Privacy Policy

Last updated: 2026-05-12

1. What we collect

When you create an account, we store:

• Email address — used only to identify your account and send transactional notices (password reset, account security).
• Password — stored as a one-way scrypt hash; we never see or store your raw password.
• API key — auto-generated per account, used to authenticate API calls.
• Usage records — timestamps and metadata of the videos you generate, used to enforce your plan's monthly quota and for billing.
• Brief content + uploaded images — the inputs you submit to generate videos; stored on our servers to run the pipeline and persist your work.

2. Where your data lives

Data is stored on servers hosted by Alibaba Cloud in Hong Kong. We do not transfer data to mainland China, the EU, or the United States. If you are accessing Lumina.AI from those regions, please be aware that your data crosses borders for processing.

3. What we don't do

• We do not sell your data to anyone.
• We do not run third-party advertising trackers.
• We do not use your brief content to train AI models (the AI models we call are provided by upstream vendors — see section 4).

4. Third parties we send your data to

To generate videos, Lumina.AI calls one external service:

• LibTV (liblib.tv) — image-to-video provider. We send your product image and the per-shot prompt; LibTV returns an MP4 URL. We do not pass your email or account identifiers to LibTV. Subject to LibTV's own privacy policy.

Screenplay generation (turning your brief into shot prompts) runs entirely on our servers using a deterministic template engine — no LLM call is made, no data leaves our host for this step.

5. Your rights

• Access: see what we hold by signing in; the Account page shows your profile, usage, and API key.
• Delete: delete your account from the Account page. This removes your email, password hash, API key, and usage records permanently within 30 days. Generated videos in your storage are also deleted.
• Correct: change your email by contacting us.
• Export: request a copy of your data; we'll send a JSON archive within 30 days.

6. Cookies

We use one functional cookie / localStorage entry (lum_api_key) to keep you signed in. We do not use tracking cookies, third-party cookies, or analytics cookies.

7. Security

All traffic to gexdrco.cn is HTTPS-only with HSTS enforced. Passwords are scrypt-hashed. The server is hardened with rate limits on auth endpoints, content security policies, and a non-root container runtime. Backups are taken daily; we are working on off-site backup replication.

8. Children

Lumina.AI is not directed at children under 13 and we do not knowingly collect data from anyone under 13.

9. Changes

If we change this policy materially, we will email you (we don't have anywhere else to reach you). Continued use after a change means acceptance.

10. Contact

Email sicotasinc.marketing@gmail.com with any privacy question or to exercise your rights.

← Back to Lumina.AI