Privacy Policy
Last updated: 29 April 2026
Lumeniq Sales OS («the Service», «we», «our», «us») is a closed-access sales operations platform used by employees of subscribing companies. This Privacy Policy explains what information we receive, how it is used, and how it is protected.
1. Information we collect
We process the following categories of data, only to the extent necessary to provide the Service:
- Account data — full name, work email, role and team, supplied by the customer's administrator at onboarding.
- CRM data — deals, contacts, activities, notes and pipelines, synchronised from the customer's Pipedrive workspace.
- Email data via Google APIs — when a manager voluntarily connects a Gmail mailbox, we access:
- Mailbox metadata and message contents needed to display the inbox and threads inside Lumeniq (
gmail.readonly). - Outgoing messages composed by the manager in Lumeniq, sent on the manager's behalf (
gmail.send). - Read/unread state and labels for messages the manager interacts with in Lumeniq (
gmail.modify).
- Mailbox metadata and message contents needed to display the inbox and threads inside Lumeniq (
- Telegram messages — when integrated, conversations between manager and client used inside the same deal context.
- Usage logs — operational logs (timestamps, request IDs, error traces) used solely to keep the Service reliable and secure.
2. How Google user data is used
Lumeniq Sales OS's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- Email content is shown only to the manager who connected the mailbox and to people authorised by their company administrator within Lumeniq.
- We do not transfer Google user data to third parties for advertising or for any purpose unrelated to providing user-facing features in Lumeniq.
- We do not allow humans to read Google user data unless: (a) the user gave explicit consent for specific messages, (b) it is necessary for security purposes (for example to investigate abuse), (c) it is required for compliance with applicable law, or (d) the data is aggregated and used for internal operations in compliance with applicable privacy and other laws.
- We do not use Google user data to develop, improve, or train generalised AI / ML models. AI features inside Lumeniq operate on the customer's own data within the customer's own deal context.
3. Storage and security
- OAuth tokens are stored in our database with encryption at rest and used only to call Google APIs on behalf of the manager.
- Connections to Google APIs and to Lumeniq use TLS.
- A manager can disconnect a mailbox at any time inside Lumeniq, or revoke access at myaccount.google.com/permissions.
- Data retention follows the customer's contract; on termination, customer data is deleted from the production database within 30 days.
4. Sharing
We do not sell user data. We share data only with sub-processors strictly necessary to operate the Service (cloud hosting, transactional email, error monitoring), under data-processing agreements consistent with this Policy.
5. Your rights
You can request access, correction or deletion of your personal data by writing to dev@lumeniq.net. If your account was created by your employer, please contact your administrator first — they own the customer relationship and are typically able to action requests faster.
6. Changes
We will update the «Last updated» date when this Policy changes. Significant changes will be communicated to administrators of customer accounts.
7. Contact
Questions about this Policy or data handling: dev@lumeniq.net.