Notice: These documents are provided to describe how Lumi works and common legal commitments. They are not a substitute for advice from a qualified attorney. You should adapt company name, contact details, and jurisdiction-specific terms for your entity before relying on them in production.
Overview
Lumi uses a small number of trusted third-party service providers (“Sub-processors”) to host and operate the Services. Each provider only Processes Personal Data to the extent necessary to perform the services we have engaged them for, under appropriate data protection agreements.
This page is provided for transparency and may evolve as our infrastructure changes. Replace the examples below with the actual vendors and regions you use in production.
Core infrastructure
- Cloud hosting / compute: e.g., Railway, Vercel, AWS, or similar platform used to run the Lumi web application and APIs.
- Database & storage: e.g., Supabase / Postgres, Neon, or a managed relational database for storing workspace configuration, events, and related metadata.
- Object storage: e.g., S3-compatible storage for hosting event photos and derived assets.
Business operations
- Payments: Paddle, as Merchant of Record, for subscription billing and invoicing.
- Email delivery: e.g., Resend, Postmark, or similar provider for transactional emails (workspace invites, notifications, etc.).
- Authentication: e.g., Clerk, Kinde, or built-in auth provider for login and session management.
- Analytics & monitoring: e.g., Sentry, PostHog, or similar tools used to monitor service health and improve the product.
Changes to this list
We may add or replace Sub-processors over time. Where required by applicable data protection laws or contract, we will provide notice of material changes (for example, via email, in-product notifications, or an update to this page) before a new Sub-processor begins Processing Personal Data.