“Ask me anything. It’s confidential.” - “The AI that respects your privacy”
Lumo is an AI assistant from Proton with a focus on confidentiality, no-logs, and zero-access encryption.
The tool supports, among other things, research, writing, translations, file analysis, coding assistance, and optional web search; in addition, there are Projects as well as integration with Proton Drive. Proton positions Lumo as a European, privacy-focused alternative to common AI chats.
Lumo
Ask me anything. It’s confidential
Origin: Switzerland ⓘ Proton AG, Route de la Galaise 32, 1228 Plan-les-Ouates, Geneva, Switzerland
Target audience
Lumo is aimed at private users, freelancers, teams, and privacy-sensitive organizations that want to use an AI assistant for research, writing, translations, file analysis, and productivity tasks without having to share their content by default for training, profiling, or log storage. The tool is particularly relevant for legal, consulting, healthcare, finance, education, and tech environments where confidential information is processed. For companies, Proton explicitly positions Lumo as a team solution with admin functions and a European data protection focus.
Outstanding features
Notable features include no logs, zero-access encrypted chat history, Ghost Mode, optional web search, analysis of uploaded files, Projects for persistent work contexts, and Proton Drive integration. Proton also emphasizes that Lumo is based on open source code, uses open models, and runs on servers controlled by Proton. Administrative control options are added for business users.
Main use cases
Lumo is suitable for everyday knowledge work: brainstorming, planning, draft writing, language revision, translations, coding help, summaries, and document review. Through Projects and Drive, it can structure recurring contexts such as mandates, client projects, academic work, or travel planning and make them usable across sessions. Proton also mentions specific business scenarios such as contract drafts, data analysis, meeting notes, and strategy work.
Usage & notes
Lumo can be used in the browser as well as via iOS and Android apps; guest access is possible without an account, with more features available through a Proton account. For reliable daily use, Plus is significantly more practical than Free. Important: Proton itself points out that Lumo may be inaccurate with current or very specific questions; results should therefore be checked. In addition, no on-prem version has been publicly verified, and current file support is not yet fully universal.
| Target audience | Assessment |
|---|---|
| Private individuals | Very suitable – for chat, writing, learning, brainstorming, summaries, and simple AI use with a strong privacy focus. |
| Privacy-conscious users | Very suitable – Lumo is explicitly positioned as a privacy-first AI assistant. |
| Self-employed / freelancers | Suitable – for non-highly sensitive writing, research, and productivity tasks when privacy is more important than maximum model variety. |
| SMEs / teams | Conditionally suitable – good for individual users, but not a classic enterprise AI platform with admin/team governance like Langdock or Mistral Team. |
| Large enterprises | Rather conditionally suitable – due to the lack of a clear enterprise admin, DPA, and integration structure for large organizations. |
| Developers / API teams | Rather not suitable – Lumo is an end-user chat assistant, not an LLM API platform. |
Hosting & Data
1) On-prem / local hosting
Meaning: The company operates the solution on its own hardware or within its own infrastructure. In the strictest sense, not only the application runs locally, but ideally the model as well.
2) Private cloud / data center
Meaning: The solution runs in a dedicated or more clearly separated cloud environment, often with a hosting provider or hyperscaler, but in a German data center or in a particularly controlled environment.
3) EU SaaS / managed
Meaning: The provider operates the solution itself as a service. The company uses the tool as a ready-made cloud service, ideally with EU data residency.
4) Hybrid
Meaning: One part of the processing remains internal / local / in a private cloud, while another part runs in an external cloud or EU SaaS.
5) AVV / DPA
Meaning: This is the data processing agreement or Data Processing Addendum. It governs that the provider processes personal data on behalf of the customer and is bound by the customer's instructions.
6) No training
Meaning: The provider does not use your prompts, uploads, attachments, chat histories, or outputs for training or improving the general model — ideally excluded by contract.
7) Open-source / transparency path
Meaning: There is a path toward greater technical transparency and sovereignty, for example through:
- open models
- documented components
- self-hostable parts
- traceable architecture
- export / switching options
| On-prem / local hosting | ❓ |
| Private cloud / data center | ⚠️ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ✅ |
Overall assessment of hosting & data:
Lumo is a managed privacy AI chat assistant from Prot
on. On-premises or private cloud hosting is not publicly documented as a standard option. Positive aspects include no logs, zero-access encryption for stored chats, no training on user chats, a European data protection framework, open-source code, and use without an account with limited access. A critical point is that Lumo is not a full-fledged enterprise AI operating system with central administration, role-based permissions, knowledge databases, or API integration.
Conclusion:
Lumo is very attractive for private individuals and privacy-conscious knowledge workers; for organizations with governance, integration, and DPA requirements, business AI platforms with enterprise contracts are better suited.
| On-prem / local hosting | ❓ |
| Private cloud / data center | ⚠️ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ✅ |
Overall assessment of hosting & data:
Lumo is a managed privacy AI chat assistant from Prot
on. On-premises or private cloud hosting is not publicly documented as a standard option. Positive aspects include no logs, zero-access encryption for stored chats, no training on user chats, a European data protection framework, open-source code, and use without an account with limited access. A critical point is that Lumo is not a full-fledged enterprise AI operating system with central administration, role-based permissions, knowledge databases, or API integration.
Conclusion:
Lumo is very attractive for private individuals and privacy-conscious knowledge workers; for organizations with governance, integration, and DPA requirements, business AI platforms with enterprise contracts are better suited.
Strengths & Weaknesses at a Glance
| Strengths | Weaknesses |
|---|---|
| • Very strong privacy positioning: no logs, no use for training, no data sharing, zero-access encryption. | • The free version is functionally limited; Plus is significantly more sensible for more intensive use. |
| • Guest use possible without an account; with an account, encrypted chat history. | • A publicly verified on-prem/self-hosting option is not available; what is publicly documented is primarily managed SaaS. |
| • Open-source app and, according to Proton, open models. | • Currently verified file types are limited to documents, spreadsheets, code, and PDFs; images/Proton Docs were most recently only announced as “coming soon.” |
| • Useful productivity features such as web search, file analysis, Projects, and Proton Drive integration. | • Proton itself points out that answers may be inaccurate for current or very specific topics. |
| • Business version for teams with admin functions. |
Reviews
0 reviews in total
There are no confirmed reviews for this tool yet.
Submit review
Deine Bewertung wird erst nach der Bestätigung per E-Mail sichtbar. Damit schützen wir das Portal vor Missbrauch.
Report review
Please select the reason why this review should be checked.
GDPR-compliant use possible?
GDPR assessment: From a GDPR perspective, Lumo is well suited for private and privacy-conscious use.
Positive is that Proton positions Lumo as a European service subject to the GDPR, which does not use chats for training purposes, keeps no logs of questions and answers, and protects stored chats with zero-access encryption. According to Proton, Lumo is also open source, making the code verifiable.
Negative is that Lumo is not primarily positioned as an enterprise platform with a publicly clearly documented DPA/AVV, tenant management, SSO, audit logs, or EU corporate governance.
Server location: Officially described as a European service; a specific data center location is not documented in detail on the official Lumo pages as a binding server region. Further link: Lumo product page, Lumo help, and Proton blog.