Trust center

Security, privacy & data handling

This page is maintained by MyLumera Technologies to answer common security and privacy questions about our platform and products (StockFlow, Asset360, AuditWorks). It describes our current practices and enabled controls. It is not an independent certification or audit report.

Shared responsibility. MyLumera secures the platform, infrastructure, and application code. Customers are responsible for managing their own users, roles, access reviews, exported data, and the configuration of their workspace. Underlying cloud capabilities are provided by our hosting partners under their own terms.

Access & authentication

Access to customer workspaces is gated by authenticated user accounts with role-based permissions. Administrators manage user provisioning, role assignment, and removal from within each product. We recommend customers conduct periodic access reviews.

Data in transit and at rest

Traffic to MyLumera products is served over TLS. Customer data stored in our managed databases is encrypted at rest using the underlying cloud provider's standard encryption. Specific cipher details follow the hosting provider's current configuration.

Hosting & availability

MyLumera products run on resilient cloud infrastructure with automated backups and 24/7 monitoring. We target a 99.9% platform availability goal. Planned maintenance windows and incidents are communicated to customer administrators.

Subprocessors & integrations

We use a limited set of subprocessors for hosting, email delivery, and operational tooling. Customers who require the current subprocessor list for a vendor review can request it at the contact address below.

Data retention & deletion

Customer data is retained for the duration of the active subscription. Upon written request from an authorized administrator, we will delete or return customer data in line with our service agreement. Operational backups follow a rolling retention schedule.

Reporting a security concern

If you believe you have discovered a security vulnerability or have a privacy question, please contact us at support@mylumera.net. Please include enough detail to reproduce the issue. We do not currently operate a public bug-bounty program.

Compliance. MyLumera Technologies is continuously improving its security program. Where a specific certification or framework (e.g. ISO 27001, SOC 2) is required for procurement, please contact us so we can share the current status of that work. We do not claim certifications that have not yet been issued.

Last updated: June 2026. This page is editable content owned by MyLumera Technologies and may be revised as our practices evolve.