Back to Lumen

Privacy policy.

Effective · April 22, 2026
At a glance

Lumen is built around one promise: nothing leaves your phone. There is no server to send data to, no account to sign in with, and no analytics. This document spells out what that looks like in practice, both for the iOS app and for this website.

01

The iOS app

No accounts, no cloud

Lumen does not require a sign-in, an email, or any identifier. There is no cloud sync, no backup to our servers, and no server to speak of. We do not have your reading, your questions, your answers, or your browsing activity, because none of it is ever sent to us.

What gets stored on your device

Lumen stores the following inside the app’s sandboxed container:

  • Web page content for pages you engage with (SQLite + FTS5 full-text index)
  • Topic and site classifications
  • LLM-generated summaries at the topic, site, and page levels
  • Sentence embeddings used for semantic search
  • Your answer history for the Ask panel, if you use it

All of the above stays on your device. You can wipe any of it at any time from Settings → Clear Browsing Data inside the app.

Browsing activity

Lumen’s web engine is Apple’s WKWebView, configured with hardened defaults:

  • HTTPS-only upgrades for all navigation
  • Third-party cookies blocked by default
  • Built-in tracker and fingerprint classification via the ThreatDetector module
  • Mixed-content blocking

The site menu on every page shows you the exact number of trackers and ads Lumen scrubbed on that domain.

On-device AI

The language model is mlx-community/Llama-3.2-1B-Instruct-4bit, run through MLX Swift. The model weights, roughly 700 MB, are downloaded from Hugging Face on first launch and cached on-device. After that, inference runs offline. Prompts and answers never leave your phone.

The only network call related to the AI feature is the one-time weight download from Hugging Face. Hugging Face’s privacy policy applies to that single transaction.

Third-party services

Lumen does not include analytics SDKs, crash reporters, A/B testing tools, or marketing pixels. The only third party it contacts for a core feature is Hugging Face, once, for the model weights.

When you browse the web inside Lumen, websites you visit may still set their own cookies, use their own trackers, and record their own logs, as with any browser. Lumen blocks what it can via the ThreatDetector, but it cannot prevent a site from collecting data you submit to it directly.

Your controls

  • Toggle Collect Knowledge off for any specific site from the site menu
  • Clear browsing data from the Browser Settings screen
  • Delete the app, which removes everything Lumen stored on your device
02

This website

The marketing site you are reading is a static Next.js app served by Vercel. It does not set tracking cookies, embed third-party analytics, or collect personal information. There is no newsletter, login, or form that asks for your data.

Vercel’s edge may record basic request logs (IP, timestamp, path) for operational purposes, as described in Vercel’s privacy policy.

03

Your rights

Because we do not collect or store personal data on our servers, there is nothing on our end to export, correct, or delete on your behalf. Your reading, your questions, and your answers live on your phone. The app itself is the only place to exercise control over that data.

If you are in a jurisdiction that grants rights under GDPR, CCPA, or similar frameworks, those rights apply only to data a controller actually holds. In Lumen’s case, that is nothing.

04

Changes

If this policy changes, the effective date above will change and the updated version will be pushed with the app’s next release and on this page. We do not have your contact details, so we cannot email you about changes. Check back occasionally.

05

Contact

Lumen is made by Lux Softworks, an independent team. For privacy questions, open an issue on the GitHub repository or reach out via the channels listed in the README.