← Back to Lume Scan

Privacy Policy

Last updated: May 22, 2026

1. Overview

DarkWave Studios LLC ("we," "us") operates Lume Scan and the Lume-Auto platform. This Privacy Policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

Account Data: Email address and name (for license activation, purchase receipt, and account management via Firebase Authentication).

Payment Data: Processed exclusively by Stripe. We never see or store your credit card number, CVV, or billing details. See Stripe Privacy Policy.

Vehicle Diagnostic Data: OBD-II signals (RPM, speed, fuel flow, DTCs, etc.) are processed entirely on your device. We do not transmit, collect, or store your vehicle data on any server.

Device Activation Data: When you activate Lume Scan Pro, we store a purchase flag and tier status in Firebase Firestore linked to your email. This is used solely for license verification and entitlement management.

3. Data We Do NOT Collect

4. How We Use Your Data

5. Trust Layer Ledger (TLL)

When you generate a Condition Report, a SHA-256 hash of the diagnostic data is anchored to the Trust Layer Ledger (dwtl.io) for independent verification. Only the cryptographic hash is stored on-chain — never the underlying diagnostic data, VIN, or personal information. The hash is publicly verifiable but cannot be reversed to recover the original data.

6. Third-Party Services

7. Data Retention

Account data is retained as long as your account is active. You may request deletion at any time by emailing support@lumescan.tech. Upon deletion, your Firebase account, entitlement records, and any associated data will be permanently removed within 30 days. Vehicle diagnostic data exists only on your device and is never retained by us.

8. Children's Privacy

Lume Scan is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us immediately.

9. Your Rights

10. Security

Account data is protected by Firebase Authentication with industry-standard encryption (TLS 1.3 in transit, AES-256 at rest). Payment data is handled exclusively by Stripe (PCI DSS Level 1 certified). Vehicle diagnostic data never leaves your device. Condition Report hashes are signed with SHA-256 and anchored to the Trust Layer Ledger for tamper-proof provenance.

11. Changes

We may update this policy. Material changes will be communicated via email to all registered users. Continued use of the Services after changes constitutes acceptance.

12. Contact

DarkWave Studios LLC
Gladeville, TN, USA
support@lumescan.tech
Lume42 Labs