Privacy Policy

This Privacy Policy explains how LUMINARY INC FINANCE LTD (“Luminary”, “we”, “us”, or “our”) collects, uses, and protects your personal data when you use our UK website at luminaryinc.com/uk and the services we provide. Capitalised terms not defined here have the meanings given in the terms that apply to your account.

Luminary Inc Finance Ltd is a company incorporated in England and Wales (company number 11366159) with its registered office at 29 Finsbury Circus, London, EC2M 5SQ, United Kingdom, and is registered with the Financial Conduct Authority as a small electronic money institution (Firm Reference Number 900904). For the purposes of UK data protection law, Luminary Inc Finance Ltd is the controller of your personal data.

This Policy reflects the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as amended by the Data (Use and Access) Act 2025.

1) Who This Policy Applies To

This Policy applies to visitors to our UK website and to clients and prospective clients of Luminary Inc Finance Ltd. Where another company in the Luminary group provides a service to you, the privacy notice of that company will apply to that service.

2) The Personal Data We Collect

We collect and process the following categories of personal data:

  • Identity and contact data: name, date of birth, nationality, address, email address, telephone number, and identifiers contained in identity documents.
  • Business data: where you act for a business, your role, the details of that business, and details of its beneficial owners and authorised persons.
  • Account and transaction data: account details, IBANs, payment instructions, transaction history, and balances.
  • Verification and screening data: information collected to verify your identity and to meet our anti-money laundering, sanctions, and fraud-prevention obligations.
  • Technical and usage data: IP address, device and browser information, and information about how you use our website, collected through cookies and similar technologies as described in our Cookie Policy.
  • Communications data: records of your contact with us, including support enquiries and correspondence.

3) How We Collect Your Personal Data

  • Directly: directly from you, when you visit our website, apply for an account, or contact us;
  • Automatically: through cookies and similar technologies (see our Cookie Policy);
  • From third parties: from identity verification and screening providers, payment and banking partners, and publicly available sources, where this is necessary to provide our services and meet our legal obligations.

4) How We Use Your Personal Data and Our Legal Bases

We use your personal data only where the law allows. The legal bases we rely on are:

  • Performance of a contract: to set up and operate your account and to provide payment and electronic money services.
  • Compliance with a legal obligation: to meet our obligations under the Electronic Money Regulations 2011, the Payment Services Regulations 2017, the Money Laundering Regulations 2017, and related financial crime, sanctions, and reporting requirements.
  • Legitimate interests: to operate, secure, and improve our website and services, to prevent fraud, and to manage our business, provided your interests and rights do not override those interests.
  • Consent: for non-essential cookies and for any direct marketing where consent is required. You may withdraw your consent at any time.

5) Marketing

Where we send you marketing, we do so in accordance with applicable law and, where required, with your consent. You can opt out of marketing at any time using the unsubscribe link in our communications or by contacting us.

6) Who We Share Your Personal Data With

We may share your personal data with:

  • other companies within the Luminary group, where necessary to provide our services and operate our business;
  • service providers who process data on our behalf, including identity verification, screening, technology, hosting, and customer support providers, under written agreements that require them to protect your data;
  • banking, payment, and card partners, where necessary to execute payments and provide your account;
  • regulators, law enforcement, and other authorities, where we are required or permitted to disclose data by law; and
  • professional advisers and, in the context of a corporate transaction, prospective buyers or investors, subject to appropriate confidentiality protections.

7) International Transfers

Where we transfer your personal data outside the United Kingdom, we ensure an appropriate safeguard is in place, such as a UK adequacy decision or the International Data Transfer Agreement (or the UK Addendum to the EU Standard Contractual Clauses), so that your data continues to receive an equivalent level of protection.

8) How Long We Keep Your Personal Data

We keep your personal data only for as long as necessary for the purposes set out in this Policy. Where we are subject to legal obligations, including anti-money laundering record-keeping, we retain certain records for at least five years after the end of our relationship with you, and longer where the law requires or where we need the records to establish, exercise, or defend legal claims.

9) How We Protect Your Personal Data

We use appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. Access to personal data is limited to those who need it to perform their role.

10) Your Rights

Under UK data protection law, you have the right to access your personal data; to have inaccurate data corrected; to have your data erased in certain circumstances; to restrict or object to certain processing; to receive your data in a portable format; and to withdraw consent where we rely on it. To exercise any of these rights, please contact our Data Protection Officer using the details below. We will respond within the time limits set by law. Some rights are subject to conditions and exemptions, including where we are required to retain data to meet our legal obligations.

11) Automated Decision-Making

We may use automated tools to screen for fraud, money laundering, and sanctions risk. Where we carry out a solely automated decision that has a legal or similarly significant effect on you, we do so only where permitted by law and with appropriate safeguards, including the right to request human intervention and to contest the decision.

12) Cookies

Our website uses cookies and similar technologies. Please see our Cookie Policy for full details.

13) Changes to This Policy

We may update this Policy from time to time. The current version will always be published on our website, with the effective date shown above.

14) Contact and Complaints

If you have any questions about this Policy or wish to exercise your rights, please contact:

Luminary Inc Finance Ltd

Company number 11366159

29 Finsbury Circus, London, EC2M 5SQ, United Kingdom

Data Protection Officer: dpo@luminaryinc.com

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at https://ico.org.uk. We would ask that you contact us first so that we can try to resolve your concern.