Luma automatically collects detailed information about your device, approximate location, and how you use the service, including your application installations, advertising identifiers, and whether you open marketing emails.
Consumer impact (what this means for users)
Luma collects a detailed fingerprint of your device — including advertising IDs, app installations, RAM/CPU data, and network type — that can be used to build a persistent profile of you across services and shared with analytics and advertising partners.
What you can do
⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
Opt Out of Arbitration
Go to your mobile device's operating system settings, navigate to Privacy or Location Services, and disable location sharing and advertising identifier access for the Luma app. You can also reset your advertising identifier in device settings.
Cross-platform context
See how other platforms handle Broad Data Collection — Device, Location, and Usage Tracking and similar clauses.
The collection of advertising identifiers, application installation lists, and network information goes beyond what is strictly necessary for an AI creative platform and enables detailed cross-device profiling that could be shared with analytics and advertising partners.
View original clause language
Device data. We receive information about the device and software you use to access our Services, such as your computer's or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier and manufacturer, radio/network information (e.g., WiFi, LTE, 4G), application installations, and push notification tokens. Location Information. When you use our Services, we may receive general location information such as city, state or geographic area. Usage Information. We automatically receive information about your interactions with our Services, such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.
(1) REGULATORY FRAMEWORK: This provision implicates GDPR Art. 5(1)(c) (data minimisation principle), Art. 6(1)(f) (legitimate interests for analytics tracking), and ePrivacy Directive/EU Cookie Law for cookie and tracking technology use; UK GDPR and PECR (Privacy and Electronic Communications Regulations) enforced by ICO; CCPA/CPRA §1798.140 definition of 'sensitive personal information' (which may include precise geolocation) and §1798.120 opt-out rights; Illinois BIPA if biometric identifiers are derived; FTC Act Section 5. (2)
🔒
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Applicable agencies
FTC
The FTC enforces against unfair commercial surveillance practices including collection of advertising identifiers and device fingerprinting data beyond what is disclosed or necessary.