PRIVACY POLICY

LUMINARY INC FINANCE LTD (hereinafter referred to as “LUMINARY FINANCE”, “we”, “us”, “our”) takes your privacy very seriously. We are committed to

  • Keeping your personal data private and secure
  • Giving our customers choices in relation to how we handle their personal data
  • Never selling your personal information

 

About Us

Our Contact Details

Post address:

14-16 Dowgate Hill, Dowgate Hill House, London, England, EC4R 2SU

Email:

General Inquiries: dpo@luminaryinc.com
Data processing inquiries: dpo@luminaryinc.com

LUMINARY FINANCE, as part of providing our services to you, will be responsible for processing your personal data – as such we will be designated as the ‘controller’ of your personal data.

1. Why do you need to read this notice?

LUMINARY FINANCE collects your personal data when you visit our website or use our services. We classify your personal data as any information that can be used to personally identify you, such as your passport. Additionally, some information can be combined to identify you, such as your name and home address – we also classify this as personal data. Your data is your property, so it is important to understand why companies collect it, how they use it and what your rights are. This notice is intended to help you understand the relationship between LUMINARY FINANCE and your personal data.

If, when you have read this notice, you have concerns about how LUMINARY FINANCE use your personal data, please e-mail dpo@luminaryinc.com.

2. What personal data do we collect?

Information that you give us freely

For example, this is given when you register for an account with us and will include (but is not limited to) your name, email address and telephone number. Throughout the account opening phase, we will also require you to provide additional identifying documentation which may include (but is not limited to) a copy of your passport and/or utility bills.

The following list describes the personal information that we typically collect (however it is not exhaustive):

  • Your name, address and date of birth
  • Your e-mail address, telephone number and details of the device that you will use to access our services (e.g laptop, phone, tablet)
  • Your LUMINARY FINANCE username (this is automatically assigned to you when you register with us)
  • Your registration information
  • Details of your bank account, including the account number, sort code and IBAN
  • Copies of your identification documents (e.g passport, driving licence)
  • Your country of residence, tax residency information and tax identification number
  • Correspondence records if you contact us or we contact you (including recording phone calls)
  • Your image, either in the form of a photograph or video, where necessary as part of our Know Your Customer (KYC) checks
  • Information about other people (such as your partner or a family member) as part of our enhanced due diligence process (this is not applied to every customer)
Information we collect when you use our products or services

We collect certain pieces of information about you whenever you use our customer platform or visit our website in order for us to provide a better customer experience. The information is usually stored in the form of a cookie – to see what cookies we use, how and why, click here.

The following list describes the personal information that we typically collect (however it is not exhaustive):

Technical Information
  • The internet protocol (IP) address used to connect your computer to the internet
  • Your login information
  • The type of browser you are using (and what version of that browser)
  • The time zone that your device is using
  • The operating system and platform (e.g iOS, Windows, Android, etc)
  • The type of device you are using
  • Any identifier unique to the device you are using (e.g your device’s IMEI number, the mobile phone number assigned to the device, etc)
  • Mobile network information
  • The mobile operating system
  • The type of mobile browser you are using
User behaviour information
  • Links that you click on within and through our website (including the date and time)
  • Products or services that you searched for or viewed
  • Page response times
  • Download errors
  • The length of time spent on each page
  • Page interaction information (such as scrolls or clicks)
  • Methods used to browse away from our site
  • Transaction information, including the date, time, amount, currencies, exchange rate, beneficiary details, the IP address of the sender and receiver, sender and receiver’s name and registration information, messages sent or received, details of the device used to make the payment and the payment method.
Information collected from third parties

We may in some cases seek out information about you from other organisations such as fraud prevention agencies or vendors that help us to provide our services

The following list describes the personal information that we typically collect (however it is not exhaustive):

  • Additional identity checks
  • Information relating to transactions
  • Information about your partner or family members (in the case of screening against sanctions lists)
Information from social media

In rare circumstances, we will collect information about you via your social media presence. This will be part of our enhanced due diligence (EDD) process.

Publicly available information

We will occasionally collect information about you from sources that are available to everyone, for instance, media stories, online registers and/or directories, and websites as part of our EDD process.

3. What gives LUMINARY FINANCE the right to process your personal data?

For LUMINARY FINANCE to be able to process your data, we must first justify our reasons for doing so within the regulatory framework outlined by the Information Commissioner’s Office (ICO) – this is known as a lawful basis for processing. The ICO provides several lawful bases that a company can use, however, we will highlight only the ones that we apply to our customers’ data (see below). For more information on the various lawful bases please visit the ICO’s website www.ico.org.uk.

Contractual

For us to provide our services to you it is necessary for LUMINARY FINANCE to collect and store certain pieces of personal information – we simply cannot fulfil our function without them. For example, when opening an account with us, we must collect certain identifying data about you so that we know which account is yours.

Legal

As part of the financial services industry, we have several legal obligations as defined by the 6 EU Anti-Money Laundering Directives. Some of these obligations require us to collect and store personal information about our customers. For example, we are required to hold your transaction data for an extended period, so that in the event of an investigation into potential money laundering, law enforcement agencies can recreate the flow of money.

Legitimate Interests

LUMINARY FINANCE has the right to collect your personal information if it is in our business interest to do so – with the important caveat that our rights can never be put before the rights of our customers. For instance, LUMINARY FINANCE has the right to protect itself from fraud and money laundering schemes. In order for us to achieve this we need to collect certain pieces of personal information from our customers, such as photographic identification.

Consent

In some cases, we will ask you for your permission to process your personal data, which you can indicate by ticking the appropriate boxes within the privacy notice that appears when you first visit our website. Whenever you are asked for your consent, we will make sure to explain exactly what it is you are consenting to in a clear and concise manner. You can of course remove your consent at any time by clicking here.

4. How LUMINARY FINANCE use your personal data

Below you can see a further breakdown of what we use your personal data for. For each example, we have included the ‘lawful basis for processing’ that it falls under in bold. For more information on the lawful bases that we apply, please see section 3 of this privacy notice.

Providing our services

When you register with us for the first time or use any of our products, we will use your personal data to:

  • Verify your identity as part of our KYC process (contractual, legal, legitimate interest, consent)
  • Approve or decline your account application (legal, legitimate interest)
  • Providing you with account summaries and details of how you use your account (contractual, legitimate interest)
  • Account settlement and segregation (contractual, legal, legitimate interest)
  • Exercise any rights we have under our contract with you (legitimate interest)
  • Provide customer support services (contractual, legitimate interest, consent)
To guarantee the quality of our services

As you use our website and access the services it provides, we will use your personal data to:

  • Conduct analysis of our customers’ behaviours when using our products (legal, legitimate interest)
  • Test any changes we may have made to the website or our products (contractual, legal, legitimate interest)
  • Troubleshoot any issues with our website or products (contractual, legitimate interest)
  • Ensure that the features of our website are as accessible and presented as effectively as possible (contractual, legitimate interest)
  • Allow you to interact with features contained within our website (contractual, legitimate interest)
  • Tell you about any changes to our website or services (contractual, legitimate interest)
  • Verify your identity when you speak to our customer services team (contractual, legitimate interest)
Protecting against fraud and money laundering

To help us comply with local legislature and regulatory obligations, as well as to protect ourselves and our customers from fraud and money laundering schemes, we use your personal data to:

  • Confirm your eligibility when you apply for an account (legal, legitimate interest)
  • Verify your identity (legal, legitimate interest)
  • Build a clear picture of your expected account activity (legitimate interest)
  • Share with other organisations such as law enforcement authorities, government authorities, tax authorities, fraud prevention agencies, etc (legal, legitimate interest)
  • Comply with legal or regulatory requirements (legal, legitimate interest)
  • Aid with investigations conducted by law enforcement or regulatory agencies (legal, legitimate interest)
  • Help in the detection and prevention of financial crime (legal, legitimate interest)

5. Does LUMINARY FINANCE use automated decision-making tools?

In some cases, we use third-party services to aid in our business operations. They primarily help us to streamline our customer onboarding and transaction monitoring procedures by providing a limited range of automated decision-making. For example:

  • The authenticity of your identification document (e.g. passport, driving licence) is checked and verified via third-party software. If the software is unable to verify the i.d then the account application will be automatically declined
  • Your address is checked via the same process and follows the same decision-making procedure
  • We use third-party software to check your identity against sanctions and politically exposed persons (PEP) lists. If you are on a sanction list or are a PEP, then the account application will automatically be declined

Where we use automated decision-making tools to make a decision about you, you can request instead that we complete the process manually. We cover your rights in more detail below.

6. Our customers’ rights

As customers of LUMINARY FINANCE, or ‘data subjects,’ you have a number of rights that you can exercise concerning how we process your personal data (as per UK GDPR). The information below details what your rights are and the measures we put in place to help you exercise them.

The Right to Information

First and foremost, you have the right to be informed as to how and why we process your personal data, as such we provide this privacy notice to all our customers.

The Right to Access

You have the right to obtain a copy of all the personal data that we have collected about you, with the following exceptions:

  • We cannot provide you with personal data relating to other people
  • We cannot provide personal data that is linked to an ongoing criminal or fraud investigation
  • We cannot provide personal data related to settlement negotiations we may have with you
  • We cannot provide details of any communication we may have had with legal advisors
The Right to Rectification

If you believe that the personal data, we have collected about you is inaccurate (e.g. your name is misspelt) then you can request that we amend it. In some cases, we may ask you to verify the new information or we may verify it ourselves.

The Right to Erasure

In certain instances, you will have the right to request that we delete some or all of the personal data that we have collected about you. For example:

  • If you feel we have no legitimate reason to continue using your personal data
  • You have withdrawn your consent
  • You have made an objection (see below) to us using your personal data that we have sustained
  • You believe we have used your personal data unlawfully
  • Deletion of your personal data is required by law

We may not be able to agree to your request. As an FCA-regulated financial services provider there are circumstances where we are required to keep your personal data (e.g. information about transactions you make into or out of your account with us). If we cannot delete your data, then LUMINARY FINANCE will always inform you and provide the reasons why.

The Right to Object

As detailed earlier, LUMINARY FINANCE has the right to collect and process your personal data if it falls under our legitimate interests (see Section 3). You have the right to challenge whether processing your personal data is in our legitimate interests.

The Right to Restriction of Processing

You have the right to request that we limit the way we process your data or suspend its use. Examples of when you would wish to do this are:

  • You want us to check the personal data we have for you for accuracy
  • You believe our processing of your data to be unlawful, but you do not wish us to delete it
  • You wish us to retain your personal information in connection to a legal proceeding
  • You have raised an objection regarding our legitimate interests, and we need to retain your personal data while we investigate
The Right to Portability

You can request that LUMINARY FINANCE send your personal data to a third party. If our regulatory guidelines allow, we will transfer your personal data to the specified third party in a universal, machine-readable format.

The Right to Avoid Automated Decision-Making

As outlined in Section 5, LUMINARY FINANCE uses automated decision-making tools to process certain elements of your personal data, such as I.D. verification. If this decision has or would have a significant negative impact on you then you can request that we review the decision manually.

You can exercise these rights at any time by contacting us at

dpo@luminaryinc.com

It is important to note that we are not automatically required to comply with any requests that you may make, where the request may unduly contradict our legitimate interests or breach our regulatory or legal obligations.
  • For security reasons, we may ask you to provide proof of your identity before we process your request.
  • If a third party is exercising your rights on your behalf (e.g. your legal counsel), we may require proof that they have the necessary authority to act in your interests.
  • When exercising your rights or making a request, LUMINARY FINANCE is given a period of up to one month to respond and/or comply. However, we will endeavour, at all times, to process your data subject access requests (DSARs) as quickly and efficiently as possible.
  • If you are unhappy with how we handle your DSARs, you can contact the Information Commissioner’s Office (ICO) via their website – www.ico.org.uk

7. Does LUMINARY FINANCE share your data with third parties?

In some cases, it is necessary for LUMINARY FINANCE to share your personal data with other people or companies. Details of who we share your data with and why are listed below:

Third parties that you transfer money to

When you send money from your LUMINARY FINANCE account, we will provide the recipient with some of your personal information, such as your name and International Bank Account Number (IBAN). We have a legal requirement to include certain information about you on all transactions, as this helps authorities to combat the effects of fraud, money laundering and the financing of terrorism.

Third parties that transfer money to you

Similar to the above example, when you receive a payment into your LUMINARY FINANCE account, we will provide the sender with some of your personal data, such as your name and IBAN, to satisfy our legal requirements.

IT Suppliers

We rely on software providers to develop and maintain the customer platform that you use to manage your LUMINARY FINANCE account. To ensure that our platform continues to operate at the highest level, we need to share data sets with them that can sometimes include your personal information. Also, if your account develops a technical issue within the platform, we will need to provide our IT suppliers with information such as your name and account number so that they can resolve the issue.

LUMINARY FINANCE ’s banking and financial services partners

We rely on third-party financial institutions to help us facilitate payments and the safeguarding of client funds. It is therefore necessary for LUMINARY FINANCE to provide certain identifying information about our customers to ensure that your money is where it needs to be.

Communications service providers

LUMINARY FINANCE uses third parties to facilitate our communications with you, such as email and telephone service providers. In some instances, we will need to share your personal data, such as your e-mail address, with them.

Legal Authorities

We may also be required to share your personal information with a third party if they have the legal authority to make us do so. Examples of these third parties could include (but are not limited to) government authorities, law enforcement agencies, tax authorities, fraud prevention agencies, etc.

Third parties who you have explicitly asked to share your information with

Sometimes you may ask us to share your personal information with another person or company, for example, if you have authorised a third party, such as a solicitor, accountant, or family member with power of attorney, to act on your behalf.

8. Will your personal data go outside of the UK or the European Economic Area (EEA)?

Because the services that LUMINARY FINANCE provide to our customers are international, we may at times be required to transfer your personal data outside of the UK or EEA, for instance, if you wish to send money to a recipient based outside of those jurisdictions. When we do this, we will ensure that your data is sufficiently protected by putting in place contracts with third parties that include strict data protection safeguards. Where appropriate, you can request a copy of a contract by e-mailing us at dpo@luminaryinc.com.

9. How is your personal data protected?

LUMINARY FINANCE places the utmost importance on making sure that your personal data is always kept safe and secure, whether in transit or storage, using numerous electronic and physical means:

  • We use the HTTP Secure communication protocol to encrypt your data when in transit
  • We place strict limits on access rights so that your data can only be processed by the people who need to
  • Our staff members receive annual data protection and information security training
  • We have an extensive policy suite that outlines to our staff members how they should handle your data in accordance with LUMINARY FINANCE’s commitments
  • We apply 2-factor authentication whenever you log in to your account. To clarify, you will be required to enter your username, password and a code that we send via text to the mobile phone number you register with us when you create your account. This makes it substantially harder for criminals to gain access to your account

The above list references just some of the ways we protect your data, for more information you can contact us at dpo@luminaryinc.com.

10. For how long will LUMINARY INC FINANCE LTD keep your personal data?

In general, we will store your personal data for as long as you remain our customer, plus another 6 years after account closure, as well as the remainder of the subsequent financial year (sometimes referred to as the 6+1 rule). This is to comply with UK and EU financial crime regulations.

11. How will LUMINARY FINANCE notify you if anything changes?

If we make any changes to the way that we process our customers’ personal information, we will update this notice and, where required, contact you via e-mail or via a notification on your account.

12. Does LUMINARY FINANCE use cookies?

We use cookies for a variety of reasons, from ensuring that our website remembers your language preferences to helping us protect you from fraud. Our Cookies Policy will provide you with everything you need to know, including how you can set your own cookie preferences.

13. Who is the Luminary Data Protection Officer?

Ametros Group Ltd
Lakeside Offices, Thorn Business Park
Rotherwas Industrial Estate
Hereford
Herefordshire
England
HR2 6JT

0330 223 2246
dpo@luminaryinc.com
www.ametrosgroup.com

COMETA PAY LTD.
Registered office:

Dowgate Hill House
14-16 Dowgate Hill
London
EC4R 2SU
United Kingdom

Company No.11366159

Registered with the FCA as Small EMI, License No.900904

*Customers’ funds are protected through safeguarding and the protection of FSCS does not apply.

Services available on this Website might be offered and provided by different entities as the case may be. Customers that, via this Website, have requested electronic money issuance and/or payment services and have been assigned with the account number in the format of GBXXEMFGXXXXXXXXXXXXXX are going to access and receive those services via this Website, however services will be provided by Emerald Financial Group (UK) Ltd. Cometa Pay Ltd is registered in England and Wales (company No. 11366159) and registered with the UK Financial Conduct Authority as a small electronic money institution for the issuing of electronic money and provision of payment services (FCA reference No. 900904). Emerald Financial Group (UK) Ltd is registered in England and Wales (company No. 11557885), and authorised by the UK Financial Conduct Authority as an electronic money institution for the issuing of electronic money and provision of payment services (FCA reference No. 900908).

Copyright © 2023.  All Rights Reserved