Lumicura is in pre-launch.  Founding-school program open through August 2026. See terms →
Lumicura
Sign in Start free trial
Security & trust

The care you'd expect from a tool with your children's names in it.

Lumicura holds family contact information, parent messages, and volunteer-hour records — not student grades or health records. We treat every piece of data like the school's IT director is going to ask us about it on a Tuesday morning, because eventually one will.

Our honest stance. We're a small team building software for schools. We don't have a SOC 2 report yet, and we're not going to pretend otherwise. Here's what we do have, what we're working toward, and what a school's IT director should know on day one.

Lumicura runs on well-understood, mainstream infrastructure (Microsoft Azure with US data residency, Azure SQL with strict per-school isolation, Stripe for payments). The data story is short because the product itself is narrow: we don't touch student grades, attendance, or health records — those stay in your student information system, where they belong.

SOC 2 Type I is in progress for late 2026. In the meantime, we'll send our policies, completed security questionnaires, and a redacted infrastructure diagram to any school's IT contact within one business day. Email security@lumicura.com.

Data protection

Your families' information is encrypted on the way to us and while it's sitting in our database, and it's walled off from every other school.

  • TLS 1.2+ in transit, AES-256 at rest
  • Azure SQL row-level security on every multi-tenant table
  • Automated backups with point-in-time restore (35-day window)
  • US-only data residency

Sign-in & access

Each person only sees what their role needs — parent, staff, committee chair, board member, or president. Schools on the Diocese plan can define custom roles.

  • Single sign-on with Google Workspace and Microsoft 365 (OIDC)
  • SAML + SCIM provisioning on the Diocese plan
  • Two-factor authentication required for top-level admins
  • Session expiry, IP allow-listing for admin actions (Diocese)

Privacy

We collect only what the parent organization needs to run. Student records stay in your school's system. We never sell, share, or train AI on customer data.

  • Family contact info only — no grades, attendance, or health records
  • FERPA-aligned data handling for any student-adjacent fields
  • No third-party advertising or analytics inside the app
  • One-click export and deletion of a family's data on request

Infrastructure

Boring, well-understood Microsoft Azure — not a one-off setup. Everything is documented, with no surprises for your security review.

  • Microsoft Azure, US data residency (Azure SQL, Azure Functions, Azure Static Web Apps, Azure Storage, Azure SignalR)
  • Stripe for payments (PCI-DSS handled by Stripe)
  • Azure Front Door for DDoS + WAF
  • Subprocessor list public & versioned at /trust

Monitoring & response

An activity log a regular human can read. If something goes wrong, we tell you within 72 hours — usually much sooner.

  • Append-only audit log on every state-changing action
  • 24/7 alerting on auth, billing, and infra anomalies
  • 72-hour breach notification (faster when feasible)
  • Documented incident runbook, reviewed quarterly

What happens if we go away

This matters as much as what happens while we're here. We've written our exit plan into your data agreement.

  • Open-source release commitment if we shut down
  • 90-day read-only access on cancellation or wind-down
  • Full data export in machine-readable formats (JSON, CSV, iCal)
  • RTO 4h, RPO 24h target on infra failure

Privacy policy v1.2 · effective Feb 12, 2026

Plain-language summary: Lumicura collects only the family-directory information needed to run a parent organization. We don't sell or share that data. We don't train ML models on it. We don't touch student grades, attendance, or health information — those stay in your school's SIS.

What we collect. Family contact info, opt-in mobile push tokens, the announcements you read, the volunteer shifts you sign up for, the commitment-point activity tied to your family. Nothing else from the school's data.

What we don't. No advertising trackers, no third-party analytics on logged-in pages, no data brokers. We use first-party Plausible-style analytics on marketing pages only.

Your rights. Access, correction, deletion, and export — within 30 days, no charge. Tenant admins can do most of this themselves; for the rest, email privacy@lumicura.com.

Terms of service v1.0 · effective Jan 1, 2026

The bones: Lumicura provides software-as-a-service to parent organizations and schools. The customer (the parent org or school) controls the data; we process it on their instructions. We commit to availability, security, and continuity as described in the DPA. Either party can terminate with 30 days' notice.

We don't have an "AI training rights" clause. We don't have a "we can change these terms unilaterally without notifying you" clause. If we materially change the terms, we'll tell super-admins 30 days in advance.

Data processing addendum v1.1 · effective Feb 12, 2026

Pre-signed DPA available on request. Standard for school-friendly SaaS: we are the processor; you are the controller. Sub-processor list with 30-day notice on additions. Standard contractual clauses for any cross-border transfer (we do US-only by default; this clause exists for diocese-level customers with affiliated international schools).

FERPA. Lumicura is configured to be a "school official" with a "legitimate educational interest" — we're never the parent-facing record system; we're a tool the school uses to coordinate its parent community. We support BAA on Diocese plans for organizations that prefer the stricter posture.

Subprocessors

We use a deliberately short list. Any additions are announced to super-admins 30 days in advance.

  • Microsoft Azure (US) — compute, storage, Azure SQL database hosting, CDN/WAF, real-time messaging
  • Azure Communications Services (US) — transactional email delivery
  • Stripe (US) — payment processing for buyouts and fundraisers
  • Microsoft Application Insights (US) — error monitoring (no PII in error payloads)

Vulnerability disclosure

Found something? We want to know. Email security@lumicura.com with reproduction steps. We'll acknowledge within 1 business day, triage within 5, and credit you in our advisory if you'd like.

Safe-harbor commitment: good-faith research that doesn't degrade service, exfiltrate other customers' data, or violate privacy law is welcome and will not result in legal action from us.

Status & uptime

Live status board at status.lumicura.com — public, no login. Subscribe to RSS or email for incident updates. We post post-mortems for any incident with customer impact > 5 minutes.

Service-level commitment: 99.9% monthly uptime, with credits for any month below. The current 90-day rolling status is shown below.

Trust documents

Send us through your security review.

Everything you need to put Lumicura through a typical school IT review. PDFs available on request — we don't gate them behind a form.

PDF

Security questionnaire (CAIQ-Lite)

Cloud Security Alliance lite questionnaire, completed and current.

v2026.1·32 pages
PDF

Architecture overview

Redacted infrastructure diagram, data flow, and dependency list.

v1.2·14 pages
PDF

Pre-signed DPA

School-friendly data processing addendum, ready to sign.

v1.1·9 pages
PDF

Privacy policy & ToS

Current customer-facing privacy and terms documents.

v1.2 / v1.0·11 pages
Web

Subprocessor list (live)

Always current. Subscribe to changes via RSS or email.

5 subprocessors
Web

Status page & post-mortems

Live uptime, incident history, and root-cause writeups.

99.97% (90d)

Status — last 90 days

All systems operational
Web app
99.99% · 90d
API
99.97% · 90d
Auth (SSO)
99.94% · 90d
Notifications
99.98% · 90d
99.97% overall uptime · last 90 days Last incident: Feb 4, 2026 — 8m degraded auth View full status →

Have a security review to run? We're ready.

Email security@lumicura.com — we'll send the questionnaire, architecture diagram, and pre-signed DPA within one business day.

Email security team See live status