How we handle your data
How we handle your data
You're using Lunastak to think through your most sensitive strategic questions. This page explains exactly what we do — and don't do — with that data.
If you have a question this page doesn't answer, email us at hello@humventures.com.au. We'll answer it and add it here.
The short version
- Your data lives in an isolated Postgres database hosted on Neon, encrypted in transit (TLS) and at rest.
- We never train AI models on your data. Anthropic, our LLM provider, contractually does not train on API traffic.
- You can delete any project — and everything inside it (conversations, fragments, documents, generated strategy) — at any time, from inside the app.
- We don't retain copies of uploaded documents. Files are passed to our extraction provider, the extracted text becomes fragments in your project, and the original file is discarded.
- Our skills and CLI tools run entirely in your environment. They never transmit data to Lunastak. You decide what to share and when.
Where your data lives
Lunastak runs on a small set of well-known infrastructure providers:
| Layer | Provider | What's stored |
|---|---|---|
| Application hosting | Vercel | No user data — code only |
| Database | Neon (serverless Postgres) | Your projects, conversations, fragments, generated strategy |
| LLM inference | Anthropic (Claude API) | Nothing persisted by us at this layer; see below |
| Document text extraction | Unstructured.io | Nothing persisted; pass-through only |
| Email (magic links) | Resend | Sign-in emails only |
| Authentication | NextAuth.js (Google OAuth + magic links) | Email address, session tokens |
All data in Neon is encrypted at rest. All connections are encrypted in transit using TLS.
What we store
When you use Lunastak, we store:
- Your account — email address and authentication state
- Projects — the boundary that contains everything else
- Conversations — your messages with Luna and Luna's responses, so you can resume conversations later
- Fragments — the strategic themes extracted from your conversations, documents, and imported context bundles
- Dimensional syntheses — Luna's ongoing understanding of your strategy across 11 strategic dimensions
- Generated strategy — your Decision Stack outputs (Vision, Strategy, Objectives) and version history
What we don't store
- Original uploaded documents. When you upload a PDF or document, we pass the file directly to Unstructured.io, our text extraction provider. The extracted text is converted into fragments in your project, and the original file is discarded. We do not keep a copy.
- Anything from our skills or CLI tools running on your machine. These are pure context-engineering prompts. They run inside your chosen workspace (Claude Desktop, ChatGPT, the CLI, etc.) and do not transmit data to Lunastak.
- Tracking pixels or third-party advertising data. We use Vercel Analytics and Statsig for product analytics — no advertising trackers, no data sold or shared.
How AI providers handle your data
Lunastak uses Anthropic's Claude API for all LLM inference. Anthropic's API terms specify that customer data submitted via the API is not used to train Anthropic models. Claude reads your conversation, extracts fragments, synthesises themes, and generates your strategy — but Anthropic does not retain this data for training.
Document text extraction is performed by Unstructured.io. Files are sent to their API for text extraction and not retained by Lunastak after extraction.
Your skills and CLI tools never transmit data to us
Lunastak ships a set of skills, an MCP server, and CLI tools that help you prepare strategic context inside the AI tools you already use.
These tools are pure context-engineering prompts. They guide you through structured questions, help you organise your thinking, and produce a context bundle — a JSON blob containing your prepared strategic context.
No part of this process transmits data to Lunastak. The skills run entirely inside your chosen workspace (Claude Desktop, the ChatGPT app, a terminal, etc.). Your conversations with the assistant, any documents you reference, and any sensitive material stay inside that environment.
When you're ready, you choose to upload the prepared bundle to Lunastak. At that point — and only at that point — the bundle enters Lunastak's intelligence pipeline, where it is analysed, enriched, and stored as fragments alongside any other strategic context in your project.
This design lets you keep documents and conversations in the tools you already trust, and only share with Lunastak the prepared, intentional output.
Deleting your data
You control your data. From inside the app:
- Delete a project — opens the project menu, choose "Delete project". This permanently removes the project and everything in it: conversations, messages, fragments, documents, generated strategy, and version history. Deletion is immediate and irreversible.
We're working on per-conversation deletion as a follow-up. For now, deleting a project is the way to remove conversation data.
If you want to delete your entire account, email us at hello@humventures.com.au and we'll process the deletion within 7 days.
Access control
- Every project belongs to exactly one user.
- API endpoints enforce ownership on every request — your projects are not accessible to other users, ever.
- We use NextAuth.js with HTTP-only secure cookies for session management. Passwords are never stored because we don't use them — authentication is via magic link or Google OAuth.
- A small number of demonstration projects (Acquired podcast Decision Stacks for Costco, TSMC, Nike) are flagged as demo projects and viewable by anyone in read-only mode. These contain only public information.
Beta-stage caveats
Lunastak is in beta. We are not yet SOC 2 certified. We have, however, been built from the ground up by people who've worked with sensitive strategic data their whole careers, with privacy and isolation as first-class architectural concerns.
If your organisation has specific compliance requirements, please get in touch — we're happy to discuss what we can and can't accommodate at this stage.
Related
- Humble Ventures privacy policy — the broader Humble Ventures Pty Ltd privacy notice covering our legal obligations.
- Anthropic API privacy — how Anthropic handles API customer data.