Trust and Security Policy

Trust, Security & Compliance

At LuminaData, trust is fundamental. Finance teams depend on accurate, reliable, and secure systems to run their operations, and we take that responsibility seriously. Our platform is built with security, privacy, and compliance at its core—so you can automate critical finance workflows with confidence.

Our Approach to Trust

LuminaData is purpose-built for enterprise finance and accounting teams, where data integrity, confidentiality, and auditability are non-negotiable. We design our technology and processes to meet the expectations of modern finance organizations while continuously strengthening our security posture as we scale.

Our principles:

• Security by design

• Customer data ownership

• Least-privilege access

• Transparency and accountability

Data Security

We apply multiple layers of safeguards to protect customer data across infrastructure, applications, and access.

Infrastructure

• Secure cloud infrastructure hosted on AWS

• Network isolation and firewall protections

• Production monitoring and alerting

Encryption

• Data in transit encrypted using TLS 1.2+

• Data at rest encrypted using AES-256

Access Control Policies

• Role-based access control (RBAC)

• Least-privilege permissions for internal access

• Access logging and regular reviews

AI & Application Security

LuminaData’s AI-powered coworkers are designed specifically for finance workflows and operate within strict guardrails.

• AI agents act only within customer-defined scopes and permissions

• No autonomous actions outside approved workflows

• Human-in-the-loop controls for sensitive operations

• Full traceability of agent actions and outputs

• Customer data is never used to train shared or public AI models

Data Privacy

Your data belongs to you—always.

• LuminaData does not sell or share customer data

• Customer data is used solely to deliver and support the service

• Logical isolation between customer environments

• Support for data deletion upon request

We align with global data protection principles, including GDPR concepts such as data minimization, purpose limitation, and confidentiality.

Compliance & Governance

LuminaData follows security and compliance best practices aligned with enterprise expectations.

Current Practices

• Secure software development lifecycle (SDLC)

• Internal security and access reviews

• Incident response and escalation procedures

• Vendor risk awareness and management

Compliance Roadmap

• SOC 2 Type I readiness

• Formalized security policies and controls

• Expanded monitoring and audit documentation

We are happy to support customer security reviews and share documentation under NDA.

Reliability & Availability

• High-availability cloud architecture

• Automated backups and recovery processes

• Continuous monitoring for performance and uptime

• Designed to support mission-critical finance operations

Responsible AI

We believe AI should augment finance teams—not replace judgment.

• Explainable outputs designed for financial accuracy

• Deterministic behavior where required (e.g., reconciliations)

• Clear separation between automation and decision-making

• Built for audit readiness and trust

Transparency & Partnership

Trust is built through openness and collaboration.

• Clear communication around security or operational issues

• Support for procurement and security questionnaires

• Willingness to participate in customer security reviews

• Ongoing improvements driven by customer feedback

Contact Us

For security, compliance, or procurement inquiries:

Email: info@luminadata.com
Contact: Your LuminaData account team