Privacy Policy

We collect and process the following categories of personal information depending on how you use our Services.

1.1 Information You Provide Directly We may collect information you provide voluntarily, including: Account and Registration Data: When you sign up, we collect your name, email address, company name, billing address, phone number, and account credentials. Payment Details: Payment card or bank information is collected via secure third-party payment processors. We do not store full payment card data ourselves. User Content and Input: Includes prompts, files, specifications, project information, code, data, and outputs you provide or generate using Luna’s Services. Customer Communications: When you contact support, respond to surveys, or provide feedback, we may store those communications for customer service, improvement, and compliance purposes.

1.2 Information We Collect Automatically When you use our platform, we collect certain technical and usage data, such as: Usage Activity: API call history, Token and LOC consumption, time spent on features, error logs, interaction timestamps. Device and Connection Info: IP address, browser version, OS type, device type, and referral URLs. Cookies and Analytics: We use cookies, beacons, and tracking tools to enhance your experience. For full details, see our Cookie Policy.

We use the personal information we collect for the following lawful purposes: To deliver and improve our Services: This includes maintaining platform functionality, generating outputs, handling billing, and personalizing your experience. To communicate with you: Including system alerts, account notifications, service updates, and support responses. To manage accounts and transactions: We use your data to process payments, manage renewals, and prevent payment fraud. To analyze and improve performance: We evaluate usage patterns to optimize features and allocate infrastructure efficiently. To secure the platform: We monitor and investigate anomalies, protect against abuse or fraud, and respond to incidents. To comply with laws and regulations: This includes legal obligations, audits, investigations, or to protect legal rights. We may also process anonymized or aggregated data (that does not identify individuals) to improve our models and platform analytics.

We do not sell your personal information. However, we may share it in limited ways as described below: With Service Providers: We engage third-party vendors for hosting, infrastructure, payments, support, communications, and analytics. These providers are contractually bound to protect your data. For Legal Compliance and Protection: We may disclose data to respond to lawful requests (e.g., subpoenas, court orders), enforce our agreements, or defend legal claims. In Corporate Transactions: If Luna is involved in a merger, acquisition, financing, or sale of assets, your data may be transferred as part of that transaction. For Security and Abuse Prevention: We may share information as needed to detect, prevent, or respond to fraud, security threats, or violations of Luna’s policies.

Depending on your jurisdiction, you may have certain legal rights regarding your personal information. These include: Right to Access: Request a copy of your personal data. Right to Correct: Ask us to update or correct inaccurate information. Right to Delete: Request the deletion of your data, subject to legal exceptions. Right to Data Portability: Receive a machine-readable copy of your data. Right to Object/Restrict Processing: Limit how we use your data or object to processing based on legitimate interest. Right to Withdraw Consent: Where we rely on your consent, you can withdraw it at any time. To exercise these rights, contact us at privacy@lunabase.ai. We may request verification of your identity before processing your request.

Luna operates globally, and your data may be processed outside of your home country — including in the United States — where privacy laws may differ. Whenever we transfer personal data across borders, we implement safeguards such as: Standard Contractual Clauses (SCCs) approved by the European Commission or UK authorities; Data Processing Agreements (DPAs) with our subprocessors; Additional technical safeguards like encryption, pseudonymization, and access controls. If you are located in the EEA, UK, Switzerland, or another region with data transfer restrictions, we will ensure your rights are protected through legally recognized mechanisms.

We maintain robust technical and organizational security measures designed to protect your personal information. These include: End-to-end TLS encryption of data in transit; Role-based access controls and administrative permissions; Firewalls and intrusion detection systems; Secure authentication mechanisms and audit trails. While we strive to safeguard your data, no system can be guaranteed 100% secure. In case of a breach, we follow strict incident response protocols and will notify affected users and regulators where required. For more technical information, see our Data Security Exhibit.

We retain your personal information only for as long as necessary to: Provide and support the Services; Comply with our legal and financial obligations; Resolve disputes or enforce our terms. Once your account is closed, we delete or de-identify personal data after a commercially reasonable retention period unless required by law to retain it longer. We may retain aggregated, anonymized data indefinitely to improve platform capabilities.

Our Services are not intended for individuals under the age of 18. We do not knowingly collect or solicit personal information from children. If we discover that we have collected information from a child without verified parental consent, we will take prompt steps to delete it. If you become aware of any such data collection, please contact us at privacy@lunabase.ai.

We may update this Privacy Policy to reflect changes in our practices, technologies, legal obligations, or user expectations. When we do, we will update the “Last Updated” date above and may notify you by email or through the platform. Your continued use of our Services after an update constitutes your acceptance of the revised Privacy Policy. We encourage you to review it periodically.

If you have any questions about this Privacy Policy or your personal data, please contact us: Luna Base Inc. privacy@lunabase.ai We are committed to resolving concerns about your privacy and upholding your rights.

This Cookie Policy explains how Luna uses cookies and similar tracking technologies when you visit our website or use our online Services. By continuing to browse or interact with our site, you agree to our use of cookies as described in this policy. If you do not agree, you may disable cookies through your browser settings or use our cookie preference tools.

1. What Are Cookies? Cookies are small text files placed on your device when you visit a website. They help websites function properly and efficiently, remember user preferences, and gather analytics data.

2. Types of Cookies We Use Strictly Necessary Cookies: Essential for site functionality. Performance and Analytics Cookies: Help us understand usage patterns. Functionality Cookies: Enable personalized features. Targeting and Marketing Cookies: Not used currently by Luna.

3. Legal Basis For non-essential cookies, we seek your consent as required by GDPR.

4. Managing Preferences You can manage cookies through our site tools or browser settings.

This DPA is entered into by Luna Base Inc. and the Customer, supplementing the Luna Terms of Service. It reflects compliance with GDPR, UK GDPR, CCPA, and other privacy laws. It defines roles (Controller vs Processor), processing scope, sub-processor rules, security measures, data subject rights, breach notification, and audit rights.

This DPA remains effective for the duration of the Agreement. Upon termination, Luna will delete or return personal data as instructed unless legal retention applies. Anonymized data may be retained for analytics. Conflicts between this DPA and the Agreement will favor the DPA regarding data protection.