Your files stay on your device by default
Opening, editing, and saving local files does not silently upload their contents to Lumen.
Security starts with clear boundaries. Lumen keeps ordinary document editing local, protects the cloud features you choose to use, and explains the important limits without hiding them behind vague claims.
Opening, editing, and saving local files does not silently upload their contents to Lumen.
Cloud requests use TLS. Shared content and connector secrets receive additional protection at rest.
Owners choose roles, can revoke links and members, and can rotate a shared document key after access changes.
AI, sharing, publishing, connectors, and submitted diagnostics are clearly identified cloud features.
Different features have different boundaries. These controls describe the current product design without implying a certification or guarantee.
Local documents remain under your operating system account and device protections.
Account controls are designed to resist common credential and session attacks.
Owners decide who can reach a cloud copy and what they may do with it.
Connected accounts are optional and scoped to the action you authorize.
Security-sensitive PDF actions are designed to change the underlying file, not only its appearance.
Only content needed for the AI action is sent through the managed backend to the selected provider.
Need the data-flow details? The Privacy Policy explains collection, subprocessors, retention, international transfers, and your rights.
Read the Privacy Policy →Email security@lumenqube.com with the affected product or URL, reproduction steps, impact, and any supporting evidence. Do not access other people’s data, disrupt service, use social engineering, or publicly disclose an unresolved issue. We will acknowledge the report and coordinate a responsible resolution in good faith.
No. Shared and published documents are encrypted in transit and at rest, including application-layer encryption for stored revisions, but Lumen manages the keys so authorized server processes can render and synchronize the content. This is not end-to-end encryption.
Only when you choose a feature that needs cloud processing, such as AI, sharing, web publishing, a connected service, or a support report with attachments. Ordinary local editing does not silently upload document contents.
No certification is claimed on this page. The controls above describe the current product implementation. Contact security@lumenqube.com for a specific enterprise or regulatory requirement before relying on the Service for regulated data.
Yes. Owners can change member roles, remove collaborators, revoke browser links, and rotate the document key after access changes. Copies that someone already downloaded remain outside Lumen’s control.
Email privacy@lumenqube.com from your account address. The Privacy Policy explains access, correction, deletion, portability, objection, and restriction rights that may apply.