Our Services ClarityOS How We Work Articles

Lúcida Privacy Policy

Last updated: Feb. 26, 2026

This Privacy Policy explains how Lúcida (“Lúcida,” “we,” “our,” or “us”) collects, uses, discloses, and protects personal information when you access our website, purchase our products, or engage with our services.

This Privacy Policy is designed to align with Lúcida’s Terms & Conditions, The Lúcida Data Processing Addendum (DPA), and applicable data protection laws, including GDPR (EU/UK), CCPA/CPRA (California), and PIPEDA (Canada).

IMPORTANT NOTICE REGARDING TEXT MESSAGING DATA

Lúcida LLC (Meisful Ventures LLC DBA Lúcida) (“we,” “us,” or “our”) DOES NOT share customer opt-in information, including phone numbers and consent records, with any affiliates or third parties for marketing, promotional, or any other purposes unrelated to providing our direct services. All text messaging originator opt-in data is kept strictly confidential.

1. Scope and Roles

This Privacy Policy applies when Lúcida acts as a data controller, meaning we determine the purposes and means of processing personal information (for example, website visitors, customers, and marketing contacts).

When Lúcida processes personal data on behalf of a client as part of delivering Services (such as fractional consulting, audits, or AI-assisted workflows), Lúcida acts as a data processor. In those cases, processing is governed by the Lúcida Data Processing Addendum (DPA) and the client’s instructions.

2. Information We Collect

You must be at least eighteen (18) years old and legally able to enter binding agreements.

If using the Services on behalf of an organization, you represent that you have authority to bind that entity.

2.1 Personal Information You Provide

We may collect:

  • Name, email address, and phone number
  • Company name, job title, and role
  • Billing and payment information
  • Account credentials (where applicable)
  • Communications with us

2.2 Information Collected Automatically

When you visit our website or use our digital products, we may collect:

  • IP address and approximate location
  • Browser type, device type, and operating system
  • Pages visited, time spent, and interaction data
  • Referring URLs

2.3 Client-Provided Data

During Services, clients may provide business and operational data that may include personal data relating to employees, contractors, or customers. Lúcida processes such data solely to provide the Services and in accordance with the DPA.

2.4 SMS Opt-In Data

We collect the following information related to SMS messaging:

  • Mobile phone number
  • Opt-in records and timestamps for all communication channels (SMS, email, etc.)
  • The specific types of messages you consented to receive (marketing, transactional, or both)
  • Records of your opt-in method (website form, paper form, QR code, etc.)

We maintain timestamped records of all opt-in actions and comply with the Telephone Consumer Protection Act (TCPA) and all applicable laws.

3. How We Use Personal Information

We use personal information to:

  • Provide, operate, and improve our Services
  • Process transactions and manage billing
  • Communicate with you regarding Services, updates, and support
  • Deliver educational content, insights, and marketing communications (where permitted)
  • Maintain security, prevent fraud, and comply with legal obligations

We do not sell personal information.

4. Legal Bases for Processing (GDPR / UK GDPR)

Where GDPR or UK GDPR applies, Lúcida processes personal data under one or more of the following legal bases:

  • Performance of a contract
  • Legitimate interests (e.g., improving Services, security, business operations)
  • Consent (e.g., marketing communications, non-essential cookies)
  • Compliance with legal obligations

5. Cookies and Tracking Technologies

Lúcida uses cookies and similar technologies to operate and improve our website.

Cookie Categories

  • Strictly Necessary Cookies: Required for site functionality and security
  • Analytics Cookies: Help us understand site usage and performance
  • Marketing Cookies: Used to measure campaigns and deliver relevant messaging

Consent

  • EU/UK: Explicit opt-in is required for non-essential cookies
  • California: Users may opt out of data sharing; Lúcida does not sell personal data
  • Canada: Meaningful consent is required prior to non-essential cookies

You may manage or withdraw cookie consent at any time through our cookie settings.

6. Data Sharing and Disclosure

We may share personal information with:

  • Payment processors
  • Hosting and infrastructure providers
  • Email, CRM, analytics, and collaboration tools
  • AI service providers used to deliver Services
  • Contractors and team members bound by confidentiality
  • Legal or regulatory authorities where required by law

All third parties are required to process personal information in accordance with applicable data protection obligations.

6.1 SMS Data Exclusion

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

7. International Data Transfers

Personal information may be transferred to and processed in countries outside your jurisdiction, including the United States. Where required, Lúcida uses appropriate safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or equivalent legal mechanisms.

8. SMS Messaging & Compliance

This section outlines our practices and your rights regarding SMS text messaging communications.

8.1 Text Message Program Terms & Conditions

By opting into our SMS messaging services, you agree to receive text messages related to our services, including appointment reminders, customer support, and important updates.

8.2 Opt-In & Consent

  • You will only receive messages if you have explicitly opted in
  • We maintain timestamped records of all opt-in actions
  • We comply with the Telephone Consumer Protection Act (TCPA) and all applicable laws

8.3 Opt-Out Instructions

  • You can cancel SMS notifications at any time by replying “STOP” or “UNSUBSCRIBE”
  • You will receive a final confirmation message, and no further messages will be sent unless you re-opt in
  • All opt-out requests are processed immediately

8.4 Message Frequency & Content

  • Message frequency varies based on your interactions with our business. You may receive up to 4 messages per month for non-marketing communications, and up to 8 messages per month if you opt in to marketing communications
  • Messages will be directly related to the services you have requested
  • We do not send promotional content without specific consent

8.5 Help & Support

  • Reply “HELP” for assistance or contact us at connect@wearelucida.co
  • Customer support is available during regular business hours

8.6 Carrier Information

  • Standard message and data rates may apply
  • Carriers are not liable for delayed or undelivered messages
  • Supported carriers include AT&T, Verizon, T-Mobile, Sprint, and most regional carriers

8.7 SMS Data Protection Statement

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

We implement strict data protection measures to safeguard your SMS opt-in information and consent records.

9. Data Security

Lúcida implements reasonable administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, or disclosure. However, no method of transmission or storage is completely secure, and absolute security cannot be guaranteed.

10. Data Retention

We retain personal information only for as long as necessary to provide the Services, fulfill contractual obligations, and comply with legal and regulatory requirements.

Retention periods may vary depending on the nature of the data and applicable laws.

11. Your Rights

GDPR / UK GDPR

You may have the right to access, correct, or delete your personal data; restrict or object to processing; request data portability; withdraw consent at any time; and/or lodge a complaint with a supervisory authority.

CCPA / CPRA (California)

California residents may have the right to know what personal information is collected; request access, correction, or deletion; opt out of data sharing; and/or limit the use of sensitive personal information.

PIPEDA (Canada)

Canadian residents may request access to or correction of their personal information and withdraw consent, subject to legal limitations.

Requests to exercise privacy rights should be submitted using the contact details below.

12. Children’s Privacy

Lúcida’s Services are intended for individuals aged eighteen (18) and older. We do not knowingly permit individuals under eighteen to use our Services.

In accordance with applicable privacy laws, we do not knowingly collect personal information from children under thirteen (13). If we become aware that such information has been collected, we will delete it promptly.

13. Third-Party Links

Our website or Services may contain links to third-party websites. Lúcida is not responsible for the privacy practices or content of those third parties.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted with a revised “Last updated” date. Continued use of our Services after changes constitutes acceptance of the updated policy.

15. Contact Information

For questions, requests, or concerns related to privacy or data protection, please contact:

Email: support@wearelucida.co

EU and UK users also have the right to lodge complaints with their local data protection authority.