Privacy Policy

Our Contact Details

  • Name: LUMINARY ECOSYSTEM LTD (“us”, “we”, or “our”)
  • Address: 29 Finsbury Circus, London, United Kingdom, EC2M 5SQ
  • DPO Email: dpo@luminaryinc.com

Introduction

We own and operate the website at https://www.luminaryinc.com/ (the “Website”). We collect and process certain personal data in order to provide you with our services via the Website (the “Services”).

This Privacy Policy explains:

  • what personal data we collect and why,
  • how we use and disclose it, and
  • the choices and rights you have.

We process personal data in line with the GDPR (Regulation (EU) 2016/679), UK GDPR (2021), and the Data Protection Act 2018 (DPA).

By using the Services, you agree to the collection and use of information in accordance with this Policy. Terms not defined here have the meanings given in our Terms & Conditions.

Scope & Important Notices

Children

Our Services are not directed to anyone under 18 (“Children”). We do not knowingly collect personal data from anyone under 18. If you are a parent/guardian and believe your child has provided us personal data, please contact us. If we learn that we collected such data without verified consent, we will delete it.

Third-party Links

Our Services may contain links to third-party sites. Please review the privacy policy of every site you visit. We are not responsible for the content, privacy policies, or practices of any third-party sites or services.

Usage Data & Cookies

We may collect information about how the Services are accessed and used (“Usage Data”), including IP address, browser type/version, pages visited, time/date of visit, time on pages, device identifiers, and diagnostics.

For cookies, please see our Cookie Policy.

The Type of Personal Information We Collect

We collect and process different types of information to provide and improve our Services. This may include (but is not limited to):

  • First name and surname
  • Place and date of birth
  • Tax residency (taxpayer number and country)
  • Email address and telephone number
  • Address
  • Data from identity documents (including personal ID number)
  • Information on the source of income
  • Other personal information (e.g., telephone recordings, security questions, user ID)
  • Login credentials and related data
  • Biometric data (during verification)
  • Responses to requests and surveys
  • Financial information, including bank accounts and details of transactions (including transaction data from partners listed on our Website)

How We Get Personal Information & Why We Have It

Most personal data is provided directly by you so that we can:

  • provide and maintain the Services;
  • verify your identity;
  • notify you about changes to the Services;
  • enable interactive features you choose to use;
  • provide customer care and support;
  • perform analytics to improve the Services;
  • monitor usage of the Services;
  • detect, prevent, and address technical issues;
  • comply with legal obligations related to fraud, anti-money laundering, counter-terrorist financing, and misuse of the Services;
  • respond to law-enforcement requests and investigations.

Use of Personal Information

We use your personal data for (including but not limited to):

  • Providing the Services (including account setup and administration)
  • Personalising content, business information, and user experience
  • Delivering marketing and events communications
  • Conducting polls and surveys
  • Internal research and development
  • Fulfilling legal obligations (e.g., fraud prevention)
  • Meeting internal audit requirements

Transfer & Disclosure of Information

International Transfers

Your information may be transferred to and maintained outside your state, province, or country where data protection laws may differ. If you are outside the UK and choose to provide information to us, we may process it outside the UK. We take reasonable steps to ensure appropriate safeguards are in place before any transfer.

Your consent to this Policy followed by your submission of information represents your agreement to such transfers.

Disclosures

We may disclose personal data in good faith to:

  • comply with a legal obligation;
  • protect and defend our rights or property;
  • prevent or investigate possible wrongdoing in connection with the Services;
  • protect the safety of users or the public;
  • protect against legal liability.

Partners & Controllers

Customers who open accounts through our Website will continue to access services via the Website; however, issuance of electronic money and/or payment services may be provided by our business partners listed on the Website. These partners may access and process your personal data (e.g., transaction details, card information, login credentials, communications).

For Services provided with our business partners:

  • We may act as data processor;
  • Partners may act as data controllers.

Your data will be processed according to our partners’ privacy policies available on their websites.

Analytics

We may use third-party providers (e.g., Google Analytics) to monitor and analyse the use of our Services. Google may use collected data for its own advertising network. You can opt out via the Google Analytics opt-out browser add-on.

Grounds for Processing Personal Data

Under GDPR/UK GDPR, our lawful bases include:

  • Consent (you can withdraw at any time)
  • Contractual necessity
  • Legal obligation
  • Legitimate interests

How We Store Your Personal Information

  • We use trusted cloud and data-storage providers.
  • Access is role-based and limited to employees who need it.
  • Where possible, we apply encryption.
  • While we strive to protect your data, no method of transmission or storage is 100% secure.

We may use third parties to help provide the Services. They may only access your personal data to perform tasks on our behalf and are obligated not to disclose or use it for other purposes.

Retention:
We keep personal data no more than 5 years from either (a) account opening rejection or (b) termination of the business relationship, unless a longer period is required by law (e.g., AML, claims, litigation). We then delete data from our servers except where retention is legally required.

Your Data Protection Rights

You have the right to:

  • Access – request copies of your personal information.
  • Rectification – request corrections to inaccurate or incomplete data.
  • Erasure – request deletion in certain circumstances (close account).
  • Restriction – request limits on processing in certain circumstances.
  • Data portability – request transfer of your data to another organisation or to you.

We will respond within one month. You won’t be charged for exercising your rights. Please contact us to make a request.

How to Complain

If you have concerns about our use of your personal information, email support@luminaryinc.com.

You can also complain to the UK Information Commissioner’s Office (ICO):
Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF, UK
Helpline: 0303 123 1113
Website: https://www.ico.org.uk

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will provide appropriate notice (e.g., on the Website or by email). Please review this Policy periodically. Changes are effective when posted on the Website.

For questions, contact our DPO at dpo@luminaryinc.com or support at support@luminaryinc.com.