Effective Date: March 26, 2026
This Privacy Policy describes how Lumynex ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal information when you use the SOAR Pack Guardian website, platform, and related services (collectively, the "Services").
This Privacy Policy applies to personal information collected from website visitors, trial and paid users, customer administrators and authorized users, and business contacts.
We may collect the following categories of personal information: 1. Identifiers and contact data (name, business email, organization, job title, phone number). 2. Account and authentication data (username, password hash, MFA settings, login metadata). 3. Billing and transaction data (billing contact details, subscription status, invoicing records, and payment metadata handled by our payment processor). 4. Service usage data (feature interactions, diagnostics, device/browser metadata, IP address, approximate geolocation from IP). 5. Communications data (support tickets, emails, and chat transcripts). 6. Security and risk signals (audit logs, fraud-prevention indicators, suspicious activity events). 7. Integration data you choose to connect, subject to your configuration and third-party permissions.
Unless explicitly authorized by integrations you enable, we do not intentionally collect or store underlying customer SOC security logs containing sensitive personal data.
We collect information: 1. Directly from you and your organization 2. Automatically through your use of the Services 3. From integrated third-party systems you authorize 4. From service providers (for example, payment processors and anti-fraud vendors)
We use personal information to: 1. Provide, operate, and maintain the Services 2. Authenticate users and secure accounts 3. Process payments and manage subscriptions 4. Respond to support requests and communicate service updates 5. Monitor, detect, and prevent fraud, abuse, and security incidents 6. Improve performance, reliability, and product functionality 7. Comply with legal obligations and enforce agreements
If GDPR or UK GDPR applies, we process personal data under one or more legal bases: 1. Performance of a contract 2. Legitimate interests (security, service improvement, fraud prevention, and business operations) 3. Compliance with legal obligations 4. Consent (where required)
We use cookies and similar technologies for: 1. Strictly necessary website and authentication functions 2. Preferences and session management 3. Analytics and performance measurement
You can manage cookies through browser settings and, where presented, cookie controls.
We may disclose personal information to: 1. Service providers and subprocessors that help us operate the Services 2. Payment processors for billing and anti-fraud operations 3. Professional advisors (legal, accounting, and auditors) 4. Law enforcement or regulators when legally required 5. Successors in a merger, acquisition, reorganization, or asset sale
We do not sell personal information for money. If applicable law treats certain targeted advertising or analytics disclosures as a "sale" or "sharing," we will provide required notices and opt-out rights.
We retain personal information for as long as needed to provide Services, meet legal and contractual obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and business need. When no longer needed, we delete or de-identify information using reasonable measures.
We implement administrative, technical, and physical safeguards designed to protect personal information. These safeguards include encryption in transit and at rest where appropriate to the risk. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.
If personal information is transferred across borders, we use safeguards required by applicable law.
Depending on your jurisdiction, you may have rights to access, correct, delete, or obtain a portable copy of personal information, and to opt out of targeted advertising, sale, or certain profiling activities where applicable.
To submit a request, email support@soarpackguardian.com. We may verify identity before processing requests. Authorized agents may submit requests where permitted by law.
If you are a resident of a U.S. state with an applicable privacy law, additional rights may apply. We will: 1. Provide required notices about categories of personal information, purposes, and disclosures 2. Honor verified rights requests consistent with applicable law 3. Offer an appeal process where required 4. Avoid unlawful discrimination for exercising privacy rights
Texas appeals: If we deny your request, you may appeal by emailing support@soarpackguardian.com with subject line "Privacy Appeal" within 45 days of denial.
For California residents, this section supplements the rest of this Privacy Policy. 1. We describe categories collected, sources, purposes, and disclosures in Sections 2-7. 2. We do not knowingly sell personal information for monetary consideration. 3. We describe our response to "Do Not Track" signals in Section 15. 4. California residents may exercise applicable rights using the methods in Section 11.
The Services are not directed to children under 13, and we do not knowingly collect personal information from children.
Some browsers transmit "Do Not Track" (DNT) signals. Because there is no universally accepted DNT standard, our systems may not respond to DNT signals in a uniform way across services.
We may update this Privacy Policy from time to time. We will post the updated version with a revised effective date. Material changes may also be communicated by email or in-product notice where appropriate.
Lumynex
SOAR Pack Guardian, P.O. Box 312, Melissa, TX 75454
Email: support@soarpackguardian.com