⚠️ Draft — placeholder text pending legal review. This is not legal advice and not the final agreement.

Privacy Policy

Last updated: — · Draft v0.1

1. Data controller

The data controller is [legal entity — TBD]. For privacy questions contact our DPO at privacy@lumera-ng.io.

2. Data we collect

Identity and KYC data (name, date of birth, documents, selfie), contact details, transaction and card data, and technical data (device, IP).

3. How we use your data

To provide the service, verify your identity, prevent fraud and money laundering, comply with legal obligations, and support you.

4. Legal bases (GDPR)

Contract performance, legal obligation (AML/KYC), legitimate interests (fraud prevention) and, where required, consent.

5. Sharing

We share data with licensed partner institutions (card issuer/processor), KYC providers, and authorities where legally required.

6. International transfers

Where data is transferred outside the EEA, appropriate safeguards (e.g. SCCs) are applied [TBD].

7. Retention

KYC and transaction records are retained for the period required by law (typically 5+ years).

8. Your rights

You may request access, correction, deletion, restriction, portability and object to processing, subject to legal limits.

9. Cookies

We use essential cookies and, with consent, analytics. See the cookie banner.

10. Contact

privacy@lumera-ng.io