lumen← Back to Lumen

Privacy Policy

Your script stays yours.

Last updated · 15 April 2026

The short version: we don't see your screenplay. Lumen parses your script in your browser, on your device. Nothing about its contents is uploaded, stored, logged, or shared. That's not a marketing line — it's how the software is built.

1. Who we are

Lumen is a product of MindMade Holdings (“MindMade”, “we”, “our”). This Privacy Policy explains what personal information we collect when you use lumen.mindmade.co (the “Service”), how we use it, and the rights you have over it.

2. What we collect

We collect only the minimum needed to operate the Service and stay in touch with you about it:

  • Waitlist email — when you join the waitlist, we store the email address you provided and the role you selected (director, producer, etc.) so we can send you access invitations and product updates.
  • Account details— once the product is out of beta, we'll store the minimum account metadata required to authenticate you (email, hashed password if you sign in directly, or federated identity tokens if you sign in with Apple / Google).
  • Billing information — for paid subscriptions, payment processing is handled by our payment provider. We receive confirmation of payment and a last-four-digits reference; we never receive or store your full card details.
  • Technical logs — standard server access logs (IP, user agent, timestamps) kept for 30 days for security and abuse prevention.

3. What we do not collect

Lumen processes screenplays client-side using pdf.js and the parser that ships with the page. Script text, character names, scene breakdowns, schedules, call sheets, and any other derived data stay in your browser (or on your server, if you self-host) and never touch our infrastructure.

We do not send script content to any third-party service. We do not use your screenplay to train any model, ours or anyone else's. We do not retain analytics on the content of what you parse.

4. How we use what we collect

  • To invite you from the waitlist and send product announcements.
  • To operate your account, authenticate you, and remember your preferences (including your light/dark theme choice).
  • To fulfil billing, provide receipts, and manage your subscription.
  • To investigate abuse, bugs, and security incidents.
  • To comply with applicable law.

We do not sell your data. We do not share it with advertisers. We do not use it to build advertising profiles.

5. Third-party services

Lumen uses a small number of third-party services to run:

  • Vercel — hosting and delivery of the web app.
  • Supabase — database for waitlist and account records (planned).
  • Clerk — authentication provider (planned).
  • Stripe — payment processing for subscriptions (planned).
  • An email delivery provider — to send transactional emails (waitlist confirmations, call sheets you explicitly dispatch, etc.).

Each of these is used only for the purpose listed, and each has its own privacy practices. We do not pass script content to any of them.

6. Cookies and local storage

We use strictly-necessary cookies and browser local storage for session authentication and to remember preferences such as your theme choice. We do not use tracking cookies, advertising pixels, or cross-site profiling.

7. Data retention

  • Waitlist emails: until you ask us to remove them or the waitlist is retired.
  • Account data: for the lifetime of the account, plus 30 days after deletion for backup rotation.
  • Server access logs: 30 days.
  • Billing records: seven years, or as required by applicable tax law.

8. Your rights

Depending on where you live, you may have the right to access, correct, or delete your personal data; to object to or restrict its processing; to data portability; and to lodge a complaint with a supervisory authority. To exercise any of these rights, email us at the address below and we will respond within 30 days.

9. Security

We use TLS in transit, encryption at rest for database contents, and principle-of-least-privilege access for staff. No system is perfect — if we learn of a material security incident affecting your personal data, we will notify you without undue delay.

10. Changes to this policy

We'll update the “last updated” date at the top of this page whenever we revise the policy, and we'll highlight material changes in-app before they take effect.

11. Contact

Questions, requests, or complaints: write to privacy@mindmade.co.