Privacy Policy

Effective Date: March 4, 2026

Company Name: Lucentum LLC

Contact Email: contact@lucentum.us

Phone: 210-801-9315

Address: [Insert Business Address]

Lucentum LLC ("Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and related services (collectively, the "Service").

By using the Service, you consent to the practices described in this Privacy Policy.

1. Information We Collect

We may collect the following categories of information:

A. Personal Information

• Name
• Email address
• Phone number
• Business name
• Account login credentials

B. Healthcare and Insurance Information

If you use the Service for healthcare-related workflows, we may collect:

• Patient name
• Date of birth
• Insurance member ID
• Coverage details
• Visit notes
• Claims data
• Uploaded insurance card images

You are responsible for ensuring you have legal authority to submit any patient information into the Service.

C. Payment Information

Payments may be processed through third-party providers (e.g., Stripe). We do not store full credit card numbers on our servers.

We may collect:

• Billing address
• Subscription status
• Transaction history

D. Device & Usage Data

We may automatically collect:

• IP address
• Device type
• Operating system
• App version
• Usage logs
• Crash reports

This data helps us improve performance and reliability.

E. AI-Generated Content

If you use AI-powered features:

• Inputs submitted to AI
• Generated responses

You are responsible for reviewing and validating AI outputs.

2. How We Use Information

We use collected information to:

• Provide and operate the Service
• Process eligibility checks and claims
• Facilitate subscriptions and payments
• Improve product functionality
• Communicate with users
• Provide customer support
• Prevent fraud and abuse
• Comply with legal obligations

3. Healthcare Compliance (HIPAA)

If the Service is used to process Protected Health Information (PHI):

• We implement reasonable administrative, physical, and technical safeguards.
• We may enter into Business Associate Agreements (BAAs) where applicable.
• Users remain responsible for lawful handling of PHI.

The Service does not replace professional medical, legal, or billing advice.

4. Sharing of Information

We may share information with:

A. Service Providers

Including:

• Payment processors
• Insurance clearinghouses
• Cloud hosting providers
• Communication providers (e.g., SMS, email)
• AI infrastructure providers

These providers are contractually obligated to protect data.

B. Legal Requirements

We may disclose information:

• To comply with law
• To respond to court orders
• To protect our rights
• To prevent fraud or harm

C. Business Transfers

If Lucentum LLC is involved in a merger, acquisition, or asset sale, user information may be transferred.

5. Data Retention

We retain information as long as necessary to:

• Provide services
• Meet legal requirements
• Resolve disputes
• Enforce agreements

You may request account deletion, subject to legal retention requirements.

6. Data Security

We implement reasonable security measures including:

• Encrypted connections (HTTPS)
• Secure cloud infrastructure
• Role-based access controls

However, no system is completely secure. Use of the Service is at your own risk.

7. Your Rights

Depending on your location, you may have rights to:

• Access your data
• Correct inaccuracies
• Request deletion
• Request data export
• Withdraw consent

To exercise these rights, contact contact@lucentum.us.

8. Children's Privacy

The Service is not intended for individuals under 18.

We do not knowingly collect information directly from minors.

9. Cookies and Tracking

We may use:

• Session cookies
• Authentication cookies
• Analytics tools

You can adjust browser settings to disable cookies, though some features may not function properly.

10. Third-Party Links

The Service may link to third-party sites.

We are not responsible for the privacy practices of external websites.

11. App Store Compliance (Apple & Google)

We:

• Do not sell personal data.
• Only collect data necessary to operate the Service.
• Allow users to request account deletion.
• Comply with platform data safety requirements.

12. Changes to This Policy

We may update this Privacy Policy periodically.

Continued use after changes constitutes acceptance.

13. Contact Information

Lucentum LLC

210-801-9315

contact@lucentum.us

Data Processing Addendum (DPA)

This Data Processing Addendum ("DPA") forms part of the Terms and Conditions between Lucentum LLC ("Processor") and the user or organization ("Controller").

1. Scope

This DPA applies where Lucentum LLC processes personal data on behalf of the Controller in connection with use of the Service.

The Controller determines the purposes and means of processing. Lucentum LLC acts solely as a Processor.

2. Categories of Data Processed

Processor may process:

• Account holder information
• Patient demographic information
• Insurance and claims information
• Uploaded documents
• Visit notes
• Payment transaction data
• Usage and log data

3. Purpose of Processing

Personal data is processed only to:

• Provide the Service
• Perform eligibility checks
• Submit and track claims
• Facilitate billing
• Maintain system functionality
• Provide support

Processor will not process data for unrelated purposes.

4. Confidentiality

Processor ensures that:

• Personnel with access to data are bound by confidentiality obligations.
• Access is limited to those with legitimate business need.

5. Security Measures

Processor implements reasonable safeguards including:

• Encrypted transmission (HTTPS/TLS)
• Access control and authentication
• Role-based permissions
• Secure cloud hosting
• Audit logging

No system is completely secure, but commercially reasonable measures are maintained.

6. Subprocessors

Processor may use subprocessors including:

• Cloud hosting providers
• Payment processors
• Insurance clearinghouses
• Communication service providers
• AI infrastructure providers

Processor ensures subprocessors are bound by data protection obligations.

7. Data Subject Rights

Processor will assist Controller in responding to:

• Access requests
• Correction requests
• Deletion requests
• Data export requests

Requests should be submitted to contact@lucentum.us.

8. Data Retention and Deletion

Upon termination of services:

• Controller may request export of data.
• Processor will delete data after a reasonable retention period unless legally required to retain it.

Healthcare records may be subject to statutory retention requirements.

9. Breach Notification

Processor will notify Controller without undue delay upon discovering a confirmed data breach affecting personal data.

10. Governing Law

This DPA is governed by the laws of the State of Texas.

Delete My Account Policy

This section is intended to comply with Apple App Store and Google Play requirements.

How to Request Account Deletion

Users may request account deletion in one of the following ways:

• Through the in-app "Delete Account" option (if available)
• By emailing contact@lucentum.us
• By calling 210-801-9315

Requests must come from the account email address or include sufficient verification.

What Happens When You Delete Your Account

Upon verified deletion request:

• Account access will be permanently disabled.
• Personal data will be deleted from active systems.
• Subscription billing will be canceled.

What May Be Retained

Certain data may be retained if required by law, including:

• Financial transaction records
• Compliance records
• Healthcare documentation subject to retention requirements
• Fraud prevention logs

Retained data will not be used for marketing.

Processing Timeline

Deletion requests are typically processed within 30 days.

Google Play Data Safety Summary

Below is language you can use when completing the Google Play Data Safety form.

Data Collected

The app may collect:

• Personal information (name, email, phone)
• Health-related information (patient demographics, insurance data)
• Financial information (billing status, subscription data)
• User-generated content (visit notes, uploads)
• Device and usage data

Data Sharing

Data may be shared with:

• Payment processors
• Insurance clearinghouses
• Cloud hosting providers
• Communication service providers
• AI infrastructure providers

We do not sell personal data.

Data Security Practices

We implement:

• Encrypted data in transit
• Access controls
• Authentication safeguards
• Secure infrastructure

Data Deletion

Users can request deletion:

• In-app
• Via email at contact@lucentum.us

Deletion requests are processed within 30 days, subject to legal retention requirements.

Data Use

Collected data is used solely to:

• Provide core functionality
• Process eligibility and claims
• Enable subscriptions
• Improve performance
• Prevent fraud