Privacy Policy.

Lane Air is a small product. The data we collect maps directly to four things it does: read your site, generate drafts, schedule posts, and bill you.

1.1 Account data

• Email + Auth0 identifier: when you sign in through Auth0, we store your email and the Auth0 subject claim. We do not store passwords — Auth0 holds them.
• Brand domain: the eTLD+1 of the first URL you paste (e.g. acme.com). Lane Air is one-account-one-brand by design and this field enforces it.
• Timezone: the IANA timezone captured from your browser (e.g. America/Los_Angeles), used to schedule posts at each platform's local best-times.
• Preferences: selected platforms (up to three), business type (B2B / B2C), and whether you want weekly digest emails.
• Activity timestamps: when the account was created and when the last weekly cron ran for it — so the cron doesn't double-fire.

1.2 The URL you paste and what we make from it

• The URL itself, plus the optional objective tag ("Grow audience" / "Generate leads" / "Launch something") and the platforms you picked.
• A brand foundation snapshot — the public content our crawl reads from your site (about page, news, product blurbs, tone signals). We do not crawl login-protected pages.
• The generated drafts — three angles a week, one post per platform per angle, plus the matching image URL. We host generated images on Cloudinary and store only the URL, not the binary, in our database.
• News items we surfaced as candidate angles — small JSON snippets with title, source, and a relevance score. Used to make the drafts relevant; never republished.

1.3 Connected social accounts

• Platform handle and account ID for each connection (LinkedIn, X, Facebook Page, Instagram, Bluesky).
• Encrypted access + refresh tokens(AES-256-GCM, separate encryption key, never logged in plaintext). We rotate refresh tokens whenever the platform issues us a new one — required for X every run.
• Status flags — last successful publish, whether a reconnect is needed, expiry timestamp.

1.4 Billing

• Stripe customer ID + subscription status. We never see or store card numbers; Stripe handles all payment data and ships you the receipts.

1.5 Anonymous paste flow

If you paste a URL before signing in, we hold the resulting run under a one-time token. Anonymous runs are auto-deleted after 24 hours if you don't claim them by signing up; we keep the URL itself, the drafts, and the image URLs during that window so you can come back and finish.

1.6 Automatic technical data

• Operational logs: request paths, response codes, and error traces — for debugging and abuse prevention. No request bodies are logged.
• Cloudflare Turnstile emits a token on the landing page to keep bots out; we don't store the token, only the pass/fail result for the paste call.
• Product analytics (first-party PostHog, when enabled) — anonymous page views and feature-usage events. No third-party ad pixels.

• Account data + Stripe ID — to log you in and bill the subscription.
• Brand domain — to enforce one-brand-per- account so the model output stays on-brand and we don't accidentally let one account juggle multiple companies.
• Pasted URL + brand foundation + drafts — to generate this week's posts, save them to the dashboard, and ship them on schedule.
• Encrypted social tokens — to publish on your behalf at the scheduled time. We only ever use them for the calls you authorised.
• Timezone + best-times preset — to drop scheduled posts at each platform's peak engagement window in your local time.
• Email address — for the optional weekly digest ("Your week's posts are ready"), and for transactional notes like a failed payment. Mutable from /account.

We do not use your pasted URL, brand foundation, or generated drafts to train external AI models. The models read your inputs to produce that week's output; they don't learn from them.

These are the third parties that touch Lane Air data in the course of normal operation. Each receives only the data needed to do its job.

We do not sell, rent, or share Lane Air data with advertisers. The only outbound flows are to the providers above.

• Encryption in transit — TLS on every inbound and outbound request.
• Encryption at rest for sensitive fields — social access and refresh tokens are AES-256-GCM with a separately-held key; the database doesn't see the plaintext.
• Run-level access tokens — anonymous paste runs are gated behind a one-time URL token; only the browser that started the run can read it.
• Brand-domain lock — one account, one brand. A second domain can't be pasted from the same account.
• Plaintext-free logs — we never log access tokens, refresh tokens, or request bodies.

No system is perfectly secure. Review drafts before publish, and disconnect any platform you no longer use from /account.

• Export — email accounts@luminarylane.app and we'll send your account and run history as JSON.
• Correct — most fields are editable from /account (selected platforms, timezone, audience preset, weekly digest opt-in).
• Disconnect — remove any social platform from /account; the encrypted token is purged immediately.
• Cancel — Stripe Customer Portal on /account. Subscription stops at the end of the current billing month.
• Delete — request full account deletion at the email above. We hard-delete your records within 30 days; backups are rotated out within a further 60 days.
• Opt out of analytics — set your browser's "Do Not Track" header; we honor it and skip loading PostHog.

If you're in the EU, UK, or Singapore, the rights above are also yours under GDPR / UK GDPR / PDPA respectively. We respond to access and deletion requests within 30 days.

• Anonymous paste runs — auto-deleted 24 hours after creation if not claimed.
• Claimed runs — kept for the life of the subscription so you can re-open past weeks on /dashboard.
• Scheduled posts — kept until cancelled, published, or 90 days past the scheduled date, whichever comes first.
• Account record — kept while the account is active, plus a 30-day soft window after deletion for accidental-cancel recovery.
• Backups — rotated out on a rolling 90-day schedule.

Lane Air is not intended for users under 13. We don't knowingly collect data from children. If we learn we have, we delete it immediately.

We'll post material updates here and update the "Last updated" date at the top. Significant changes (new sub-processors, scope changes) trigger an email to active subscribers at least 30 days before they take effect.

For privacy questions, requests, or complaints:

• Email: accounts@luminarylane.app
• Address: Lumi5 Labs Pte. Ltd. — Regus, One Fullerton, 1 Fullerton Rd, #02-01, Singapore 049213

Our website is https://air.luminarylane.app.