Privacy Policy

Privacy Policy

Last updated: April 25, 2026

PRIVACY POLICY

This Privacy Policy explains how Lemnia LLC ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use the Lymnus platform. We are committed to protecting your privacy and handling your data responsibly.

1. Who We Are

Lemnia LLC is a Delaware limited liability company with its principal place of business at 131 Continental Dr, Suite 305, Newark, Delaware 19713, United States. We operate the Lymnus data intelligence platform accessible at https://lymnus.com.

For users in the European Economic Area (EEA) or United Kingdom, Lemnia LLC acts as the data controller for personal data processed through the Platform.

Data Protection Contact: contact@lymnus.com

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Name, email address, password (stored in hashed form), profile photo.

OAuth Sign-In Data: If you sign in via Google, Microsoft, or GitHub, we receive your name, email, and profile photo from those providers; we store provider-specific identifiers to link your account.

Team Information: Team names, member email addresses, and role assignments.

Payment Information: Billing details processed by Stripe (we do not store full card numbers; Stripe handles PCI-DSS compliance).

Communications: Messages you send us via support channels, report-an-issue forms, and app-request submissions.

User Preferences: Language, locale, UI theme settings.

2.2 Data You Upload and Process

When you use the Platform's core features, you may upload files and documents for processing. This content may include personal data belonging to third parties. You, not us, are the controller of such data. We process it only on your instructions as described in Section 4.

  • Uploaded files: PDFs, Word documents, Excel spreadsheets, CSV, JSON, and other supported formats

  • API-imported data: Data fetched from connected third-party services

  • AI Chat messages and file attachments

  • Project data, reports, and agent configurations you create on the Platform

2.3 Automatically Collected Information

  • Usage Data: Features accessed, operations performed, processing times, token consumption, error logs

  • Log Data: IP addresses, browser type and version, operating system, pages visited, timestamps, referring URLs

  • Device Information: Device type, screen resolution

  • Cookies and Similar Technologies: As described in our Cookie Policy at https://lymnus.com/legal

  • Analytics Data: Aggregate, anonymized usage patterns used to improve the Platform

2.4 Information from Third-Party Integrations

When you connect third-party services (e.g., Google Drive, Microsoft OneDrive, Dropbox, databases), we receive data from those services only as necessary to perform the integration function you requested. We do not persistently store third-party data beyond what is needed to complete your processing requests.

2.5 Google API Limited Use

Lymnus's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

3. How We Use Your Information

3.1 To Provide and Operate the Platform

  • Authenticating your identity and maintaining your session

  • Processing your data extraction, processing, generation, and report requests

  • Executing your automation agents

  • Managing your team, roles, and permissions

  • Tracking and managing your token balance and usage

  • Processing payments and managing your subscription via Stripe

  • Providing customer support and responding to inquiries

3.2 To Improve and Develop the Platform

  • Analyzing aggregate, anonymized usage patterns to understand how the Platform is used

  • Identifying and fixing bugs, errors, and performance issues

  • Developing new features and improving existing functionality

3.3 To Communicate With You

  • Sending transactional emails (account verification, password reset, billing receipts)

  • Sending low-token and storage alerts

  • Notifying you of processing completion or failures

  • Sending Platform updates, new feature announcements, and changelog notifications

  • Responding to your support requests

  • Detecting and preventing fraud, abuse, and security incidents

  • Enforcing our Terms of Service and Acceptable Use Policy

  • Complying with applicable laws, regulations, and legal processes

  • Protecting our rights, property, and the integrity of the Platform

For users in the EEA or UK, we process personal data under the following legal bases:

  • Contract Performance: Processing necessary to fulfill our contractual obligations to you

  • Legitimate Interests: Improving our services, security monitoring, analytics

  • Legal Obligation: Compliance with applicable laws and regulations

  • Consent: Where required by law, such as for certain cookies or marketing communications

4. AI Processing and Your Uploaded Data

4.1 How We Process Your Data

When you use Platform features, your uploaded files and data are transmitted to AI model providers for processing. We use the following AI providers:

  • Anthropic (Claude models): Data may be transmitted to Anthropic's API servers. Anthropic's privacy policy applies: https://www.anthropic.com/privacy

  • OpenAI (GPT models): Data may be transmitted to OpenAI's API servers. OpenAI's privacy policy applies: https://openai.com/privacy

  • Google (Gemini models): Data may be transmitted to Google's API servers. Google's privacy policy applies: https://policies.google.com/privacy

4.2 No Training on Your Data

We do not use your uploaded content or AI-generated outputs to train, fine-tune, or improve any AI models — ours or our providers'. We have data processing agreements with our AI providers that restrict the use of data submitted via API for training purposes.

This applies to data obtained from connected Google services. Data imported from Google Drive, Google Sheets, Google Docs, Gmail, or BigQuery is processed solely to deliver the specific operation you requested and is not retained beyond what is necessary to complete that operation.

4.3 Data Processing Agreements

For enterprise customers or users subject to GDPR, a Data Processing Agreement (DPA) governing the processing of personal data on your behalf is available upon request at contact@lymnus.com.

5. Information Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their own marketing or commercial purposes. We are not a data broker.

5.2 Service Providers

We share data with trusted third-party service providers who assist us in operating the Platform, subject to contractual data protection obligations:

  • Stripe: Payment processing and subscription management

  • Anthropic, OpenAI, Google: AI model inference (as described in Section 4)

  • Amazon Web Services: Data hosting and storage

  • Email service providers: Transactional email delivery

  • Analytics providers: Aggregated, anonymized usage analytics

5.3 Business Transfers

If Lemnia LLC is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

We may disclose your information if required to do so by law or in response to valid legal process (such as a court order, subpoena, or government request), or to protect the safety, rights, or property of Lemnia LLC, our users, or the public.

We may share your information in other ways if you have provided specific consent.

6. Data Retention

We retain personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law:

  • Account Data: Retained for the duration of your account and deleted within 90 days of account closure

  • Uploaded Files and Projects: Retained until you delete them or your account is closed. Files may be retained for up to 30 days after deletion to support recovery.

  • Billing Records: Retained for 7 years as required by law

  • Log Data: Retained for up to 12 months

  • Support Communications: Retained for 3 years after ticket resolution

  • Cookie Data: As described in our Cookie Policy

When data is no longer needed, we delete it securely or anonymize it.

7. Your Privacy Rights

7.1 All Users

Regardless of your location, you have the right to:

  • Access your personal data through your account settings

  • Update or correct inaccurate personal data in your profile

  • Delete your account and associated data

  • Export your project data and reports

  • Opt out of non-essential marketing communications via the unsubscribe link in our emails

  • Manage cookie preferences through our cookie settings banner

7.2 European Economic Area and UK Users (GDPR/UK GDPR)

If you are in the EEA or UK, you have additional rights:

  • Right of Access: Obtain a copy of your personal data

  • Right to Rectification: Correct inaccurate or incomplete data

  • Right to Erasure: Request deletion of your personal data, subject to legal exceptions

  • Right to Restriction: Restrict processing of your data in certain circumstances

  • Right to Data Portability: Receive your data in a structured, machine-readable format

  • Right to Object: Object to processing based on legitimate interests

  • Right to Lodge a Complaint: With your national data protection authority

To exercise these rights, contact us at contact@lymnus.com. We will respond within 30 days.

7.3 California Residents (CCPA/CPRA)

California residents have the following rights under the California Consumer Privacy Act:

  • Right to Know: What personal information we collect, use, disclose, and sell

  • Right to Delete: Request deletion of your personal information

  • Right to Opt-Out of Sale: We do not sell personal information

  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

  • Right to Correct: Request correction of inaccurate personal information

To submit a CCPA request, email contact@lymnus.com.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit using TLS/HTTPS

  • Encryption of sensitive data at rest

  • Role-based access controls within the Platform and our organization

  • Regular security assessments and vulnerability testing

  • Incident response procedures

Despite these measures, no system is 100% secure. In the event of a data breach that may affect your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

9. International Data Transfers

Lemnia LLC is based in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States, which may have different data protection laws than your country.

For transfers from the EEA or UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and other lawful transfer mechanisms as available.

For information about the safeguards we apply to international transfers, contact contact@lymnus.com.

10. Children's Privacy

The Platform is not directed at children under 18 years of age, and we do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child under 18, we will promptly delete it. If you believe we may have collected such data, contact us immediately.

The Platform may contain links to third-party websites, services, or integrations. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access through the Platform.

12. Cookies

We use cookies and similar tracking technologies. For detailed information, see our Cookie Policy at https://lymnus.com/legal.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Sending an email to the address associated with your account

  • Displaying a prominent notice on the Platform

  • Updating the "Last Updated" date

Your continued use of the Platform after the effective date of the revised policy constitutes your acceptance.

14. Contact Us

For privacy-related questions, requests, or complaints, contact our team:

Lemnia LLC

131 Continental Dr, Suite 305, Newark, Delaware 19713, United States

Email: contact@lymnus.com

Website: https://lymnus.com/legal

For EEA/UK users, you also have the right to lodge a complaint with your local data protection authority. A list of EEA supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

Last updated: April 25, 2026

Ready to Automate
Your Data Operations?

Get started today