Legal

Privacy Policy

Last updated: 11 April 2026 · Effective: 11 April 2026 · Lunar Network SH.P.K., Pristina, Kosovo

Summary: We collect only the data necessary to provide our services. We do not sell your personal data to third parties. LunarSense technology collects no personally identifiable information. You have full rights over your data under GDPR.

Who We Are
Data We Collect
How We Use Your Data
Legal Basis for Processing
Data Sharing
Data Retention
Your Rights (GDPR)
LunarSense & Privacy
Cookies
Security
Contact Us

1. Who We Are

Lunar Network ("we", "us", "our") is an IT services company registered in Kosovo, providing IT support, networking infrastructure, web development, cloud solutions, and the LunarSense RF sensing product.

Data Controller: Lunar Network
Address: Pristina, Kosovo
Email: info@lunar-ks.com
Website: https://lunar-ks.com

2. Data We Collect

2.1 Account & Portal Data

When you register for or use our client portal, we collect:

Full name and email address
Company name (optional)
Password (stored as a bcrypt hash — we never store plaintext passwords)
Service plan selected
Support ticket content you submit
Session activity logs (login times, actions taken)

2.2 Consultation Requests

When you submit a consultation or demo request via our website, we collect: name, email, company, phone number (if provided), and the content of your message.

2.3 Technical Data (Automatically Collected)

Our server logs collect IP addresses, browser type, referring URL, and pages accessed. This data is used for security monitoring and is not linked to your profile.

2.4 LunarSense Sensing Data

LunarSense collects WiFi channel state information (CSI) metrics — signal variance and frequency amplitudes. This data contains no personal identifiers whatsoever. It cannot be used to identify any individual. See Section 8 for full details.

3. How We Use Your Data

To provide, operate, and support the services you have purchased or enquired about
To send transactional emails (account creation, ticket updates, security alerts)
To respond to consultation and demo requests
To improve our services and detect/prevent fraud or abuse
To comply with legal obligations

We do not use your data for profiling, targeted advertising, or automated decision-making that produces legal effects.

4. Legal Basis for Processing

Contract (Art. 6(1)(b) GDPR): Processing necessary to deliver the services you have contracted with us
Legitimate interests (Art. 6(1)(f) GDPR): Security monitoring, fraud prevention, improving our services
Legal obligation (Art. 6(1)(c) GDPR): Where we are required to retain or disclose data by law
Consent (Art. 6(1)(a) GDPR): For any optional communications (e.g. marketing emails, if we introduce them). You may withdraw consent at any time.

5. Data Sharing

We do not sell, rent, or trade personal data. We share data only in these limited circumstances:

Service delivery: Our hosting provider (Hostinger) stores data on servers in accordance with their data processing agreement
Email delivery: Transactional emails are sent via Zoho Mail (EU data centres)
Legal requirements: Where required by applicable law, court order, or regulatory authority

All third-party processors are contractually bound to process data only as instructed and in compliance with GDPR.

6. Data Retention

Active client accounts: Retained for the duration of the contractual relationship plus 3 years
Support tickets: Retained for 3 years from closure
Consultation requests: Retained for 12 months if no engagement results
Server logs: Retained for 90 days
LunarSense sensing data: Retained for the duration of the service contract. Deleted within 30 days of contract termination.

7. Your Rights Under GDPR

If you are located in the EU/EEA or Kosovo (which applies GDPR-equivalent legislation), you have the following rights:

Right of access (Art. 15): Request a copy of all personal data we hold about you
Right to rectification (Art. 16): Correct inaccurate or incomplete data
Right to erasure (Art. 17): Request deletion of your personal data (subject to legal retention obligations)
Right to restrict processing (Art. 18): Limit how we use your data in certain circumstances
Right to data portability (Art. 20): Receive your data in a structured, machine-readable format
Right to object (Art. 21): Object to processing based on legitimate interests
Right to withdraw consent: Where processing is based on consent, withdraw it at any time

To exercise any of these rights, email info@lunar-ks.com. We will respond within 30 days.

8. LunarSense & Privacy

LunarSense does not collect personal data. The system measures WiFi signal properties (channel state information) — numerical values representing how radio waves travel through space. These measurements cannot identify, profile, or be attributed to any specific individual.

LunarSense sensing data consists of:

Signal variance values (floating point numbers)
Frequency amplitude readings at specific Hz bands
Derived occupancy counts (e.g. "2 people detected")
Estimated vital sign ranges (e.g. "breathing: 16/min")

None of this data constitutes personal data as defined by GDPR Article 4(1). No individual can be identified, singled out, or linked to LunarSense readings. No biometric data (as defined by GDPR Article 9) is processed. Accordingly, LunarSense deployments do not require a Data Protection Impact Assessment (DPIA) solely on the basis of the sensing technology, though customers are advised to assess their overall deployment context.

Clients deploying LunarSense in workplaces are responsible for notifying their staff or visitors that RF sensing technology is in use, as a matter of transparency best practice (and in some jurisdictions, as a legal requirement under employment law).

9. Cookies

Our client portal uses one session cookie (a secure, HTTP-only cookie) to maintain your authenticated session. This cookie contains no personal information — only an encrypted session identifier. It expires when you log out or after 7 days of inactivity.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies on our portal. Our public website (lunar-ks.com) does not currently deploy any third-party tracking.

10. Security

We implement the following technical and organisational measures to protect your data:

HTTPS (TLS 1.2+) for all data in transit
bcrypt password hashing (cost factor 10)
Session tokens stored in HTTP-only, secure cookies
Server access restricted by IP and key-based authentication
Regular security patching of server software

In the event of a data breach affecting your personal data, we will notify you and the relevant supervisory authority within 72 hours of becoming aware, as required by GDPR Article 33.

11. Contact Us

For any privacy-related questions, data subject requests, or concerns:

Email: info@lunar-ks.com
Subject line: "Privacy Request — [your name]"
Response time: Within 30 calendar days

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection supervisory authority in your country of residence.