Website controls and operating boundaries
Security questions should not require a sales cycle. luminapath.ai runs with hardened headers and essential-only storage, and delivery work can be scoped for managed cloud, private network boundaries, or customer-controlled environments.
Effective date
Website controls
luminapath.ai serves over HTTPS with a Content Security Policy, HSTS, Cross-Origin-Opener-Policy, Cross-Origin-Resource-Policy, X-Frame-Options, nosniff, a strict referrer policy, and a restrictive permissions policy. Optional analytics are off, and contact happens by direct email rather than through site forms.
Data and context boundaries
- We scope what the model can see before we talk about automation
- Source systems remain the source of record where they should
- High-sensitivity work gets narrower context and stronger oversight
Human judgment and rollout discipline
LuminaPath is built for work where accountability matters. Judgment and approval points are part of the system design from the start, and rollout stays narrow until the workflow has earned wider automation.
Operating environments
- Managed cloud where the workflow allows it
- Private network boundaries where the workflow demands it
- Customer-controlled environments when operational risk requires it
Security contact
Security and trust conversations should be direct. For questionnaires, operating-environment questions, or a report about the site, write to hello@luminapath.ai with the workflow, environment, or issue you want to discuss.
Questions
Trust questions, privacy questions, and operating-environment discussions can go to hello@luminapath.ai.