or select a selfie, Apple's Vision framework runs on your device to detect face bounding boxes for framing guidance. No biometric templates, face embeddings, facial geometry meshes, or facial recognition data are generated or collected. The selfie photograph (a standard JPEG image) is the only data transmitted off-device.
How face data is used
- On-device face detection: used solely to assist with camera framing and to confirm a face is present before sending the image for transformation.
- AI transformation: the selfie is sent to the Google Gemini API so that the AI model can apply your chosen artistic style. This is the only purpose for which the image leaves your device.
Face data is never used for advertising, profiling, identity verification, or any purpose other than producing the portrait transformation you have requested.
Third-party sharing
Your selfie photograph is transmitted to Google LLC (Google Gemini API) solely for image generation processing. It is not shared with any other third party, sold, or used to train models on your behalf. Google's processing is governed by the Google Privacy Policy and Google Cloud data processing terms.
Storage and retention
We do not store your original selfie on our servers at any point. The image is transmitted to Google Gemini, the transformed result is returned to your device, and the original selfie is discarded from the transmission pipeline immediately. Transformation results (the AI-generated portrait) are stored only on your device and are under your full control. They are never retained by us unless you explicitly choose to share them to the Community feed (see Section 3).
On-device data
The Vision framework face-detection data (bounding box coordinates) is held only in memory during the active session and is never written to disk, transmitted, or logged.
4. Community Sharing
The Community feature is entirely opt-in. A photo is only uploaded to our servers when you explicitly tap the "Share to Community" button after generating a portrait. You will see a confirmation dialog before every upload.
Once shared, community posts are publicly visible within the app. You may delete your posts at any time from the app. Deleted posts are removed from our servers within 24 hours.
5. Third-Party Services
- Google Gemini API (Google LLC) — processes your selfie photograph for AI transformation. Subject to Google's Privacy Policy. Your image is not used to train Google's models under the standard API terms.
- Railway — hosts the Community feed backend (image storage, database). Data is stored in EU/US regions depending on availability.
We require all third-party processors to maintain appropriate data security standards.
6. Data Retention
- Selfie photos — never stored on our servers. Transmitted to Gemini API for processing only; not retained after the API returns its result.
- Transformation results — stored only on your device. We do not retain them on our servers.
- Community posts — stored until you delete them, or until 12 months after your last app activity.
- Device identifier — retained for as long as you use the app.
- On-device Vision data — face bounding box coordinates held in memory only during the active session; never persisted.
7. Children's Privacy
Lume is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has submitted data to us, contact us at the address below and we will delete it promptly.
8. Your Rights
Depending on your location, you may have rights to access, correct, or delete personal data we hold. To exercise these rights, email us at alex@pulsedo.app. We will respond within 30 days.
You can revoke camera and photo library permissions at any time in iOS Settings → Lume.
9. Security
We use HTTPS for all network communication. Photos sent to Gemini are transmitted over encrypted connections. We do not store raw selfies on our servers outside of Community posts you explicitly share.
10. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via an in-app notice. Continued use of the app after changes constitutes acceptance of the updated policy.
11. Contact Us
Questions or requests about this Privacy Policy: