ALL AGENTS NOMINAL1,243 TICKETS TODAY94% AUTO38S MHT
CHANGELOG · v1.4BERLIN / SF · MAY ’26
DRAFT · PENDING LEGAL REVIEW · LAST UPDATED 2026-05-19
DATA PROCESSING AGREEMENT

The DPA, in plain language.

Our full Data Processing Agreement is available on request as a downloadable PDF. Email legal@luminflows.com to receive the current version — we reply the same business day. Below is a summary of the controller/processor relationship Lumin Flows operates under, in the kind of English a non-lawyer reader can follow.

Roles.

When you use Lumin Flows, you are the data controller of the personal data your workspace touches — your customers’ names, your team’s emails, the contents of the messages your agents process. Lumin Flows is the data processor: we handle that data on your behalf, only for the purpose of running the agents you’ve configured.

Data flows.

Data enters Lumin Flows through the channels you connect — email, ticketing system, ERP. It is stored at rest in the region of your choice (EU or US), processed by the runtime to draft a response, signed into a receipt, and either dispatched automatically or held for a human reviewer. Inference may temporarily transit to a model provider listed on the subprocessor page for the few seconds it takes to generate the response.

Subprocessors.

We use a small list of subprocessors — infrastructure (Hetzner, Cloudflare), model inference (Anthropic, OpenAI), transactional email (Migadu), CRM (Notion). The current list and the categories of data each one touches is published at /subprocessors. We give thirty days’ notice by email before adding a new subprocessor; you have the right to object.

Security commitments.

Encryption in transit (TLS 1.3) and at rest (AES-256). Role-based access control, hardware MFA for the engineering team, and least-privilege on every production system. We’re audited annually against SOC 2 Type II, and ISO/IEC 27001 certification is in progress (expected close: Q3 2026). Penetration tests run twice a year.

Sub-clauses worth flagging.

Breach notification. If we suffer a personal data breach, we notify you within seventy-two hours of becoming aware, with the categories of data involved and the steps we’re taking.

Audit rights. Once a year you can audit our processing on reasonable notice; in practice most customers accept the SOC 2 report and our security questionnaire instead.

Return or deletion. On termination, we return your data in a portable format or delete it — your choice. Default is deletion after a thirty-day grace period.

Getting the signed document.

Email legal@luminflows.com with your company name and the address that should appear on the signature page. We’ll send the current PDF for signature within one business day; most customers complete the process via DocuSign.