Privacy Policy

Account data — your email address and name, used to create and secure your account.

Documents — the LaTeX files, bibliographies, and assets you create or upload. These are stored so you can edit, compile, and share them.

Usage metrics — basic information about how the service is used (for example, compile counts and feature usage) to operate, debug, and improve Lemma.

Payment data — subscriptions are processed by Stripe. Card numbers never touch our servers; we only receive your subscription status and billing metadata from Stripe.

We use your data to provide the service: authenticating you, storing and compiling your documents, running AI features you request, processing payments, sending essential service emails, and fixing bugs. We do not sell your data and we do not use it for third-party advertising.

When you use an AI feature, the relevant document content is sent to OpenAI's API to generate the response. Under OpenAI's API terms, content sent to the API is not used to train their models. We only send content when you invoke an AI feature — your documents are not continuously analyzed in the background.

Your documents and account data are stored with Supabase on AWS infrastructure in the US East region. Data is encrypted in transit (TLS) and at rest.

Lemma uses cookies only to keep you signed in (authentication session). We do not use advertising cookies or third-party tracking pixels.

We keep your account data and documents for as long as your account exists. Operational logs are kept for a limited period needed for security and debugging, then deleted. Stripe retains billing records as required for financial and tax compliance.

You can delete your account yourself from your account settings. Doing so erases your documents and account data from our systems. Residual copies in backups are removed as those backups expire.

You can access your data (your documents are exportable at any time, and your account details are visible in settings), correct it, or erase it by deleting your account. If you are in a jurisdiction with data protection laws such as the GDPR, these correspond to your rights of access, rectification, and erasure. To exercise any right you cannot handle self-service, email us and we will respond promptly.

We rely on a small set of providers to run Lemma:

• Vercel — application hosting
• Supabase — authentication, database, and document storage
• Stripe — payment processing
• OpenAI — AI features (API only; not used for model training)

If we change this policy in a material way, we will notify you by email or in the app before the change takes effect.

Privacy questions or requests? Email lucasmgago@gmail.com.