Privacy Policy
Effective Date: August 5, 2025
Welcome to LumiAuth, an authenticator app developed by E-Clinics International LLC. Your privacy is important to us. This Privacy Policy explains how we handle your data and protect your personal information.
1. What Information Do We Collect?
LumiAuth is designed to operate primarily on your device with minimal data collection. We collect the following types of information:
App Analytics (Optional)
With your explicit consent, we may collect anonymous usage analytics to help improve app performance and identify potential issues:
- What We Collect: Anonymous app usage data, feature interactions, error reports, and performance metrics
- What We Don't Collect: Personal information, account details, authentication tokens, or any identifiable user data
- Purpose: To improve app functionality, identify bugs, and enhance user experience
- Data Processing: All analytics data is encrypted, anonymized, and contains no personal identifiers
- User Control: You can enable or disable analytics collection in Settings > App Analytics at any time
- Data Retention: Analytics data is retained only for app improvement purposes and is not used for any other purpose
Authentication Data: We do not collect, store, or share any personal authentication information. All account details and tokens remain on your device and are never transmitted to our servers.
2. How Do You Add Accounts?
- Manual Entry: You can manually enter account details such as account name and secret key.
- QR Code: You can scan a QR code provided by your service to add an account easily.
All data entered through either method is stored locally on your device only.
3. Backup and Restore Features
LumiAuth offers optional backup and restore functionality to help you protect your authenticator data:
Google Drive Backup (Android)
- Optional Feature: Google Drive backup is completely optional and requires your explicit consent.
- User Control: You choose when to create, upload, or delete backups.
- Secure Storage: Backup files are encrypted using your Google user ID as the encryption key.
- Data Location: Backup files are stored in your personal Google Drive account, not on our servers.
- Access Control: Only you can access your backup files through your Google account.
iCloud Backup (iOS)
- Optional Feature: iCloud backup is completely optional and requires your explicit consent.
- User Control: You choose when to create, upload, or delete backups.
- Secure Storage: Backup files are encrypted using your Apple user identifier as the encryption key.
- Data Location: Backup files are stored in your personal iCloud account, not on our servers.
- Access Control: Only you can access your backup files through your Apple account.
Local Backup
- Device Storage: You can create encrypted local backup files on your device.
- User Control: You choose the location and manage these files.
- Secure Storage: Local backups are encrypted with a passcode you set.
4. Do We Share Your Information?
No. LumiAuth does not send any of your account or authentication data over the internet to our servers. It also does not share your information with anyone — including us.
Backup Data: When you use backup features, your encrypted backup files are stored in your personal cloud accounts (Google Drive or iCloud) or locally on your device. We have no access to these files or their contents.
Analytics Data: If you enable app analytics, anonymous usage data is sent to our secure servers for app improvement purposes only. This data is encrypted, anonymized, and contains no personal information. We do not share this data with third parties.
5. Data Security
Since we do not store or transmit your authentication data, there is no risk of it being leaked from our side. However, we strongly recommend using device-level security features such as screen locks or biometric authentication to keep your authenticator app and your phone secure.
Backup Security: All backup files are encrypted using industry-standard encryption (PBKDF2 key derivation and AES encryption). The encryption keys are derived from your platform-specific user identifiers, ensuring only you can decrypt your backup data.
Analytics Security: All analytics data is encrypted using AES-256 encryption before transmission to our servers. The data is anonymized to remove any potential personal identifiers and is stored securely with access limited to authorized development personnel only.
6. Third-Party Services
LumiAuth integrates with the following third-party services:
Google Drive (Android)
- Purpose: Optional backup and restore functionality
- Data Shared: Only encrypted backup files (we cannot read the contents)
- User Control: You must explicitly sign in to your Google account and grant permission
- Privacy: Google's privacy policy applies to data stored in your Google Drive
iCloud (iOS)
- Purpose: Optional backup and restore functionality
- Data Shared: Only encrypted backup files (we cannot read the contents)
- User Control: You must explicitly sign in to your Apple account and grant permission
- Privacy: Apple's privacy policy applies to data stored in your iCloud
We do not integrate with any advertising or other cloud services beyond those mentioned above.
7. Your Rights and Choices
You have complete control over your data:
- Analytics Control: You can enable or disable app analytics at any time in Settings > App Analytics
- Backup Control: You can choose whether to use backup features and control when backups are created or deleted
- Data Deletion: You can delete all app data by uninstalling the app from your device
- No Tracking: We do not track individual users or create user profiles
8. Changes to This Policy
We may update this Privacy Policy if needed. When we do, we will update the date at the top of this page. We encourage you to check back periodically.
9. Contact Us
Thank you for trusting LumiAuth.