Privacy Policy

This Privacy Policy explains how Lumark AI Ltd. ("Lumark", "we", "us") collects, uses, shares, and protects information when you use our marketing automation platform and related services (the "Service").

By using the Service you agree to the practices described here. If you do not agree, do not use the Service.

Account information: name, email, password (hashed), preferred language, and account preferences.

Business profile information: business name, website, social profiles, target audience details, and any content you upload (logos, product images, ad creatives).

Connected platform data: when you connect Facebook, Instagram, Google Ads, TikTok, or other ad platforms, we receive ad account IDs, campaign metadata, and performance metrics through their official APIs.

Payment information: handled by our payment processor (e.g., Stripe). We do not store full card numbers on our servers.

Usage data: pages visited, features used, error reports, and device/browser metadata, collected via first-party analytics.

To provide, operate, and improve the Service, including AI-powered campaign generation and optimization.

To communicate with you about your account, product updates, and support requests.

To enforce our Terms, prevent fraud, and meet legal or regulatory obligations.

We do not sell your personal information.

Ad platforms: we transmit campaign data to Meta, Google, TikTok, and similar platforms strictly to publish and optimize the campaigns you authorize.

Service providers: hosting (e.g., AWS), analytics, error monitoring, and payment processors, each under data-processing agreements.

Legal requirements: we may disclose information if required by law, court order, or to protect rights, safety, or property.

Business transfers: if we are involved in a merger, acquisition, or asset sale, your information may be transferred subject to this Policy.

We retain account and campaign data while your account is active and for up to 30 days after deletion, after which we erase or anonymize it, unless longer retention is required by law.

Aggregated, de-identified analytics data may be retained indefinitely.

Depending on your location, you may have rights to access, correct, delete, or port your personal data, restrict or object to processing, and withdraw consent.

EU/UK residents have rights under the GDPR; California residents have rights under the CCPA/CPRA; Israeli residents have rights under the Protection of Privacy Law, 5741-1981.

To exercise these rights, contact us at privacy@lumark.ai. We will respond within the timeframe required by applicable law.

We use cookies and local storage for authentication, language and theme preferences, and analytics. You can disable cookies in your browser, but parts of the Service may not function properly.

We use industry-standard measures including encryption in transit (TLS) and at rest, role-based access controls, and routine security reviews. No system is perfectly secure; we cannot guarantee absolute security.

Your information may be processed in countries other than your own, including the United States and the European Union. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses.

The Service is not directed to individuals under 16 and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

We may update this Policy from time to time. Material changes will be communicated by email or in-app notice. The "last updated" date above reflects the most recent revision.

Questions about this Policy can be sent to privacy@lumark.ai or to Lumark AI Ltd., [registered address].