Privacy Policy

// Effective Date: January 1, 2025 // Last Updated: August 8, 2025

Introduction

Welcome to LUCENT ("we", "our", or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered equity research platform for ASX and NZX markets.

By accessing or using LUCENT's services, you agree to this Privacy Policy. If you do not agree with the terms of this privacy policy, please do not access our services.

Key Points: LUCENT uses advanced AI models to analyze public financial data and deliver institutional-grade research reports. We prioritize data security, maintain strict confidentiality, and never sell your personal information to third parties.

Information We Collect

Information You Provide Directly

  • Account Information: Name, email address, company name, professional title, and billing information when you register for our services
  • Payment Information: Credit card details, billing address, and transaction history (processed securely through our payment providers)
  • Communication Data: Messages, feedback, and support requests you send to us
  • Portfolio Information: Stock watchlists, saved searches, and custom alerts you configure

Information Collected Automatically

  • Usage Data: Reports accessed, search queries, feature usage patterns, and interaction with our AI models
  • Device Information: IP address, browser type, operating system, device identifiers, and mobile app version
  • Analytics Data: Page views, session duration, click-through rates, and navigation paths
  • API Usage: For Lighthouse plan users, we track API calls, endpoints accessed, and data volumes

Public Market Data

We continuously collect and analyze publicly available financial information from ASX and NZX listed companies, including annual reports, exchange filings, investor presentations, and market announcements. This data is not personal information and is used to generate our AI-powered research reports.

How We Use Your Information

Purpose Description Legal Basis
Service Delivery Generate AI research reports, process your requests, manage your subscription Contract Performance
Personalization Customize reports to your portfolio, remember preferences, suggest relevant stocks Legitimate Interest
Communication Send service updates, respond to inquiries, deliver alerts and notifications Contract Performance
Improvement Enhance AI models, develop new features, optimize user experience Legitimate Interest
Security Detect fraud, prevent abuse, maintain platform integrity Legal Obligation
Marketing Send promotional content (with your consent), announce new features Consent

Data Sharing & Third Parties

We do not sell, rent, or trade your personal information. We share your data only in the following circumstances:

AI Model Providers

We use multiple AI models (Grok, OpenAI GPT-4o, Claude 4, Gemini 2.5) to generate research reports. When processing your requests:

  • We send only the necessary query data to AI providers
  • Your personal information is never included in AI prompts
  • All AI interactions are governed by strict data processing agreements
  • AI providers do not retain or train on your specific queries

Service Providers

  • Payment Processors: Stripe, PayPal (for secure payment handling)
  • Cloud Infrastructure: AWS, Google Cloud (for data storage and processing)
  • Analytics: Google Analytics, Mixpanel (for usage insights)
  • Email Services: SendGrid, Mailchimp (for communications)
  • Customer Support: Intercom, Zendesk (for support tickets)

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or investigate fraud.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any change in ownership or control of your personal information.

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access, multi-factor authentication, and regular access audits
  • Infrastructure Security: Firewalls, intrusion detection, and DDoS protection
  • Regular Audits: Quarterly security assessments and annual penetration testing
  • Incident Response: 24/7 monitoring and established breach notification procedures
  • Employee Training: Regular security awareness training for all staff

Security Incident Reporting

If you believe your account has been compromised or notice any suspicious activity, please contact us immediately:

Email: support@idyllic.app

Response Time: Within 24 hours

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access & Portability

Request a copy of your personal data in a structured, machine-readable format

Correction

Update or correct any inaccurate personal information

Deletion

Request deletion of your personal data, subject to legal retention requirements

Restriction

Limit how we process your personal information

Objection

Object to certain processing activities, including marketing communications

Withdraw Consent

Withdraw previously given consent for data processing

To exercise any of these rights, please contact us at support@idyllic.app. We will respond to your request within 30 days.

Additional Rights for Specific Regions

  • Australian Users: Rights under the Privacy Act 1988 and Australian Privacy Principles
  • New Zealand Users: Rights under the Privacy Act 2020
  • EU/UK Users: Rights under GDPR including data protection officer access
  • California Users: Rights under CCPA including opt-out of sale (though we don't sell data)

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Cookie Type Purpose Duration
Essential Enable core functionality, authentication, security Session/1 year
Performance Analyze usage patterns, improve platform performance 1 year
Functional Remember preferences, language settings, saved searches 1 year
Analytics Understand user behavior, measure feature adoption 2 years
Marketing Deliver relevant ads, measure campaign effectiveness 90 days

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may limit functionality of our platform.

Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Retained while your account is active plus 90 days after closure
  • Transaction Records: 7 years for tax and accounting purposes
  • Research Reports: Available for 12 months from generation date
  • Support Communications: 2 years from last interaction
  • Marketing Data: Until you opt-out or 3 years of inactivity
  • Security Logs: 12 months for audit and investigation purposes

After the retention period, data is either deleted or anonymized. You may request early deletion subject to legal requirements.

International Data Transfers

LUCENT operates globally and may transfer your information to countries outside your residence, including Australia, New Zealand, and the United States. When we transfer data internationally:

  • We ensure appropriate safeguards are in place (Standard Contractual Clauses, adequacy decisions)
  • We only work with providers who maintain equivalent data protection standards
  • We comply with applicable data transfer regulations including GDPR requirements

Children's Privacy

LUCENT is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child under 18, we will delete it immediately. If you believe we have information about a child, please contact us at support@idyllic.app.

California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request details about personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell personal information, but you can opt-out of certain sharing
  • Right to Non-Discrimination: We will not discriminate against you for exercising privacy rights

To exercise these rights, call us at 1-800-LUCENT-AI or email support@idyllic.app. We may verify your identity before processing requests.

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you via email or prominent notice on our platform
  • We will obtain your consent if required by applicable law

We encourage you to review this policy regularly. Continued use of our services after changes constitutes acceptance of the updated policy.

Contact Information

Privacy Team

Email: support@idyllic.app

Data Protection Officer

For EU/UK residents or data protection inquiries:

Email: support@idyllic.app

Response Time: Within 30 days of receipt

Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority:

  • Australia: Office of the Australian Information Commissioner (OAIC)
  • New Zealand: Office of the Privacy Commissioner
  • EU: Your local Data Protection Authority
  • UK: Information Commissioner's Office (ICO)