Privacy Policy

Last updated: [EFFECTIVE DATE]

1. Data We Collect

We collect the following categories of personal data:

  • Account data: Email address and password (hashed) when you register for an account.
  • Subscription data: Subscription status and plan type, synced from our payment processor Paddle. We do not store payment card details — these are handled entirely by Paddle.
  • Usage data: Pages visited, features used, and interaction data collected via Google Analytics (where consent is given).
  • Technical data: IP address, browser type, device type, and referring URL, collected automatically when you use the Service.
  • Cookie data: See Section 6 below.

We do not collect sensitive personal data such as financial information, health data, or government identifiers.

1a. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These include encrypted data transmission (HTTPS), hashed password storage, access controls limiting who can access personal data, and use of reputable infrastructure providers with their own security certifications. No method of transmission over the internet is completely secure, and we cannot guarantee absolute security, but we take our obligations under UK GDPR seriously and review our security practices regularly.

1b. Children's Privacy

Lucent is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. Users must be at least 16 to create a free account and at least 18 to purchase a Pro subscription, as set out in our Terms of Service. If you believe a child under 13 has provided us with personal data, please contact us at [YOUR EMAIL] and we will delete it promptly.

2. How We Use Your Data

We use your personal data to:

  • Provide and maintain the Service, including managing your account and subscription
  • Process payments and manage billing in conjunction with Paddle
  • Send transactional emails such as account confirmations and subscription receipts
  • Analyse usage patterns to improve the Service
  • Comply with legal obligations
  • Serve relevant advertising to free-tier users (where consent is given)

3. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract: Processing necessary to provide the Service and fulfil your subscription.
  • Legitimate interests: Security, fraud prevention, and improving the Service.
  • Consent: Analytics and advertising cookies, where you have given explicit consent via our cookie consent banner.
  • Legal obligation: Where we are required to process data to comply with applicable law.

4. Third-Party Services

We use the following third-party services which may process your personal data:

5. Cookies

We use cookies and similar tracking technologies on this Service. Cookies are small text files stored on your device. We use the following categories of cookies:

  • Strictly necessary: Required for the Service to function, including authentication and session management. These cannot be disabled.
  • Analytics: Google Analytics cookies used to understand how visitors interact with the Service. Only set with your consent.
  • Advertising: Google AdSense cookies used to serve relevant ads to free-tier users. Only set with your consent.

You can manage your cookie preferences at any time via the cookie settings banner. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal. Our use of cookies is governed by the Privacy and Electronic Communications Regulations 2003 (PECR) as well as UK GDPR.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or tax compliance purposes. Anonymised usage data may be retained indefinitely.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data in certain circumstances.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at [YOUR EMAIL]. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. International Data Transfers

Some of our third-party service providers may process data outside the UK or EEA. Where this occurs, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the UK Information Commissioner's Office.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. The updated policy will be effective from the date shown at the top of this page.

10. Contact

Lucent is operated by [YOUR FULL LEGAL NAME], trading as Lucent, a sole trader based at [YOUR ADDRESS LINE 1], [YOUR TOWN/CITY], [YOUR POSTCODE], United Kingdom. We are the data controller for personal data collected through this Service.

Contact us regarding privacy matters at [YOUR EMAIL].