Account protection
Client, team, and admin areas require authentication. Role checks and database rules keep internal CRM controls separate from client self-service access.
Trust & security
Practical protection for every client workspace.
This page explains the controls we use to protect project information inside LUME client accounts. It is a customer-facing summary, not an independent certification.
Private documents
Invoices, contracts, and project timeline attachments are stored privately and are only opened through short-lived access links for authorized users.
Scoped client data
Clients can see their own contracts, invoices, timeline updates, payment status, and feedback, while team-only project management data stays restricted.
Our commitments
Security designed around client access.
- We never publish client portal documents as public files.
- Customers cannot edit internal CRM stages, assignments, archive state, or account permissions.
- Client feedback can be edited by the client and reviewed by the project team.
- Project links opened from timeline entries are validated and opened in a new browser tab.