Privacy Policy

Last updated: February 21, 2026

Information We Collect

LumaSleep collects minimal data to provide you with a great experience. This includes:

  • Account information — email address and authentication credentials when you create an account.
  • App preferences — sound selections, playlists, bedtime settings, and onboarding choices, stored to personalize your experience.
  • Sleep data — if you opt in, we access sleep stage data from Apple Health (iOS) or Health Connect (Android) to display sleep insights within the app.
  • AI-generated content — text prompts you submit for AI sound generation are sent to our backend server for processing.
  • Subscription status — managed securely through Apple App Store or Google Play Store via RevenueCat.

How We Use Your Data

Your data is used solely to personalize your experience within the app. Specifically:

  • We use your preferences to remember your sound selections and playlists.
  • We use sleep data to compute your sleep score and display trends and insights.
  • We use AI prompts to generate custom soundscapes via our backend service.
  • We do not sell or share your personal data with third parties for advertising purposes.

Data Storage & Security

Your preferences and settings are stored locally on your device and synced to your account via Supabase (a secure, hosted database). AI-generated sound files are saved locally on your device.

We use industry-standard security measures including encrypted connections (HTTPS/TLS), row-level security on database tables, and secure authentication via Supabase Auth.

Third-Party Services

LumaSleep integrates with the following third-party services, each governed by its own privacy policy:

  • Apple Health / Health Connect — for sleep tracking (opt-in only). Data stays on your device unless you enable sync.
  • Supabase — for user authentication and cloud data storage.
  • ElevenLabs — for AI-powered sound generation. Your text prompts are sent to their API.
  • RevenueCat — for subscription and purchase management.
  • Freesound.org — for sourcing ambient sound previews (no user data is shared).
  • Unsplash — for artwork images (no user data is shared).
  • Google Sign-In / Apple Sign-In — for OAuth authentication.

Your Rights

You have the right to:

  • Access, correct, or delete your account and associated data at any time.
  • Revoke health data permissions through your device settings.
  • Delete all local data by uninstalling the app.
  • Request a copy of your data or account deletion by contacting us.

For data requests, contact us at support@lumasleep.ai.

Children's Privacy

LumaSleep is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of the app after changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.

Contact

If you have questions about this Privacy Policy, please contact us at support@lumasleep.ai.