Skip to content
Luster
Community
PricingRoadmap
Log in
CommunityPricingRoadmap
Log in

Privacy Policy

Plain-English summary: Your collection records are yours. Your data and photos are private by default unless you explicitly share them. You can export your data and delete items or your entire account whenever you want.

Last updated: March 25, 2026

1. Who We Are

Luster ("we," "us," "our") is a precious metals collection management platform operated by Two Pizzas LLC. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and services at lusterapp.com.

2. Information We Collect

Account Information

When you create an account, we collect your email address and display name through our authentication provider, Clerk. We do not store passwords — authentication is handled entirely by Clerk.

Collection Data

You provide information about your precious metals collection, including item descriptions, purchase details, photos, notes, storage locations, and valuations. This data is stored in our database hosted by Convex.

Photos

Photos you upload are stored using Cloudflare R2 storage. Photos are private by default and only shared when you explicitly create a public showcase link.

Usage Data

We collect standard web analytics data including pages visited, browser type, and device information to improve the service.

Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from minors. If we learn we have collected data from someone under 18, we will delete it promptly.

3. How We Use Your Information

  • To provide, maintain, and improve the Luster platform
  • To process your collection records and calculate valuations using live spot prices from metals.dev
  • To power AI features (identification, research, enrichment) using Anthropic's Claude API — your item data is sent to Anthropic for processing but is not used to train their models
  • To process payments through Clerk Billing (powered by Stripe) if you subscribe to a paid plan
  • To send transactional emails related to your account
  • To respond to support requests

4. Third-Party Services

Clerk

Authentication and user management. Collects email, name, and session data. See Clerk's Privacy Policy.

Convex

Real-time database hosting. Stores your collection data. See Convex's Privacy Policy.

Vercel

Application hosting. See Vercel's Privacy Policy.

Cloudflare

Photo and file storage (Cloudflare R2). See Cloudflare's Privacy Policy.

Anthropic

AI features (item identification, research agents). Item data is sent for processing but not used for model training. See Anthropic's Privacy Policy.

Stripe (via Clerk Billing)

Payment processing for paid subscriptions. We do not store credit card numbers. See Stripe's Privacy Policy.

metals.dev

Live precious metals spot price data. No personal data is shared with this service.

5. Data Storage and Security

Your data is stored on servers in the United States. We use industry-standard security measures including encryption in transit (TLS), secure authentication via Clerk, and access controls on our database. Collection data is private by default — nothing is publicly visible unless you explicitly choose to share it.

6. Data Retention and Deletion

We retain your data for as long as your account is active. You can export all your data at any time as JSON or CSV. You can delete individual items or your entire account. When you delete your account, all associated data is permanently removed from our systems within 30 days.

7. Your Rights

  • Access: You can view and export all your collection data at any time
  • Correction: You can edit any record in your collection
  • Deletion: You can delete individual items or your entire account
  • Portability: Export your full collection as JSON or CSV

8. We Do Not Sell Your Data

We do not sell, rent, or share your personal information or collection data with third parties for marketing purposes. As defined by the California Consumer Privacy Act (CCPA), we do not "sell" or "share" your personal information. Your collection is yours.

9. Cookies

We use only functional cookies necessary for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

10. For European Users

If you are located in the European Economic Area (EEA) or United Kingdom, our legal basis for processing your data is: contract performance (collection management features), legitimate interest (service improvement and analytics), and your consent (AI features that send data to Anthropic). You have the right to access, rectify, erase, restrict processing, and port your data, as well as the right to object to processing and lodge a complaint with your local supervisory authority. Data is transferred to and processed in the United States.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date.

12. Contact

If you have questions about this Privacy Policy, please contact us at andrey@twopizzas.dev.

LUSTER
PricingPrivacyTermsContact

© 2026 Luster. All rights reserved.