Legal

Biometric Information Privacy Policy

This Biometric Information Privacy Policy explains how Lunebi collects, uses, stores, and deletes your biometric data. This policy supplements our general Privacy Policy.

Effective Date: March 15, 2026

1. Definitions of Biometric Data

Understanding the terms used to describe your voice data and how it is processed:

  • Biometric Identifier: In the context of Lunebi, this refers to the raw audio recording of your voice used for enrollment.
  • Biometric Information: This refers to the mathematical "speaker embedding" or "voice latent" derived from your voice recording, which allows our AI model to synthesize your specific voice.

2. Purpose of Collection

We collect and store your biometric data for the sole purpose of providing the Voice Cloning feature.

  • This allows you to record your voice once and generate an unlimited number of personalized bedtime stories for your children.
  • By storing the raw audio in our secure vault, we ensure you do not have to re-record your voice for every new story generation.

3. Disclosure and Processing

How your biometric data is processed and safeguarded throughout the story generation pipeline:

  • Processing: To generate a story, your voice recording is temporarily accessed by isolated GPU workers hosted on RunPod.
  • Ephemeral Memory: The GPU workers use the Qwen3-TTS model to synthesize audio; all processing memory is wiped immediately after the story segment is delivered.
  • No AI Training: We strictly use your biometric data for inference (story generation) only. We do not use your voice recordings or embeddings to train, retrain, or improve our foundational AI models.

4. Storage and Security

Our security measures to protect your biometric data at rest and in transit:

  • The Vault: Raw audio files are stored in private AWS S3 buckets.
  • Encryption: All biometric data is encrypted at rest using SSE-KMS (AES-256) and is protected by least-privilege IAM policies.
  • Access Control: Access to these files is restricted via CloudFront Signed URLs with short expiration times (5–15 minutes).

5. Retention and Destruction Schedule

We adhere to a strict retention schedule to protect your privacy:

  • Active Use: We retain your biometric data as long as your account remains active and the voice profile is not deleted.
  • Inactivity: If your account remains completely inactive for a period of 3 years, we will automatically initiate the destruction of your biometric data.
  • Hard-Delete Policy: You may delete your voice profile at any time using the POST /voices/delete endpoint in the App. This triggers a hard-delete process that permanently purges: (1) The raw audio file from the S3 Vault, (2) All speaker embeddings and style latents from our DynamoDB databases, (3) Associated metadata linked to the voice ID.

6. Informed Consent

Before collecting any biometric data, Lunebi requires your explicit, written consent within the App.

  • By clicking "I Consent," you acknowledge that you have read this policy and agree to the collection and storage of your voice data as described.
  • We maintain a secure log of your consent, including the timestamp, IP address, and version of the policy you agreed to.

7. Contact Information

If you have questions regarding your biometric data or wish to exercise your right to access or deletion, please contact:

  • Data Controller: Jiří Volf
  • Email: support@lunebi.com
  • Address: Žižkova 49, 277 46, Veltrusy, Czech Republic