Privacy Policy

Last updated: June 12, 2026

Privacy is the reason Luminari Doc exists, so this policy is written to be read. It names every company that touches your data, where it lives, and for how long.

1. Who is responsible

The Service is operated by Slim Labbane Dit Kalti, sole proprietor ("we"). Contact for all privacy matters: hello@luminaridoc.com.

For the business documents you upload, you (or your company) remain the data controller and we act as a processor on your instructions, under our Data Processing Agreement — countersigned copy available on request.

2. What we collect

• Documents you upload — processed solely to generate your analysis. Originals are never written to disk: text is extracted in memory and the file is discarded immediately.
• Account & contact data — email address, a salted password hash (we cannot see your password), and the analysis types you select.
• Billing data — handled entirely by Paddle, our merchant of record. We never see your card details.
• Basic technical logs — IP address and timestamps, kept for security.

3. How your documents are processed — and by whom

Every processor we use, in full:

• Hetzner Online GmbH (Germany) — hosting. Your document is received and stored on a server in Falkenstein, Germany, for the duration of processing.
• Mistral AI (France) — AI analysis. Document text is sent to Mistral's API on EU servers for the analysis itself. Mistral offers model training on API data only as an opt-in — and our account has it explicitly disabled, on the paid tier, with the configuration evidenced. Your documents are never used to train any model.
• Scaleway (France) — transactional email. Notifications such as "your analysis is ready" and account emails are sent via Scaleway's EU infrastructure. The analysis itself stays in your dashboard — it is not sent by email.
• mailbox.org / Heinlein Hosting GmbH (Germany) — our business mailbox. If you reply to us by email, your message is hosted in Germany.
• Paddle (UK) — payments, as merchant of record.

No US company processes your documents at any step.

4. What we never do

• We never use your documents to train AI models, and neither does our AI provider.
• We never sell or share your data with advertisers or data brokers.
• We never transfer your documents outside the EU/EEA (and UK, for billing data only).

5. Retention and deletion

• Uploaded documents: originals are never stored. The extracted text is deleted the instant processing finishes — typically within minutes of upload. An independent automated sweep additionally enforces a hard 24-hour maximum, so even if processing is interrupted mid-way, nothing survives a day. Nothing is ever queued or stored awaiting payment.
• Generated analyses: kept encrypted in your dashboard for 30 days, then deleted automatically — or instantly, whenever you press Delete. Deleting your account erases everything immediately.
• Contact and billing records: kept as long as legally required for accounting, then deleted.

6. Legal bases (GDPR)

We process data to perform our contract with you (Art. 6(1)(b) GDPR), to comply with legal obligations (Art. 6(1)(c)), and for our legitimate interest in securing the Service (Art. 6(1)(f)).

7. Your rights

You may request access, correction, deletion, restriction, or portability of your personal data, and object to processing, by emailing hello@luminaridoc.com. We respond within 30 days. You may also lodge a complaint with your local data protection authority.

8. Security

All transfers are encrypted in transit (TLS). Analyses are encrypted at rest (AES-256-GCM) — honestly stated: this protects against theft of the database, not against a full compromise of the server itself. Documents are processed in isolation under unguessable identifiers and removed on schedule. Access to production systems is limited to the Operator. Passwords are hashed with argon2id and never stored in clear.

9. Cookies

The website sets no advertising or analytics cookies. Only functional cookies strictly necessary for checkout (Paddle) are used.

10. Changes

Material changes to this policy will be announced on this page and, for customers, by email at least 14 days in advance.