1. You own your code
Everything Lumexa generates for you — your PRD, your application code, and your data — belongs to you. We do not claim ownership of your projects or Output, and you are free to export, host, and modify them anywhere. See our Terms of Service for the full ownership terms.
2. Encryption
Data is encrypted in transit using TLS, and encrypted at rest in our managed databases and storage. Passwords are never stored in plain text — they are stored only as salted hashes.
3. Infrastructure
Lumexa runs on Amazon Web Services, using managed databases, isolated build and compute environments, and network controls. We rely on AWS’s physical and infrastructure security and build least-privilege, isolated environments on top of it.
4. Access controls
Access to production systems is restricted on a least-privilege basis, protected by strong authentication, and logged. We monitor our systems for availability and unusual activity and maintain diagnostic logging to investigate issues.
5. AI & your data
To generate Output, Lumexa sends relevant portions of your Inputs to AI model providers. We do not sell your Inputs or Output, and we do not use your private project content to train publicly shared foundation models. We contractually require our AI sub-processors to process your content only to provide their service to us — see our Privacy Policy for details.
6. Privacy & GDPR
We collect only what we need to operate the Service, and we support data-subject rights including access, correction, deletion, and portability. If you are in the EEA or UK, we process personal data under recognized legal bases and use appropriate safeguards for international transfers. Full detail lives in our Privacy Policy.
7. Export & portability
Your project is never locked in. You can export your generated code and take it elsewhere at any time — no proprietary runtime is required to run what Lumexa builds for you.
8. Reporting a vulnerability
We welcome responsible disclosure. If you believe you have found a security issue, please email security@lumexa.ai with details and steps to reproduce. Please give us a reasonable opportunity to investigate and remediate before any public disclosure. We appreciate the security community’s help in keeping Lumexa and our users safe.