PRIVACY POLICY

Privacy Policy

Effective Date: August 14, 2025 · Last Updated: September 10, 2025

This Privacy Policy (“Policy”) describes how Pocket AI, Inc. (“Pocket AI,” “we,” “us,” or “our”) collects, uses, processes, stores, and discloses information, including personal information, in connection with the Luminate platform (“Luminate” or the “Service”).

This Policy is intended to comply with applicable data protection laws and industry standards, including, where applicable, the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”), the California Privacy Rights Act (“CPRA”), and similar global privacy frameworks.

By accessing or using Lumtric, you acknowledge and agree that you have read, understood, and consent to the terms of this Policy.

1. Scope of Application

This Policy applies to all users of Lumtric, including visitors to our website, registered account holders, and recipients of communications transmitted via our platform. It governs all data collected by us, whether directly from you, automatically through the Service, or from third-party sources lawfully providing such data.

2. Categories of Information Collected

We may collect and process the following categories of information:

Account Information – Name, email address, phone number, business name, billing address, authentication credentials, and any other identifiers you provide upon registration or profile updates. If you choose to sign in using Google Sign-In, we receive your name, email address, and profile picture from your Google account.

Service Interaction Data – Text, audio, voice recordings, transcripts, prompts, outputs generated by AI systems, and associated logs (collectively “AI Logs”).

Technical and Usage Data – Device identifiers, IP address, browser type, operating system, time zone settings, pages visited, features used, session duration, and diagnostic data.

Financial Information – Payment method details, transaction history, and tax-related information where applicable.

Third-Party Integration Data – Information obtained from connected third-party services (e.g., communications platforms, CRMs, cloud providers) in accordance with their respective privacy policies.

We may combine information collected from multiple sources to enhance the Service.

3. Lawful Bases for Processing

Where GDPR or similar frameworks apply, our processing is based on:

  • Contractual Necessity – To perform the Service under our Terms of Service.
  • Legitimate Interests – To operate, maintain, improve, and secure Lumtric, provided such interests are not overridden by your rights.
  • Consent – For certain processing activities, including AI training, marketing communications, and sensitive data processing, where required.
  • Legal Obligation – To comply with applicable law, regulatory requests, or enforceable governmental orders.

4. Purpose of Collection and Use

We use collected information to:

  • Deliver, operate, and maintain the Lumtric platform.
  • Authenticate users and authorize access to the Service.
  • Process transactions, issue invoices, and manage subscriptions.
  • Provide technical and customer support.
  • Improve the Lumtric platform and services.
  • Monitor for abuse, fraud, or security incidents, including detection and prevention of malicious activity.
  • Comply with applicable laws, regulations, and contractual obligations.
  • Enforce our Terms of Service and other agreements.
  • User data collection for 3rd party integrations (e.g. Google Calendar, Google Tasks, Google Docs, etc.) is never collected or used for any other purpose than to provide the Service you request. This data will never be sold, used for marketing, used to target ads, or any other act prohibited by their respective privacy policies.

We expressly reserve the right to retain, store, and process anonymized and aggregated data indefinitely for the purposes of improving the Lumtric platform and services.

5. Data Ownership and Rights

User Inputs & Outputs – You retain ownership of your inputs and AI-generated outputs. By submitting content to Lumtric, you grant Pocket AI a worldwide, royalty-free, irrevocable, sublicensable license to store, process, transmit, and otherwise use such content for the purposes set forth in this Policy.

Anonymized Data – We exclusively own all rights to anonymized, aggregated, or de-identified data 1st party data, which may be used for any lawful business purpose without further notice or consent, unless this is prohibited by law. 3rd party data (e.g. Google Calendar, Google Tasks, Google Docs, etc.) is never used or collected except for the express purpose of providing the Service you requested.

6. Data Retention

We retain personal information only as long as necessary for:

  • Providing the Service.
  • Complying with legal, tax, and accounting obligations.
  • Enforcing our agreements and resolving disputes.

Retention periods may extend beyond account termination where legally required or where necessary for legitimate business interests, including fraud prevention and abuse detection.

7. Data Security

We maintain commercially reasonable administrative, technical, and physical safeguards to protect information from unauthorized access, alteration, disclosure, or destruction. Measures include, but are not limited to:

  • Encryption in transit and at rest.
  • Access controls with least privilege principles.
  • Network segmentation and intrusion detection.
  • Regular security assessments and audits.

No method of transmission or storage is 100% secure, and we disclaim all liability for unauthorized access outside our reasonable control.

8. International Data Transfers

Where data is transferred outside your country of residence:

  • You consent to the transfer, storage, and processing of your information in jurisdictions that may have different privacy protections than your home country.

9. Disclosure to Third Parties

We may disclose your aggregated and anonymized 1st party information to:

  • Vendors and Service Providers – To provide the Service you request (e.g., hosting, analytics, payment processing, communications platforms).
  • Affiliates and Corporate Transactions – In connection with mergers, acquisitions, reorganizations, or sales of assets.
  • Legal and Regulatory Authorities – As required by law, court order, or lawful governmental request.
  • Third Parties with Consent – Where you authorize disclosure (e.g., integrations) unless prohibited by law or the policies of any given 3rd party.
  • 3rd party data (e.g. Google Calendar, Google Tasks, Google Docs, etc.) will never be used to target ads, used for marketing, sold, trained on, or any other act prohibited by their respective privacy policies.

We do not sell personal information in the meaning of “sale” under the CCPA.

10. Your Rights

You may have the right to:

  • Access, correct, or delete your personal information.
  • Restrict or object to processing.
  • Receive a portable copy of your data.
  • Withdraw consent at any time (withdrawal will not affect prior lawful processing).

Requests must be submitted in writing to founders@lumetric.ai and may require verification of identity.

11. Limitation of Liability

To the fullest extent permitted by law, Pocket AI, Inc. shall not be liable for any indirect, incidental, consequential, punitive, or special damages, whether arising in contract, tort, or otherwise, related to unauthorized access, data loss, or breach, except where such exclusion is prohibited by law.

12. Changes to This Policy

We reserve the right to amend this Policy at any time. Updates will be posted with a revised “Last Updated” date. Material changes will be communicated via the Service or email before they take effect.

13. Contact Information

Pocket AI, Inc.
Attn: Privacy Officer
505 N Angier unit 326 · Atlanta, GA 30308
Email: founders@lumetric.ai

14. Messaging & Communications (SMS/Text and Email)

As part of the Service, we may send you communications via email or SMS/text messages. Messaging may include account notices, security alerts, and communication with your AI agents. By providing your email address or mobile phone number, you consent to receive such communications as described below, subject to your rights to opt out.

  • Transactional vs. Marketing – As part of the Service, we may send you communications via email or SMS/text messages. Most messages will be related to communication with your AI agents. These are fully opt-in and opt-out. Before you can give your agent an phone number, you must opt-in to receive messages from us. This can be revoked at any time.
  • Messaging Frequency – Message frequency varies. Message and data rates may apply based on your carrier plan. Carriers are not liable for delayed or undelivered messages.
  • Service Providers – We may use third-party email and SMS providers to deliver messages on our behalf. These providers process limited personal data to facilitate delivery and maintain logs in accordance with this Policy.
  • Compliance – We endeavor to comply with applicable communications laws and industry guidelines, including the Telephone Consumer Protection Act (TCPA), CAN-SPAM, and CTIA best practices, as applicable.

Opt-Out Instructions

  • SMS/Text – You can opt out of marketing texts at any time by replying STOP to any message. For assistance, reply HELP or contact us at founders@lumetric.ai.
  • Email – Use the “Unsubscribe” link included in our marketing emails or contact us at founders@lumetric.ai.

Notice of Changes – If we materially change how we access, use, store, or share Google user data, we will update this Policy and provide notice via in‑product communication or email prior to the change where required.

15. Google Sign-In & Google API Services

Luminate offers the option to sign in using your Google account (“Google Sign-In”). When you authenticate via Google Sign-In, we access the following information from your Google account:

  • Basic Profile Information – Your name, email address, and profile picture.
  • Authentication Tokens – OAuth tokens to verify your identity and maintain your session.

How We Use Google Account Data:

  • To create and authenticate your Luminate account.
  • To personalize your experience (e.g., displaying your name and profile picture).
  • To communicate with you about your account and the Service.

Google API Services User Data Policy Compliance:

Luminate's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google account data for the purposes described in this Privacy Policy.
  • We do not sell Google user data.
  • We do not use Google user data for advertising purposes.
  • We do not transfer Google user data to third parties

You can revoke Luminate's access to your Google account at any time by visiting your Google Account Permissions page.