Features Pricing FAQ Help Center Get Started

Privacy Policy

How Lumo collects, uses, stores, shares, and protects your data

Effective date: March 18, 2026

1. Overview

Lumo ("we", "our", or "us") provides (a) a Chrome browser extension and (b) the Lumo Mobile Android application that automate USD-exchange bank transfers for merchants on the ZAAD portal (mymerchant.telesom.com). This Privacy Policy explains what information we collect, how we use and process it, where it is stored, which third parties may receive it, and your rights as a user.

By installing and using the Lumo extension or the Lumo Mobile app you agree to the practices described in this policy. If you do not agree, please uninstall the extension and/or app.

2. Data We Collect

The table below lists every category of data Lumo touches, where it is stored, and whether it is ever transmitted to our servers.

Data Type Where Stored Sent to Servers? Purpose
ZAAD portal credentials (username & PIN) Device only Never Auto-fill login on the ZAAD portal
Bank account number & transfer settings Device only Never Configure the automated transfer
Phone number (used as account ID) Supabase Yes — at sign-up & login Identify your account; license management
License key & subscription status Supabase Yes — at validation Verify an active paid subscription
Transfer logs (amount, timestamp, status) Supabase Yes — per transfer Audit trail & support diagnostics
Payment reference (ZAAD/EVC+ transaction ID) Supabase Yes — at purchase Confirm payment; issue refunds
Password-reset / SMS OTP metadata (phone number; hashed OTP or expiry on server) Supabase + SMS provider Yes — when you request reset Deliver one-time code; prevent abuse of reset flow
Optional AI assistance (limited portal page–derived data for balance/errors/flow) Supabase Edge Functions Yes — only if you use the feature Automation assistance on the ZAAD portal; not used for ads
Browsing data from other websites Not collected Never N/A — Lumo only runs on mymerchant.telesom.com
Credit card or banking credentials Not collected Never N/A — payments are via mobile money only

3. How We Handle and Use Your Data

This section ties together collection, processing, storage, retention, and recipients for each major feature. Section 2 lists categories in a summary table; here we explain how each permission and network call maps to a purpose.

Account authentication and license

Collection: Phone number and password you provide at sign-up or sign-in.

Use: We use Supabase Auth to create and verify your session. License validation runs over HTTPS to confirm an active subscription.

Storage: Account fields are stored in Supabase (see Section 5). All API traffic uses TLS (HTTPS).

Retention / deletion: See Section 9; you may request account deletion by contacting us.

Recipients: Supabase (infrastructure). See Section 8.

Transfer logs and diagnostics

Collection: When automated transfers run, summary details (e.g. amount, destination account last digits, timestamp, status) may be sent to our backend.

Use: Audit trail, support, and troubleshooting.

Storage: Supabase database.

Recipients: Supabase only, as described in this policy.

Password reset (SMS OTP)

Collection: Phone number when you request a password reset.

Use: A Supabase Edge Function (reset-password or equivalent) issues a one-time code and coordinates SMS delivery.

Storage: OTP-related metadata (e.g. hashed code, expiry) may be stored server-side to limit abuse; passwords are not stored in plain text.

Recipients: Twilio receives your phone number and the OTP message content solely to deliver the SMS. See Section 8 and Twilio's privacy policy.

Optional AI assistance (Chrome extension on the ZAAD portal)

Collection: If you use optional AI-assisted features while on mymerchant.telesom.com, limited portal-derived data (e.g. simplified page structure or text needed to interpret balance, errors, or UI flow) may be sent to our backend.

Use: Automation assistance only (e.g. guidance or selector help). We do not use this data for advertising or to sell your information.

Storage / transport: Requests go to our Supabase project over HTTPS, typically via Edge Functions such as /functions/v1/ai-assist, using your authenticated Supabase session. Limited logging may occur for security and support.

Recipients: Supabase infrastructure; any sub-processors used for AI are engaged only by us under contract and not for unrelated marketing.

ZAAD portal credentials and transfer settings

Collection: Data you enter in the extension (credentials, bank account, transfer options).

Use: Auto-fill and automation on the ZAAD portal only.

Storage: Encrypted on your device (Section 4). Not transmitted to Lumo servers.

Recipients: None from Lumo — only your browser interacts with the portal as you direct.

4. Local Credential Storage

Sensitive merchant data (ZAAD credentials, bank account details, transfer settings) is kept on your devices as described below. It is never uploaded to Lumo's servers.

4.1 Chrome extension

Your ZAAD portal credentials (username and PIN) and related settings are stored only on the device where you install the extension using Chrome's chrome.storage.local API. They are encrypted before being written to storage and are never transmitted to Lumo's servers or any third party except as you use them locally to interact with the ZAAD portal.

Encryption specification (Chrome extension)

  • Algorithm: AES-256-GCM (authenticated encryption)
  • Key derivation: PBKDF2 with SHA-256, 100,000 iterations
  • Salt: 16 bytes, cryptographically random, stored alongside the ciphertext
  • IV (Initialization Vector): 12 bytes, cryptographically random per encryption operation
  • Master key seed: derived from a device-unique identifier; never leaves the device

In plain English: Even if someone obtained the raw data from Chrome's local storage, they could not recover your credentials without your device-specific key. We cannot decrypt your credentials even if we wanted to — the key never leaves your device.

4.2 Lumo Mobile (Android)

The Lumo Mobile app stores sign-in preferences, encrypted credentials, and app settings on your Android device using the platform's secure storage mechanisms. Credentials and PINs used for the ZAAD flow are not transmitted to Lumo-operated servers for storage; they remain on the device for local automation consistent with the app's design. Network calls from the app are used for account authentication, license checks, and operational features — not to upload your portal password to our database.

5. Our Backend (Supabase)

Lumo uses Supabase as its backend database and authentication provider. Supabase is hosted on AWS infrastructure in the US-East region.

Authentication

We register you using a pseudo-email address in the format 252XXXXXXXXXX@lumo.local derived from your phone number. Your real email address is not collected. This pseudo-email is used solely for Supabase's auth system; it is not a functional email address and no email is ever sent to it.

Data stored in Supabase

  • Your phone number (as part of the pseudo-email)
  • License key and subscription expiry date
  • Transfer logs: amount, destination account (last 4 digits only), timestamp, success/failure status
  • Payment transaction references
  • Optional AI usage metrics (e.g. task type, token counts, timestamps) when you use the AI assist feature — associated with your user id for fair-use and cost monitoring

Supabase's own privacy policy applies to data stored on their infrastructure: supabase.com/privacy.

6. Payment Processing

Lumo accepts payments via ZAAD and EVC+ mobile money services only. We do not accept credit cards, debit cards, or any other payment method.

When you make a purchase:

  • Your phone number is used to initiate the mobile money request
  • The transaction reference ID returned by the payment provider is stored in Supabase for confirmation and refund purposes
  • No credit card numbers, bank account numbers, or card verification codes are ever collected

Payment processing is handled through the respective mobile money provider's infrastructure. Their privacy practices govern the payment transaction itself.

7. Chrome & Android Permissions

The Lumo Chrome extension and Lumo Mobile Android app both ask for a small set of permissions so they can function correctly. We request only the minimum permissions required for automation and never for advertising or unrelated tracking.

7.1 Chrome extension permissions

The Lumo extension requests the following permissions. The table explains exactly why each permission is needed.

Permission Why It Is Required
storage Saves your encrypted credentials, transfer settings, and license cache to chrome.storage.local on your device.
alarms Schedules periodic checks (e.g., session keep-alive, balance polling) without needing a persistent background page.
tabs Detects when you navigate to the ZAAD portal tab so the extension can inject the automation script at the right moment.
notifications Shows a desktop notification when a transfer completes successfully or fails, so you stay informed without watching the tab.
host_permissions: https://mymerchant.telesom.com/* Lets the extension run a content script on the ZAAD merchant portal only, so Lumo can automate transfers and (if enabled) optional AI assistance on that site. Lumo does not inject scripts into unrelated websites.
host_permissions: https://qlwkfsfasiicnocxqlsa.supabase.co/* Required so the extension and background service worker can call our backend over HTTPS: Supabase Auth (login), license validation, transfer logging, Edge Functions (e.g. password reset SMS, ai-assist), and related APIs. No data is sent to this host except for these product features.

Lumo does not request broad host permissions like <all_urls> or access to your browsing history, bookmarks, or any other Chrome API beyond those listed above. The background service worker uses the same declared permissions to schedule tasks (e.g. alarms) and communicate with Supabase when the extension is active.

7.2 Lumo Mobile (Android) permissions

The Lumo Mobile app is designed primarily as a companion to the extension and uses standard Android permissions. Depending on your device and OS version, the app may request some or all of the following:

  • Internet / Network access — to communicate securely with our Supabase backend for authentication and license checks.
  • Foreground / background network access — to keep your account state in sync while you are using the app.
  • Optional notification permission — to show status updates about your account or important operational alerts (if implemented in your version).

The Lumo Mobile app does not request access to your contacts, photos, SMS, call logs, precise location, microphone, or camera.

8. Data Sharing

We do not sell, rent, or share your personal data with advertisers or marketing companies.

Data may be shared only in the following limited circumstances:

  • Supabase — as the infrastructure provider for our backend (database, authentication, Edge Functions, HTTPS API). See Section 5.
  • Twilio — when you use password reset via SMS, your phone number and the OTP message content are shared with Twilio solely to deliver the text message. Twilio processes this as a service provider. See Twilio's privacy policy: twilio.com/legal/privacy.
  • ZAAD / EVC+ — your phone number is sent to the mobile payment provider solely to process your subscription payment
  • Legal obligation — if required by a valid court order or applicable law, we may disclose data to law-enforcement authorities

In all other circumstances, your data stays within the systems described in this policy.

9. Data Retention

Data Type Retention Period
Encrypted credentials & settings (device) Until the extension is uninstalled or you clear Chrome extension data
Account & license data (Supabase) Until you submit a deletion request to us
Transfer logs (Supabase) Until you submit a deletion request to us
Payment transaction references 7 years (required for financial record-keeping under applicable regulations)
Password-reset OTP metadata (server) Short-lived; deleted or invalidated after successful reset or expiry, subject to minimal security logs

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Ask us to correct inaccurate data
  • Deletion: Request that we delete your account and associated data (subject to the retention requirements in Section 9)
  • Portability: Receive your data in a structured, machine-readable format
  • Withdraw consent: Uninstall the extension at any time to stop all local data collection; contact us to delete your Supabase data

To exercise any of these rights, email us at support@lumo.app with the subject line "Data Rights Request".

11. Children's Privacy

Lumo is intended for use by merchants and business operators. It is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at support@lumo.app and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Effective date" at the top of this page. Continued use of Lumo after any changes constitutes acceptance of the updated policy. We recommend reviewing this page periodically.

13. Contact Us

If you have questions about this Privacy Policy or your data, please reach us: