Lumenet
Get started

Privacy Policy

This policy describes what Lumenet stores on your PC, what the desktop app may send over the network, what the account site collects, and how this website uses cookies.

Draft for product accuracy — formal legal review is required before production publication.

Data that stays on your PC

Firewall rules, activity history, enforcement state, and locally computed views (such as graphs and maps) are stored on your machine.

Nothing in this category is uploaded for analytics, ads, or product telemetry by default. You may export local data yourself; export is initiated by you, not sent automatically.

No telemetry by default

The desktop app does not upload your connection log, per-app traffic details, or rule decisions for analytics, crash reporting, or marketing.

The account service handles sign-in, device seats, and entitlement — not your firewall log.

Signed release binaries

Windows installers are published through our release pipeline with code signing. Verify the publisher signature in Windows before you install.

The update check described below uses the signed release channel metadata only — it does not include your network activity.

Sanctioned network calls (desktop app)

Outside of connections you explicitly allow or block as the user, the Lumenet desktop app initiates only the outbound calls listed here. Each call carries the minimum data needed for its purpose.

  • Update check

    When: Periodically, and when you choose Check for updates.

    Data carried: Current app version, release channel, and basic OS/platform identifiers needed to offer the correct signed installer. No connection log, rule data, or account password.

  • Account activation and entitlement refresh

    When: When you sign in, activate a device, or the app refreshes your subscription state.

    Data carried: Account email and authentication tokens via Supabase Auth; device name you provide; device binding identifier; subscription and seat status needed to enforce your plan. No firewall log or per-app traffic.

  • Threat-feed download (opt-in only)

    When: Only if you enable the threat feed in settings.

    Data carried: A request for the feed file or delta (for example, feed version or revision cursor). The request does not include your connection history. Downloaded indicators are stored locally for matching.

Account site data

This website (sign-in, signup, dashboard, OAuth activation) collects account email and authentication metadata via Supabase Auth, device names you provide during activation, and subscription or seat status needed to enforce your plan.

It does not receive your desktop connection log or enforcement history.

Cookies on this website

We use essential first-party cookies required for Supabase Auth session management (sign-in persistence).

We do not use third-party trackers or analytics scripts on this site.

Why we do not show a cookie banner

Our cookies are strictly necessary for authentication only. We do not load optional analytics, advertising, or social widgets that would require consent under a banner. If that changes, this policy and the site will be updated before new non-essential cookies are introduced.

Contact

Privacy questions: [email protected]