Plain-English summary. Lumi was built to be private by default. We do not ask for your name, email, phone number, or any social profile. We do not show advertising. We do not sell or rent any data. The text of letters you write is sent to Google’s Gemini AI for moderation before it can reach another person, and that is the only third-party processing we do beyond hosting on Google Firebase. You can delete your account and all of your data from inside the app at any time.
The detailed policy below explains exactly what we collect, why, and your rights under GDPR, CCPA, and other privacy laws.
1. Who we are
Lumi is operated by teaseCO, LLC (“teaseCO,” “we,” “us,” “our”).
- Registered address: 30 N Gould ST, STE R, Sheridan, Wyoming 82801, United States
- Contact for privacy questions: info@tease.tr
If you are located in the European Economic Area, the United Kingdom, or Switzerland, teaseCO, LLC is the data controller for your personal information processed in connection with the Lumi app and lumi.tease.tr website.
2. What this policy covers
This policy describes how we collect, use, share, retain, and protect data when you:
- Install and use the Lumi iOS app (including the Apple Watch companion and home-screen widgets), or
- Visit the lumi.tease.tr website.
It does not cover third-party services we link to (such as the Apple App Store).
3. Data we collect
Lumi is anonymous by design. We do not collect, ask for, or accept your real name, email address, phone number, social media handles, contacts list, location data, photos, or browsing history.
We do collect the following operational data, all tied to a randomly generated, anonymous identifier created by Apple’s Firebase Authentication service when you first open the app:
| Category | Specific data | Why |
|---|---|---|
| Anonymous user ID | A random string generated by Firebase Anonymous Authentication. | Routes letters and saves your Vault. We have no way to link this to you in the real world. |
| Letter content | The text of each letter you write or save. | To deliver letters, populate your Vault, and run moderation. |
| Mood selection | Playful, Peaceful, Motivating, Romantic, or “let the wind decide.” | To match incoming letters to your preferences. |
| Notification preferences | On/off, frequency, time-of-day periods, mood opt-ins. | To deliver notifications you actually want. |
| Push notification token | An Apple Push Notification service (APNs) device token, stored as a Firebase Cloud Messaging (FCM) token. | To deliver push notifications. |
| Device language and timezone | Your iOS locale and timezone. | To localize the app and schedule notifications at sensible local hours. |
| Pair connections | A pairing code, the anonymous IDs of paired users, and a private nickname (visible only to you). | To enable private 1-to-1 messaging. |
| Reports filed | When you tap “report” on a letter — the letter ID, your anonymous ID, and the reason. | To remove objectionable content. |
| Strikes and ban status | Counters tracking moderation events on your account. | To enforce content rules. |
| Sensitive Days marker | A simple flag if you turn on Soft Mode for a given day. | To deliver gentler messages on those days. |
We do not collect: contact lists, location, calendar, photos, microphone, browsing history, advertising identifiers, IP address (beyond ephemeral request logs that are not retained beyond seven days), device identifiers (IDFA, IDFV), biometrics, or anything that could re-identify you.
4. Where data is processed and stored
The Lumi backend runs on Google Cloud Platform — specifically:
- Firebase Authentication for the anonymous user ID
- Cloud Firestore (region
eur3, Europe) for messages, user records, vaults, pairs, and reports - Cloud Functions (region
europe-west1) for moderation, message routing, and scheduled notifications - Firebase Cloud Messaging for push delivery
Letter text passes through the Google Gemini API for automated moderation before delivery. Per Google’s Generative AI API Terms, API requests to Gemini are not used to train Google’s models and are not stored beyond the time required to return a response.
Push notifications are delivered through Apple’s Push Notification service (APNs).
The website lumi.tease.tr is hosted on a server we operate, fronted by Cloudflare for DNS and TLS.
If you are in the European Economic Area, your data may be transferred to and processed in countries outside the EEA (specifically the United States, where Google’s processing infrastructure is located). These transfers are covered by the EU-US Data Privacy Framework and Google’s Standard Contractual Clauses.
5. Why we process your data (legal basis)
Under GDPR, our legal basis for each processing activity is:
| Activity | Legal basis |
|---|---|
| Creating an anonymous account so you can use the app | Contract (Art. 6(1)(b)) — necessary to provide the service |
| Delivering letters, vault, pairs | Contract (Art. 6(1)(b)) |
| Moderation of letter text | Legitimate interest (Art. 6(1)(f)) — protecting all users from objectionable content |
| Sending push notifications | Consent (Art. 6(1)(a)) — you opt in via the system permission and our settings |
| Strikes and bans for violations | Legitimate interest (Art. 6(1)(f)) |
| Account deletion | Legal obligation / your right (Art. 17) |
We do not process any special categories of data (health, religion, sexual orientation, etc.) — Lumi never asks for these.
6. Sharing
We share data only with the operational service providers listed in section 4 (Google, Apple, Cloudflare). We have data processing agreements with each that limit them to processing your data on our instructions.
We do not share data with: advertisers, data brokers, analytics companies, social platforms, or any third party for marketing purposes. We do not sell, lease, or rent any data. We do not engage in cross-context behavioural advertising.
If we are ever compelled by valid legal process (subpoena, court order) to disclose specific data, we will resist where appropriate, notify you where legally permissible, and disclose only the narrow set of records demanded.
7. How long we keep data
| Data | Retention |
|---|---|
| Active user account (anonymous ID, preferences, vault, pairs) | Until you delete the account |
| Letters in transit (status: pending) | 7 days, after which they expire automatically |
| Approved letters in the public pool | Indefinitely, but no longer linked to a deleted account |
| Reports | 90 days, then deleted |
| Cloud Functions request logs | 7 days |
| Cloudflare access logs | Up to 7 days, deleted automatically |
When you delete your account (see section 9), all of the above are erased immediately, except previously-delivered letters in the public pool, which are anonymized (your sender ID is replaced with deleted) and remain visible to recipients who saved them.
8. Your rights
If you are in the European Economic Area, the United Kingdom, Switzerland, or California, you have the following rights regarding your data:
- Access — Ask for a copy of the data we hold about you.
- Rectification — Ask us to correct inaccurate data.
- Erasure (“right to be forgotten”) — Ask us to delete your data. The in-app Deactivate Account button does this immediately. You can also email info@tease.tr.
- Restriction — Ask us to limit how we process your data.
- Portability — Ask us to provide your data in a machine-readable format.
- Objection — Object to processing based on legitimate interests.
- Withdraw consent — At any time, for processing based on consent (e.g., turn off push notifications in Settings).
- Lodge a complaint — With your local data protection authority. For EU residents, a list is available at edpb.europa.eu.
If you are a California resident, you additionally have the rights granted by the California Consumer Privacy Act (CCPA) and CPRA, including the right to know what personal information we have collected, the right to delete it, the right to opt out of sale or sharing (we do neither), and the right to non-discrimination.
To exercise any of these rights, write to info@tease.tr. Because Lumi is anonymous, we may need you to provide the anonymous ID you can see in Settings → About to identify your account.
9. Account deletion
You can delete your account at any time, directly from inside the app:
- Open Lumi
- Settings → Account → Deactivate Account
- Confirm
This triggers a Cloud Function that, within seconds, erases:
- Your user document
- Your Vault
- Your saved messages
- Your notification preferences and FCM token
- Your pair connections (the other side of each pair is also notified)
- Your reports
- Your Firebase anonymous identity itself
Letters you sent that have already been delivered to other people remain visible to those recipients, but with your identifier permanently replaced by deleted so they cannot be linked back to you.
There is no waiting period and no reactivation flow — once you delete, the data is gone. Re-installing the app will create a fresh anonymous identity.
10. Children
Lumi is not directed to children under 13. We do not knowingly collect personal information from anyone under that age. If you believe a child has provided data to us, write to info@tease.tr and we will delete it.
This policy is intended to comply with COPPA (US, under 13), the GDPR rules on children’s data (under 16 in some EU member states), and similar children-protection statutes worldwide.
11. Security
- All data in transit between the app and our backend is encrypted using TLS.
- Data at rest in Cloud Firestore is encrypted by Google’s infrastructure.
- Access to production data is restricted to a small number of teaseCO team members and is audited.
- We do not store passwords, since there are no passwords (Lumi uses anonymous authentication).
No system is perfectly secure. If we ever discover a security incident affecting your data, we will notify you and the relevant authorities within 72 hours where required by GDPR.
12. Cookies
The Lumi iOS app does not use cookies (cookies are a web concept).
The lumi.tease.tr website does not use any tracking, advertising, or analytics cookies. See our Cookie Policy for the full list (it is short).
13. Changes to this policy
We may update this policy when our service changes. The “Last updated” date at the top will reflect the most recent revision. For material changes, we will surface a notice in the app before the change takes effect.
14. Governing law
This policy and any disputes arising under it are governed by the laws of Wyoming, United States, without regard to conflict-of-laws rules.
15. Contact
For privacy questions, requests, or complaints:
- Email: info@tease.tr
- Postal: teaseCO, LLC, 30 N Gould ST, STE R, Sheridan, WY 82801, USA
We will respond to verifiable requests within thirty (30) days as required by law.