Privacy Policy

Effective date: April 10, 2026. This policy describes how we handle data in our annotation service operations.

Data We Process

• We process client-provided datasets solely for the purpose of delivering annotation services as defined in project agreements.
• We do not use client data for training our own models or for any purpose outside the contracted scope.
• Personal data within datasets is handled according to client instructions and applicable de-identification workflows.

PII Handling

• Layered de-identification including masking, tokenization, and direct identifier redaction where required.
• Pseudonymization and aggregation controls when data is prepared for annotation workflows.
• Automated and manual QA checks to reduce accidental personal data exposure.

Storage & Security

• Encryption in transit (TLS 1.2+) and at rest (AES-256 or equivalent)
• Role-based access control and least-privilege policies
• Access logs, audit trails, and scheduled security reviews
• Segregated environments across project stages

Retention & Deletion

Client data is retained only as long as the project agreement requires. Upon project completion, data is deleted according to the agreed retention schedule. Requests for access, correction, or deletion can be directed to privacy@lumevizion.com.