Built for finance teams who need receipts.
A plain-language overview of the data controls, tenant isolation model, audit trail, and compliance work finance and security teams should review before a pilot.
- No card migration
- Read-only access
- Refundable or credited
- SOC 2 Type II in progress
Compliance posture
SOC 2 Type II work is in progress, and GDPR readiness is on the roadmap. We do not claim certifications that have not been completed.
Multi-tenant architecture
Lumora is designed around tenant-scoped application access, tenant-aware service boundaries, and database-level isolation for canonical finance data.
Tenant isolation primitives
Access patterns are scoped by tenant, service role, and user context. Sensitive administrative actions are designed to require explicit authorization and reviewable audit trails.
Audit logs and decision trail
Authorization decisions, policy changes, and sensitive actions are captured as reviewable events so finance and security teams can understand what happened and why.
Data residency and retention
Default deployment is US-hosted. Enterprise data residency and retention requirements are reviewed during security and implementation planning.
Opt-in shared fraud graph
You opt in or you do not. When you opt in, only k-anonymized vendor aggregates leave your tenant. Never raw transactions. Never user identifiers. Never amounts. The graph improves detection for everyone who participates.
Common questions
Security questions finance and IT teams ask
These answers are visible on the page and mirrored in FAQ structured data for accurate search summaries.
How does Lumora isolate customer data?
Does Lumora train shared models on customer data?
Can security teams review Lumora before a pilot?
Want a security review?
We will walk your security and compliance team through architecture, data flows, and incident response. Bring your hardest questions.
- No card migration
- Read-only access
- Refundable or credited
- SOC 2 Type II in progress