// Trust & Security Report
Luminance Technologies Ltd
Legal-Grade AI for contract automation, negotiation, analysis, compliance, investigation, and collaboration. Serves legal, compliance, procurement, finance, HR, sales, and marketing teams. Enterprise-focused with 1000+ customers across 70 countries.
Certifications held
2
Maturity
Enterprise
Trains on your data
Yes
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on luminance.com“Luminance is certified to ISO 27001:2022, reflecting our commitment to maintaining an effective Information Security Management System.”
Verify on luminance.com“Luminance has completed a successful SOC 2 Type 2 examination, which assesses controls related to security, availability, and confidentiality.”
> Show 5 unconfirmed / not-held certifications
source: luminance.comGDPR is not a certification Luminance holds. However, they support GDPR compliance features and have Data Processing Agreements (DPA) available with Standard Contractual Clauses and EU-U.S. Data Privacy Framework.
source: luminance.comNo public evidence of HIPAA certification found on Luminance's website or in available compliance documentation.
// Privacy & AI training
Trains on customer data
Yes
Data processing agreement
Offered
Data region
Cambridge, United Kingdom (primary storage); EU-U.S. Data Privacy Framework and Standard Contractual Clauses for international transfers
Luminance permits use of anonymized and pseudonymized customer data for product improvement and service enhancement. The terms state: 'we may carry out analytics and other review and storage processes on your User Data using anonymisation, pseudonymisation and other similar techniques.' For generative AI features (Ask Lumi), third-party providers may be involved, and redaction may not always be possible. Personal data itself is not retained or used to train core models.
// Security controls
Data storage
AWS-hosted with dedicated single-tenant instances per customer; nightly automated backups to secondary AWS data center (same region); 14-day minimum backup retention
luminance.comAccess control
Multi-factor authentication (MFA) required; application-level permissions configured by customers; role-based access using least privilege; all access tracked and audited
luminance.comThreat detection
Darktrace Enterprise Immune System deployment; Juniper firewalls; rate-limiting against DoS/brute force attacks; regular third-party penetration testing; mandatory security training for personnel
luminance.com// Products & data scope
data: Processes customer contracts and legal documents; may train on anonymized data
Enterprise legal AI for contract drafting, negotiation, analysis, compliance, investigation, and collaboration. Supports legal, compliance, procurement, finance, HR, sales, and marketing workflows.
data: Involves third-party AI providers; may not support full redaction
Generative AI feature that may route data to third-party providers. Luminance disclaims responsibility for confidentiality issues if redaction is not possible.
// What to watch
- Generative AI feature (Ask Lumi) may involve third-party providers and may not support full redaction of sensitive data. Customers should verify this before processing confidential or protected information.
- HIPAA is not mentioned as a certification. Luminance is not suitable for healthcare-regulated customer data without explicit HIPAA certification.
- Data training note: Luminance uses anonymized/pseudonymized customer data for product improvements, but does not retain personal data. Customers processing highly sensitive data should review DPA terms carefully.
- No mention of additional compliance certs (PCI DSS, FedRAMP, ISO 27017/27018/27701). Organization is UK-based with global presence.
// At a glance
Pricing model
Enterprise subscription (not publicly detailed; contact sales)
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Luminance Technologies Ltd's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
luminance.com