Lumigo Copilot Data Protection

Overview

Lumigo offers Copilot as a feature to enhance developer productivity, which by necessity means Copilot will have access to some of your data. However, we also ensure your data is not used to train Copilot or any other LLMs and is not kept for use by anyone but you.

We only use models that are hosted on cloud providers, and ensure the models do not use any of the data to train themselves.

Data Sharing

When you use our Copilot feature, we use your data the same way as in any of our other features to enable its functionality. The only data shared outside of Lumigo is with the LLM models at Google Cloud Platform (GCP) and Amazon Web Services (AWS). This includes:

  • Data and metadata from connectors: Data that is collected by Lumigo's connectors, such as telemetry, issues, traces, and logs.
  • Source code: Your code is only sent when you choose to integrate with code repositories (optional).


No other third parties have access to this data. The only external providers involved are GCP and AWS, which host the foundational models. Neither of them save your data, and it is not used to train any models.

Encryption & Compliance

We also ensure that data protection is enforced at all stages of handling:

Encryption in transit: All communication between Lumigo and users is secured using Transport Layer Security (TLS 1.2).

Encryption at rest: All stored data is encrypted using AES-256.

Compliance: Data practices undergo legal review to ensure adherence to GDPR and other regulatory standards. We also maintain compliance with SOC 2, to ensure our privacy controls and confidentiality are audited on the regular and meet industry standards.

We only retain your data for as long as it is functionally needed, and never repurpose it or use it for model training.