Luminello is teaming up with SimplePractice. Current customers can learn more about the change. Not a Luminello customer? Explore SimplePractice.



At Luminello (the “Company”), we are committed to maintaining robust privacy protections for its users. Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use and safeguard the information you provide to us and to assist you in making informed decisions when using our Service.

For purposes of this Agreement, “Service” refers to the Company’s service which can be accessed via our website at and, mobile applications, software, and platforms in which users can document treatment, market and manage their practices, and communicate with colleagues and patients/clients. The terms “we,” “us,” and “our” refer to the Company. “You” refers to you, as a user of the Service. By accepting our Privacy Policy and Terms of Use, you consent to our collection, storage, use and disclosure of your personal information as described in this Privacy Policy.

Additional features of portions of the Service are described in our Terms of Service (the “Terms of Service”), which may be found at

Our treatment of Personal Data is governed by our agreements, including the Terms of Service and the business associate agreement (the “Business Associate Agreement”), as applicable. Further, protected health information (“Protected Health Information”), as defined under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), will only be used and disclosed as authorized by you and/or your health care provider in accordance with applicable law.

Please take a moment to read the following to learn more about our information practices, including what type of Personal Information is gathered, how the Personal Information is used and for what purposes, to whom we disclose Personal Information, and how we safeguard your Personal Information.

Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements (“Applicable Data Protection Laws”). According to Applicable Data Protection Laws, you may be entitled to know the identity of your “Data Controller” i.e. the legal entity which determines why and how your personal data is processed. In most cases, this will be Luminello, Inc.  We will inform you if you are working with another Data Controller


We collect “Non-Personal Information” and “Personal Information.”  Non-Personal Information includes information that cannot be used to personally identify you, such as anonymous usage data, general demographic information we may collect, referring/exit pages and URLs, platform types, preferences you submit and preferences that are generated based on the data you submit and number of clicks.

Personal Information.  Any information that can be used to identify, contact, or locate you, such as: your name, address, email address, or phone number, but does not include any information that has been fully anonymized so that a specific individual can no longer be identified from it. This includes your email, demographic information, and record of your treatment, including notes, prescription history, appointment history, billing history, which you submit to us through the registration process utilizing the Service, or which your authorized provider submits.  We will never disclose your Personal Information without your consent, unless required by law.

Account Information. In addition to the information provided automatically by your browser when you visit the Service, to become a subscriber to the Service you will need to create an account.  You can create a profile by registering with the Service, then creating a password.  By registering, you are authorizing us to collect, store and use your email address in accordance with this Privacy Policy.

Profile Information and User Contributions. You may choose to create a public Luminello profile, and to share Personal Information or make user contributions as part of the same. Please be aware that any Personal Information or contribution you choose to share in this way, will be published, and made generally available to other users and third parties via the Service. This user generated content is publicly available and we are not responsible for the privacy practices of the other users or third parties who may view and use that information. If you do not want your Personal Information or user contributions to be accessible in this way, please do not post it.

Customer Support. We may collect Personal Information through your communications with our customer support team.

Clickstream Data. We and our third party service providers may automatically collect certain information from your web browser when you use parts of the Service to help us understand usage, what is of interest to you and how to provide you more relevant advertising and content.  We refer to this information as Clickstream Data.  This information only comes from pages that are intended for clinicians to visit, and includes, for example, browser, date and time of access, and each of our pages that you visit. If your browser has a “private browsing” mode you may be able to block this information from being sent to the Company.

Payment Information. If you elect to use paid features of the Service, you may need to provide Personal Information to our third-party payment processors, such as your credit card number.

Tracking Pixels (also referred to as a clear gif, pixel tag or single pixel tag). This is a graphic with dimensions of 1×1 pixels that is loaded when a user visits a website or opens an email. A pixel is used in conjunction with cookies to help us manage and monitor our online clinician advertising and wider business arrangements with third parties, to measure and analyze clinician site usage and activity and to improve the quality of the Service. Tracking pixels allow the collection of data, such as IP address, URL, and referrer to help our advertisers analyze the efficacy of our clinician campaigns. This also allows us to aggregate anonymous information relating to advertising and website usage. Pixels may be used to recognize third party cookies and inform us and/or third parties of which advertisement or link brought you to the Service, allowing us to monitor the business relationships with third parties.  We do not place pixels on any pages that are intended or designed for patient use, or where content may be related to clinical topics of interest.

Cookies.In an effort to improve the quality of the Service, we track information provided to us by your browser or by our software application when you view or use the Service, such as the website you came from (known as the “referring URL”), the type of browser you use, the device from which you connected to the Service, the time and date of access, and other information that does not personally identify you.  We track this information using cookies, or small text files which include an anonymous unique identifier.  Cookies are sent to a user’s browser from our servers and are stored on the user’s computer hard drive.  Sending a cookie to a user’s browser enables us to collect Non-Personal information about that user and keep a record of the user’s preferences when utilizing our services, both on an individual and aggregate basis.  The Company may use both persistent and session cookies; persistent cookies remain on your computer after you close your session and until you delete them, while session cookies expire when you close your browser.

Our Partners. At times, we may work with the following 3rd parties for purposes of advertising to clinicians, which may collect certain anonymized data points, as described in “Clickstream Data” and “Tracking Pixels” and who have their own privacy policies regarding this data: Google Analytics 4; LinkedIn Website Retargeting; Microsoft Advertising; Google Tag Manager; Facebook Ads conversion tracking (Facebook pixel); Meta Events Manager; YouTube Data API. For purposes of login verification, we may use Google reCAPTCHA. For purposes of communication, Zoho Campaigns and Zoho Email. Within the app, we may use Mixpanel and Userpilot, with whom we have Business Associate Agreements.

Children’s Online Privacy Protection Act. Our Service is not directed to children under the age of 13 and we do not knowingly collect Personal Information directly from children. If we become aware that a child has disclosed Personal Information without proper parental consent, such Personal Information will be deleted.


Personal Information. Except as otherwise stated in this Privacy Policy, we do not sell, trade, rent or otherwise share for marketing purposes your Personal Information with third parties without your consent. We do share Personal Information with vendors who are performing services for the Company, such as the servers for our email communications who are provided access to user’s email address for purposes of sending emails from us.  Those vendors use your Personal Information only at our direction and in accordance with our Privacy Policy.

In general, the Personal Information you provide to us is used to help us communicate with you.  For example, we use Personal Information to contact users in response to questions, solicit feedback from users, provide technical support, and inform users about promotional offers.

In instances when a patient/client or provider reports a bug or requests more info about his/her account, the Company employees may access the account to de-bug or further investigate. Protected health information gathered in these cases is not retained, and is treated in accordance with HIPAA regulations.

Internal and Service-Related Usage. We use data that you input into, or that is collected by, the Service to perform the services requested in connection with those portions of the Service. For example, we use your payment information (through-third-party payment processors) to collect payment for the applicable portions of the Service. We may store and combine the Personal Information you submit or we collect via any part of the Service with information from other Luminello services or third parties in order to deliver the Service, to provide you with a better experience and to improve the quality of our services.

We may use data that you input into, or that is collected by, the Service to derive anonymized or aggregate data about your current IT environment, or your company operations, and may use this data to display customized content to you, and/or compare your environment configuration to those of the broader user community or for other purposes. Such information does not identify you individually.

We may use Clickstream Data to analyze trends, to administer the Service, to track users’ movements around the Services, to gather demographic information about our user base as a whole, and to operate and improve the Company technologies and services. We may use and retain any data we collect to provide and improve our services.

Displaying Your Profile Information or User Contributions to Other Users. Personal Information you choose to include in your public profile and/or any user contributions you post will be publicly available and can be read, collected, or used by other individuals, including to send you unsolicited messages. We cannot control the actions of other users of the Service with whom you may choose to share your user contributions or who may view your profile information. While we have restrictions in our Terms of Use, we cannot and do not guarantee that your user contributions or profile information will not be viewed or used inappropriately as they are publicly accessible. We are not responsible for the privacy practices of the other users who will view and use the posted information. However, you always have a choice as to whether (and to what extent) you share information as part of your public profile or as part of posts in the community.

Luminello-Related Communication. We use your Personal Information to contact you about administrative notices, application & network alerts, community activity, product updates, offers and promotions, and general news about the Company and our partners. This communication may be in the form of an alert, email or possibly a phone call, where permitted under applicable law. The frequency of this type of communication varies based on the type of notification. For example, alerts are delivered as they occur, while our product newsletter is generally delivered monthly. You can manage your email preferences with respect to content and delivery or you may unsubscribe from all emails from us. You can also email us at [email protected] regarding your communication preferences.

Advertising. While our current business model is not based on earning revenue through ads, we reserve the right to advertise to clinicians in the future. Like most other websites you probably use, in order to serve you those ads and to make them relevant to you, we need to use the data we know about you.  We also may share information we have collected to show our partners how effective their campaigns performed or how to make their campaigns more effective.  While our partners may place a cookie in your browser, no information that personally identifies you is shared with our IT vendor partners as part of this advertising process.

Customer Testimonials. From time-to-time we may ask individual users to participate in customer testimonials posted on our website. We never post these testimonials without their express permission. Any information provided as part of these testimonials is used solely for the purpose of these testimonials and is not used in any other way. If you wish to update or delete your testimonial, you can contact us at [email protected].

Search Engines. Certain Personal Information may also be accessible via search engines or similar services. For example, if you create a public profile, your profile information and the content of the posts you make may be accessible through a Google search.

We consider that the processing we undertake above (or mentioned elsewhere in this Privacy Policy) is either:

  • necessary for the performance of a contract to which you are a party (for example, where we provide a requested Service to you);
  • necessary for us to take steps, at your request, to enter into such a contract (for example, where you make an enquiry about receiving a Service from us);
  • necessary for the purposes of our legitimate interests or those of a third party and not overridden by the interests or fundamental rights and freedoms of any data subject (for example, where we desire to provide improved client customer service and support as well as enhancing and developing our products and services, and the IT-systems and processes used to support such products and services, and the marketing and sale thereof); or
  • necessary for compliance with a legal obligation to which we are subject. For example, under applicable law, we may be obliged to:
    • secure and maintain technical and organizational measures to protect the security of your data;
    • investigate and report any (suspected) breaches of those technical and organizational measures.
    • comply with legal and regulatory obligations, including, but not limited to, complying with minimum retention periods for certain types of data.

Where we do not consider that we can rely on a legal basis for processing that is set out above, then we will ask for your consent before processing your information.

Non-Personal Information. In general, we use Non-Personal Information to help us improve the Service and customize the user experience. We also aggregate Non-Personal Information in order to track trends and analyze use patterns on the Service.  This Privacy Policy does not limit in any way our use or disclosure of Non-Personal Information and we reserve the right to use and disclose such Non-Personal Information to our partners, advertisers and other third parties at our discretion.


We implement security measures designed to protect your information from unauthorized access.  Your account is protected by your account password and we urge you to take steps to keep your personal information safe by not disclosing your password, accessing your account on a private internet connection that is password protected, and by logging out of your account after each use.  We further protect your information from potential security breaches by implementing certain technological security measures including encryption, firewalls and secure socket layer technology.  However, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software.  By using our Service, you acknowledge that you understand and agree to assume these risks.


You have the right at any time to prevent us from contacting you for marketing purposes.  When we send a promotional communication to a user, the user can opt out of further promotional communications by following the unsubscribe instructions provided in each promotional e-mail.  You can also indicate that you do not wish to receive marketing communications from us in the “Account” section of the Site.  Please note that notwithstanding the promotional preferences you indicate by either unsubscribing or opting out in the Settings section of the Site, we may continue to send you administrative emails including, for example, periodic updates to our Privacy Policy.


Under Applicable Data Protection Laws, you may have the right, in certain cases, to request access to your Personal Information that we process, to request details about such Personal Information, including the purposes and potential recipients of this data, to have such Personal Information rectified or deleted, to have the processing thereof restricted, or to object to the processing of your Personal Information, as well as to request a copy of your Personal Data in a standardized format so that it can be provided to another vendor.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time using the contact details below.

You may also have the right to lodge a complaint with your national data protection authority or other public authority governing the protection of your personal information.

In addition, you may decline to provide Personal Information to us and/or refuse cookies in your browser, but if you do (or if successfully object to the processing of your Personal Information by us, or successfully request that such Personal Information be deleted) some if not all of our features or services may not function properly as a result.

To exercise these rights, please follow the steps set out below, or contact us via email at [email protected].

If your Personal Information changes, you may update it using the “Update Profile” link at the bottom of the email newsletter. When you update information, we may keep a copy of the prior version for our records. If you have specific requests about your Personal Information, you may email us at [email protected]

You have control over your Luminello public profile and related privacy settings and can edit such to remove information that you do not want others to see publicly via the Service. The information you post in your profile page is publicly available and there are not any privacy settings on those pages so if you do not want certain information to be publicly available, do not post it to your project pages or profile pages.

We may access, preserve, and disclose your Personal Information, other account information, and content, including after you terminate usage of the Service, if we believe doing so is required or appropriate to: comply with our legal obligations, resolve disputes, respond to your requests, or protect yours’, ours’ or others’ rights, property, or safety.


As part of the Service, we may provide links to or compatibility with other websites or applications.  However, we are not responsible for the privacy practices employed by those websites or the information or content they contain.  This Privacy Policy applies solely to information collected by us through the Service.  Therefore, this Privacy Policy does not apply to your use of a third party website accessed by selecting a link on or via our Service.  To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application.  We encourage our users to read the privacy statements of other websites before proceeding to use them.


By using our Service or providing Personal Information to us, you agree that we may communicate with you electronically regarding your use of the Service. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our Service or sending an email to you. You may have a legal right to receive this notice in writing. To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice), please notify us at [email protected].


Service Providers. We may use third party service providers to help us deliver parts of the Service and to improve the Service. For example, we use a third party service to manage our email marketing campaigns. This system stores your name, email address and the date on which you registered. When we use third parties to assist us in processing your Personal Information, we require that they comply with appropriate confidentiality and data protection and security measures. Furthermore, services from our third party service providers may be found in our Service for your convenience. For example, we incorporate third party services for laboratory services, e-prescriptions, and insurance claims. When you choose to utilize the third party services, we share the minimum information required for them to provide you the services. Company makes no representations as to the privacy policy of our third party service providers. If you have any questions, please direct those questions directly to the third party service providers.

Clickstream Data. We may share Clickstream Data with our third party service providers to help us deliver and improve parts of the Service and when we do so we ensure they comply with appropriate confidentiality and data protection and security measures.  We may also share Clickstream Data with our partners who want to better understand our user base and what interests them and what kind of marketing materials might be the most relevant to them, but we ensure that any Clickstream Data that we share with our business partners does not identify you as an individual. We share this kind of data so that your experience in our Service is customized and the most relevant to you and your needs.

App Data. We may share App Data with third parties so long as it does not identify any specific individual or disclose Personal Information about you or your end users (such as the name of someone in your organization who submitted a Helpdesk ticket). This information allows us to understand business technology needs and trends.

Marketing. We may share firmographic data and anonymous aggregated information with third parties outside of the Company, such as advertisers and market research firms approved by the Company, for their marketing and promotional purposes. For example, we may share with advertisers the breakdown of our user community by company size and industry. This allows the advertisers to try to reach audiences that may be interested in their products or services. When we share this information, it does not identify you individually or disclose any of your Personal Information.

When You Sign Up to a Luminello Event. When you sign up for a Luminello event, such as a webinar, we will ask for your consent to share your contact information if there is an outside sponsor of the event so that they may contact you with products and service which they feel may be of interest to you.

As Required by Law and Similar Disclosures. We reserve the right to disclose your Personal Information as required by applicable law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, enforceable government request, court order, or legal process served on the Company. We may also share Personal Information with third parties in limited circumstances, including when preventing fraud or imminent harm and ensuring the security of our network and services.

Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of our assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to process your Personal Information as set forth in this Privacy Policy.


Where you choose to create a public Luminello profile, we generally do not delete or disable any information contained in such page, profile or contribution until and unless you ask us to. To request this, please contact us via email at [email protected].

In all other cases, your Personal Information will be stored by the Company for as long as necessary in order to fulfill the purposes set out in this Privacy Policy and to comply with minimum retention periods under applicable law. Unless otherwise specified in our Terms of Service, or notified to you in writing, we generally aim to put this data beyond further use within 12 months after the end of the provision of any Service to you. However, you can request earlier deletion by contacting us via email at [email protected].

If you are a patient/client of one of our customers, due to HIPAA regulations, you must contact your clinician directly to request their approval for the deletion of your protected health information by the Company. The clinician should then contact us directly with their approval.

If you are a clinician, it is your duty to comply with all applicable laws, including HIPAA, regarding protected health information. To delete your account, please contact us via email at [email protected].


Luminello directs the Service to residents of the United States of America, and maintains and operates the Service within the United States. We do not support use of the Service outside of the United States. If you are visiting from the European Union or other regions with laws governing data collection and use, please note that by using our Service, making an enquiry, availing yourself of any Service or otherwise providing us with Personal Information you will be importing and exporting Personal Information to/from the United States. By providing your Personal Information, you hereby consent to the transfer and processing of data in accordance with this Privacy Policy.


For individuals that reside in California, the California Consumer Privacy Act (“CCPA”) provides additional rights and choices. California residents have the right to request access to your personal information, delete any personal information we collected from or maintain about you, and opt-out of the sale of personal information about you.

Company does not “sell” your personal information for purposes of CCPA or share your Personal Information with third parties for their direct marketing purposes, as defined by California Civil Code Section 1798.83, unless we give you choice (opt-in or opt-out) before sharing with those third parties.

If you are a California resident and you have questions about our practices with respect to sharing information with third parties for their direct marketing purposes and your ability to exercise choice, please contact us at Luminello, Inc., 2443 Fillmore St #380-8794, San Francisco, CA 94115. You must put the statement “Your California Privacy Rights” in the body of your request, as well as your name, street address, city, state, and zip code. In the body of your request, please provide enough information for us to determine if this applies to you. Please note that we will not accept inquiries via the telephone, email, or by facsimile, and we are not responsible for notices that are not labelled or sent properly, or that do not have complete information.

Please note that the CCPA does not apply to Protected Health Information regulated by HIPAA and does not fully apply in business to business transactions.


The Company reserves the right to change this policy and our Terms of Service at any time.  We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account or by placing a prominent notice on our site.  You should periodically check the Service and this privacy page for updates.


If you have any questions regarding this Privacy Policy or the practices of this Site, please contact us by sending an email to [email protected]. This Privacy Policy was last updated on July 22, 2023.