LGPD and data protection
Last updated: May 26, 2026
Our commitment
Lumiris was designed to handle personal data responsibly, in compliance with the Brazilian General Data Protection Law (Law 13.709/2018).
Roles
You, the therapist, are the controller of your patients' data. Lumiris is the processor, handling that data on your behalf. This defines who answers for each decision about the data.
Sensitive health data
Health records contain sensitive data. It receives reinforced protection: restricted access, encryption and a purpose limited to therapeutic care.
Data subject rights
The LGPD grants the patient, among others, the rights of access, correction, anonymization, portability, information about sharing and deletion of data.
How to exercise rights
Since the data is managed by the therapist, patients should contact the responsible professional. For data under Lumiris's responsibility, or for support, write to privacidade@lumiris.com.br.
Security and sub-processors
We use essential providers — authentication, hosting, payment and AI — with confidentiality and security commitments. Data travels and is stored encrypted.
Data protection officer
Data protection questions can be sent to our data protection officer at privacidade@lumiris.com.br.