Privacy Policy

Last updated: April 24, 2026

This page explains what data flows through LumaBrowser and lumabyte.com, where it goes, and what you can do about it. The app itself is deliberately quiet: it has no third-party analytics or crash reporting. The only thing LumaBrowser sends to us is a lightweight version check-in and, on the Community tier, the page templates you generate. This is the umbrella policy covering the app, the website, billing, and licensing together.

On this page

  1. Who we are
  2. Summary at a glance
  3. What we collect
  4. Page templates, in detail
  5. How we use your data
  6. Third parties we rely on
  7. Data retention
  8. Your rights
  9. Children's data
  10. International transfers
  11. Changes to this policy
  12. Contact

1. Who we are

Lumabyte, LLC is the data controller for information processed in connection with LumaBrowser and lumabyte.com. We're a US limited liability company. When this policy says "we," "us," or "Lumabyte," it means Lumabyte, LLC.

You can reach us at the address in Section 12.

2. Summary at a glance

LumaBrowser runs on your machine. Your prompts, credentials, API keys, browsing data, webhook payloads, and LLM responses never leave your computer. We can't see them.

No third-party analytics or crash reporting, anywhere. We removed PostHog and Sentry from LumaBrowser entirely, and the lumabyte.com website carries no analytics or crash-reporting scripts either. What does leave your machine is narrow and documented: a periodic version check-in to lumabyte.com (so we can count installs and see version/platform spread), sanitized page templates (Community tier only), billing email through Stripe, and license-key activation through Keygen.sh.

Paid tiers sever both channels. With the NO_TELEMETRY entitlement (standard on Pro and Enterprise) the check-in never fires, and with PRIVATE_TEMPLATES your templates stay strictly on your machine; so a paid install can run fully offline with zero egress to lumabyte.com.

3. What we collect

We group the data we touch into buckets. This is the full picture across both the app and the site.

BucketWhat it containsWho sees it
Billing data Your email address, subscription tier, billing cycle, and subscription status. Your card number and payment details are handled directly by Stripe; we never receive or store them. Lumabyte, Stripe
License data
(Pro and Enterprise)
Your license key, issuance and expiration timestamps, and an activated machine fingerprint. The fingerprint is the OS-level machine identifier (on Windows, the MachineGuid registry value under HKLM\SOFTWARE\Microsoft\Cryptography; on macOS, the IOPlatformUUID from IOKit; on Linux, the contents of /var/lib/dbus/machine-id). It is not a one-way hash and is stored against your Keygen.sh account record alongside your email, so it is identifiable data, not anonymous. The fingerprint is sent to Keygen so a license can be activated, validated, moved between devices, and revoked. No fingerprint is collected for Community users; they have no license to bind. Lumabyte, Keygen.sh
App version check-in
(Community tier; Pro unless NO_TELEMETRY is set; off in developer mode and on Enterprise)
A small periodic ping to lumabyte.com/api/pulse (roughly every five minutes while the app is open) so we can count how many installs exist and are currently active, and see version/platform spread for release planning. It carries only: your tier (community / pro / enterprise), the app version, and the platform (e.g. win32, darwin, linux) in the body; a stable machine identifier in a header so the same install isn't counted twice (the OS-level machine id described above; for paid installs it matches your license fingerprint); a short-lived rolling authentication token; and a User-Agent string with the version, architecture, OS release, and Electron version. Nothing else. No events, no feature usage, no URLs, no page content, no prompts, no credentials. There is no PostHog and no Sentry in the app. Lumabyte
Page templates
(Community tier only)
The target domain and URL path (no query strings, no fragments) paired with the extracted generalized CSS-selector template. See Section 4. Lumabyte (public template repository)
Website logs Basic Go server logs (IP address, user agent, request path, timestamp) kept for operational and abuse-prevention purposes. The lumabyte.com website loads no third-party analytics or crash-reporting scripts; there is no PostHog, no Sentry, no Google Analytics, and no advertising trackers on the site. Lumabyte

If you join a waitlist (for example on /pricing), we also collect the email address and optional comments, name, company, and role you submit. That data is stored in our database for product-planning outreach only.

Turning the check-in off

The version check-in is on by default for Community users running a packaged (non-development) build. It is switched off automatically when:

  • A license is activated that carries the NO_TELEMETRY entitlement (standard on Pro and Enterprise policies); the check-in loop never starts.
  • You run LumaBrowser in development mode (unpackaged, or launched with --dev).
  • You block outbound traffic to lumabyte.com/api/pulse at the network layer.

One caveat for Community users: the check-in also keeps a free install in "good standing." If a Community install can't reach lumabyte.com for more than 24 hours, it drops to a degraded mode where Template Builder generation stops working (there's a 24-hour grace window from first launch). Paid tiers are exempt from this; they paid for the right to run fully offline. If you need to run a free install with no check-in, that good-standing requirement is the tradeoff.

4. Page templates, in detail

With analytics and crash reporting gone from the app, the shared template repository is the one genuinely novel privacy surface left in LumaBrowser, so it deserves a full explanation.

What it is

When you use the Template Builder on Community tier, LumaBrowser extracts generalized CSS selectors from the page you're looking at (selectors that identify structural elements like "the primary navigation" or "the product price," not the actual text or values on the page). That selector template is sent to lumabyte.com and stored in a public, shared repository, the same repository that other Community users query when they land on the same kind of page.

Exactly what is transmitted

  • URL host - e.g. example.com
  • URL path - e.g. /products/item
  • The selector template - a JSON structure of CSS selectors

What is stripped before transmission

  • Query strings and URL fragments (so no ?token=, no #user-123)
  • Page content, form values, and any user-typed input
  • Cookies, local storage, session tokens
  • Your IP address and any personal identifiers

Why this matters and why we still do it

Domain + path is usually not sensitive for public web pages (e.g., amazon.com/gp/your-account). It can be sensitive for private or intranet URLs. If you work with URLs that reveal proprietary paths, internal tooling hostnames, or anything you wouldn't want in a public database, do not use Community tier for those sessions; use Pro or Enterprise, which keep all templates strictly on your machine.

We do it because crowdsourced templates are what make automation against the modern, randomized-CSS web tractable for everyone. The tradeoff is explicit and opt-out-able by upgrading.

How to see or remove your templates

Templates are keyed by domain + path, not by user. Because there's no user identifier attached, we can't locate "your" templates on request. You can, however, request that templates for a specific host + path combination be removed from the public repository; email us at the address in Section 12 with the exact URL pattern.

5. How we use your data

We use the data in Section 3 for a short and specific list of purposes:

  • Delivering the service - issuing license keys, processing subscription payments, serving installer downloads and updates, operating the template repository.
  • Keeping the software working - understanding how many installs are active and which versions and platforms are in use so we can plan releases and support.
  • Billing and receipts - sending payment confirmations and renewal notices.
  • Abuse prevention and security - detecting attempts to overwhelm our infrastructure or misuse the template repository.
  • Product outreach - contacting waitlist signups when the tier they asked about becomes available (only if they opted in).
  • Legal compliance - responding to lawful requests and enforcing our Terms of Service.

We do not sell your personal data, and we do not share it with advertisers.

6. Third parties we rely on

A handful of service providers process data on our behalf. We pick them specifically because their privacy posture matches ours.

ProviderWhat they handleLink
Stripe Payment processing, subscription management, customer portal. Your card details go directly to Stripe; we never see or store them. stripe.com/privacy
Keygen.sh License-key issuance, activation, and revocation. Account slug lumabyte-com. Stores your email, license metadata, and the activated machine fingerprint (see Section 3). The fingerprint is linked to your account inside Keygen; it is not anonymous. keygen.sh/legal/privacy

We previously used PostHog (product analytics) and Sentry (crash reporting). Both have been removed entirely, from the LumaBrowser application and from the lumabyte.com website. We no longer send data to either.

LLM providers you configure (Anthropic, OpenAI, local models, etc.) are not our processors; they are your processors. You bring your own API keys and your prompts go directly from your LumaBrowser instance to them. Their privacy terms govern that relationship.

7. Data retention

  • Billing records - kept as long as your subscription is active plus the time needed for accounting, tax, and legal obligations (typically 7 years).
  • License data - kept for the lifetime of the license plus a short buffer for customer-support continuity.
  • App version check-in - check-in records (tier, version, platform, machine identifier, last-seen time) are kept only as long as needed for active-install counts and version/platform trend analysis.
  • Template repository - retained indefinitely, since it's a shared resource. Entries can be removed on request.
  • Server logs - rotated and purged on a short timeline (typically 30 days) except where retained for security investigation.
  • Waitlist submissions - kept until the tier launches and outreach is complete, or on request for removal.

8. Your rights

Depending on where you live, you may have some or all of the following rights over the personal data we hold about you:

  • Access - ask what we have.
  • Correction - ask us to fix inaccuracies.
  • Deletion - ask us to erase your data (subject to legal retention obligations).
  • Portability - get a copy in a portable format.
  • Objection / restriction - object to or restrict certain processing.
  • Withdraw consent - where processing is based on consent.

To exercise any of these, email us (see Section 12). We'll respond within a reasonable time, typically 30 days. If you're in the European Economic Area, the UK, or a US state with a comprehensive privacy law (e.g., CCPA/CPRA in California, VCDPA in Virginia, CPA in Colorado), you also have the right to lodge a complaint with your local supervisory authority.

Do Not Sell / Do Not Share (California): We do not sell personal information and do not share it for cross-context behavioral advertising. There is nothing to opt out of on that front.

9. Children's data

LumaBrowser is built for developers and is not directed at children under 13 (or under 16 in jurisdictions where that's the applicable age). We do not knowingly collect personal data from children. If you believe a child has submitted information to us, contact us and we'll delete it.

10. International transfers

Lumabyte, LLC operates from the United States. Our service providers are also primarily US-based. If you use LumaBrowser or lumabyte.com from outside the US, your data will be transferred to, processed in, and stored in the United States. Where applicable, we rely on Standard Contractual Clauses or equivalent safeguards for transfers from the EEA, UK, or Switzerland.

11. Changes to this policy

We'll update this page when our practices change. The "Last updated" date at the top always reflects the most recent revision. For material changes, we'll post a notice on the site and, for active paid subscribers, email you before the change takes effect.

12. Contact

For any privacy question, data-rights request, or template-removal request:

Lumabyte, LLC
Email: [email protected]
Web: lumabyte.com

For contractual terms, see /terms.