Lumanu Privacy Policy

Lumanu Privacy Policy

Lumanu Privacy Policy

Last Updated October 26, 2023

Lumanu, Inc. (, as well as any present or future affiliated or related company (“Lumanu” or “we”), recognizes the importance of your privacy. This privacy policy tells you what personal information we collect and how we use it. Lumanu may change this privacy policy from time to time, in its sole discretion, as discussed below under “CHANGES TO THIS POLICY”, it’s the last section of this policy. By using or visiting any Lumanu website, application, product, software, tool, data feed, and/or service (collectively the “Service”), you understand and agree to the terms of this policy.

The Policy sets out how Lumanu will comply with privacy laws and regulations, such as Gramm-Leach Bliley Act and its implementing regulation, Regulation P, and the FTC Safeguards Rule, the Right to Financial Privacy Act (“RFPA”), and other privacy and other applicable federal and state consumer financial privacy statutes, laws, and regulations (collectively, the Regulations) associated with its product offering. 

The Policy covers how and when Lumanu will collect, retain, process, share, protect and transfer customers’ personal data, including nonpublic personal information (NPPI).

What is personal information?
Personal Information is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

We do not consider personal information to include information that has been anonymized or aggregated so that it can no longer be used to identify a specific natural person, whether in combination with other information or otherwise.

We collect personal information from you when you use our Services.

Non-personally identifiable information
We may collect non-personally identifiable information about you when you visit the Website. Non-personally identifiable information may include technical and measurement information concerning, for example, your connection to and usage of the Website. We may use this information for internal purposes, such as usage analysis and improving the Website. This information does not include your Personal Information.

What we do with the information we collect
Except as disclosed in this privacy policy, Lumanu does not share your personal information with any outside parties.

Lumanu will use the personally identifiable information directly provided by you solely for the purpose for which you have provided it, whether it be to register, use the Service, communicate with others, request information, etc. We may also use the information you provide to contact you for reasons related to use of the Service.

Disclosure: As a general rule, Lumanu will not disclose any of your personally identifiable information except under one of the following circumstances: we have your permission; we determine in good faith that it is legally required to be revealed by any relevant statute, regulation, ordinance, rule, administrative or court order, decree, or subpoena; information revealed during the course of Lumanu’s enforcement of the policies and procedures of the Service, its application, and/or website; information that we determine must be disclosed to correct what we believe to be false or misleading information or to address activities that we believe to be manipulative, deceptive or otherwise a violation of law; where you are otherwise notified at the time we collect the data; where we need to share your information to provide the product or service you have requested; when such disclosure is made subject to confidentiality restrictions in connection with a sale, merger, transfer, exchange, or other disposition(whether of assets, stock, or otherwise) of all or a portion of the business conducted by Lumanu.

How we protect personal information
We take appropriate organizational and technical measures to protect the data provided to us or collected by us, and do not retain it any longer than permitted in order to perform our services or as required under relevant legislation, with due observance of the applicable obligations and exceptions under the relevant legislation. You should be aware that internet communications are not always secure. You are responsible for maintaining the security and confidentiality of your account passwords. It is a condition of your use that you agree we are not liable for any such disclosure.

How we use your personal information
We use the personal information we collect from you for a range of different business purposes and according to different legal bases of processing. The following is a summary of how and according to which legal bases we use your personal information.

We use your personal information to fulfill a contract with you and provide you with our Services, to comply with our legal obligation, protect your vital interest, or as may be required for the public good. This includes:

  • To provide payment processing and account management, operate, measure and improve our Services, keep our Services safe, secure and operational, and customize site content that includes items and services that you may like in response to actions that you take

  • To contact you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed or as otherwise necessary to provide you customer service

  • When contacting you for such purposes as outlined above, we may contact you via email, telephone, SMS/text messages, postal mail, and via mobile push notifications

  • When contacting you via telephone, to ensure efficiency, we may use autodialed or pre-recorded calls and text messages as described in our User Agreement and as authorized by applicable law. Message and data rates may apply

  • To provide other services requested by you as described when we collect the information

  • To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities

  • To enforce our User Agreement

We use your personal information to pursue our legitimate interests where your rights and freedoms do not outweigh these interests. We have implemented controls to balance our interests with your rights. This includes to:

  • Improve our Services, for example by reviewing information associated with stalled or crashed pages experienced by users allowing us to identify and fix problems and give you a better experience

  • Personalize, measure, and improve our advertising based on your advertising customization preferencesContact you via email or postal mail in order to offer you coupons, discounts and special promotions, poll your opinions through surveys or questionnaires and inform you about our Services, as authorized by applicable law

  • Contact you about public policy matters, or other current events, related to your ability to use our Services. This could include an invitation to join a petition, letter writing, call or other sort of public policy related campaigns.

We use your personal information to comply with our legal requirements, enforce our User Agreement, respond to claims that a listing or other content violates the rights of others, or protect anyone's rights, property or safety.

We use your personal information to respond to law enforcement or governmental agencies, or authorized third-parties, in response to a verified request or legal process relating to a criminal investigation or alleged or suspected illegal activity or any other activity that exposes us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User ID history, IP address and fraud complaints.

Gramm-Leach-Bliley Act
Title V of Gramm-Leach-Bliley Act (“GLBA”) generally prohibits any financial institution, directly or through its affiliates, from sharing non-public personal information about its customers with a non-affiliated third party. Lumanu values its users and is committed to protecting the privacy of personal information in compliance with GLBA. Lumanu is committed to ensuring the continued protection and safeguarding of our customers’ NPPI.

The GLBA also implements the FTC’s Safeguards Rule that requires companies to develop, implement, and maintain an information security program with administrative, technical, and physical safeguards designed to protect customer information. See Lumanu’s Information Security Policy for more information on its data security controls.

Privacy Notices
Subject to certain exceptions, Lumanu provides the following disclosures to customers, as defined, at such time that the customer relationship is entered or before a customer’s information is shared with any non-affiliated third party:

  • Initial Privacy Notice: How Lumanu obtains and gathers information. The circumstances under which Lumanu may share information; and Instructions on how to limit the information sharing.

  • Opt-Out Notice: Initial Notice: at the time, initial disclosures are provided.Annual Notice: at least annually, until the relationship is terminated; andChange in Policy Notice: within 30 days of a material change in Lumanu’s policy regarding information collection, use or disclosure.

Additionally, Lumanu provides an Annual Privacy Notice to customers that accurately reflects Lumanu’s privacy policies and practices not less than annually during the continuation of the relationship, unless Lumanu’s privacy practices have not changed since the last customer disclosure

Limits on Disclosures
Lumanu will not, directly or through any affiliate, disclose any nonpublic personal information about a consumer to a nonaffiliated third-party unless:

  1. Lumanu has provided to the consumer an initial privacy notice;

  2. Lumanu has provided to the consumer an opt-out notice;

  3. Lumanu has given the consumer a reasonable opportunity before it discloses the information to the nonaffiliated third-party to opt-out of the disclosure; and

  4. The consumer does not opt-out.

Right to Financial Privacy Act
The Right to Financial Privacy Act (12 USC 3401, 12 CFR 219, 29 CFR 19, 31 CFR 14) establishes specific procedures for federal government authorities to follow when seeking member records. Lumanu will ensure that it has procedures implemented to adequately respond to a federal agency’s request for a customer’s financial information.

To gain access to a member’s records, the RFPA requires, with certain exceptions, that the federal government agency obtain one of the following:

  • An authorization signed and dated by the member, which identifies the records being sought, the reasons the records are being requested, and the member’s rights under the Right to Financial Privacy Act (The agency’s request should be on an official form and contain the required member authorization.);

  • An administrative subpoena or summons;

  • A search warrant;

  • A judicial subpoena;

  • A formal written request by a government agency (to be used only if no administrative summons or subpoena authority is available).

Notwithstanding any of the exemptions provided in the RFPA, if Lumanu receives a request for information from a federal agency, it may not release the financial records of a member until the federal government authority seeking the records certifies in writing that it has complied with the applicable provision of the Right to Financial Privacy Act.

California Consumer Privacy Act
In addition to Regulation P as stated in this policy, Lumanu complies with the provisions of California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). Lumanu shall provide to California residents notices explaining privacy practices in conjunction with the requirements of CCPA/CPRA along with Lumanu’s obligations as described in this policy under Regulation P in an integrated privacy policy. Lumanu shall disclose to California residents, as applicable:

  • The right to know about the personal information a business collects about them and how it is used and shared.

  • The right to delete personal information collected from them (with some exceptions).

  • The right to opt-out of the sale of their personal information; and

  • The right to non-discrimination for exercising their CCPA/CPRA rights.

Relation to Other Laws
Fair Credit Reporting Act and FACTA
The Fair and Accurate Credit Transaction Act (“FACTA”), which amends the Fair Credit Reporting Act (FCRA), establishes numerous requirements that provide protection for the victims of identity theft, provide more information to customers about credit reports and credit scoring, limits sharing of information with affiliates, and protects customer medical and other information.

USA Patriot Act
To help the United States government prevent fraud and fight the funding of terrorism, money laundering and related activities, Section 326 of the U.S.A. Patriot Act requires that Lumanu obtain, verify, and record information that identifies each person or entity that applies for a product through Lumanu. Lumanu will obtain the required information for both consumer and commercial customers as required by the USA Patriot Act. If the customer fails or refuses to provide such information, Lumanu may decline to open an account or continue a customer relationship with said customer.

How far our responsibility extends
This Privacy Policy applies to services that are owned and operated by us. It does not necessarily apply to sites our customers create using our software, even if operated by us. We do not exercise control over other users or third party websites that may link to our Service. They may place their own or other files on their website, collect data or solicit personal information from you. We accept no responsibility or liability for these other sites or services. Third party websites.

You may have the option to register using a third party service (“TPS”) or connect your account to a TPS, such as Instagram, Facebook, Twitter or YouTube. By authorizing us to access your TPS account, you understand that we may obtain certain information from your TPS account, which may including your name, email address, birthday, work history, education history, current city, shared media, and the names, profile pictures, relationship status, and current cities of your TPS contacts. We only obtain information from your TPS account that you specifically authorize and grant us permission to obtain.

We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.

Cookies and tracking information
We may collect information Personally Identifiable Information about you left on the Forum’s website in cookies. These are for your convenience so that you do not have to fill in your details again. These cookies will last for one year. A "cookie" stays on your computer until it is deleted and you can remove them by following the directions provided in your browser's "help" files. When you use our site we may store cookies on your computer in order to facilitate and customize your use of our site. A cookie is a small data text file, which a website stores on your computer's hard drive (if your Web browser permits) that can later be retrieved to identify you to us. Our cookies store randomly assigned user identification numbers, the country where you are located, and your first name to welcome you back to our site. The cookies make your use of the site easier, make the site run more smoothly and help us to maintain a secure site. You are always free to decline our cookies if your browser permits, but some parts of our site may not work properly in that case. We may use an outside ad serving company to display banner advertisements on our site. As part of their service, they will place a separate cookie on your computer. We will not provide any third-party ad server with any of your Personally Identifiable Information or information about your use of our website.

This website uses Mouse flow: a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback campaigns, and similar features/functionality. Mouse flow may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, pages visited and content, time on site, browser, operating system, device type(desktop/tablet/phone), screen resolution, visitor type (first time/returning),referrer, anonymized IP address, location (city/country), language, and similar meta data. Mouse flow does not collect any information on pages where it is not installed, nor does it track or collect information outside your web browser. If you'd like to opt-out, you can do so at If you'd like to obtain a copy of your data, make a correction, or have it erased, please contact us first or, as a secondary option, contact Mouse flow at For more information, see Mouse flow’s Privacy Policy at For more information on Mouse flow and GDPR, visit For more information on Mouse flow and CCPA visit

This website uses When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting

What rights do you have
If you would like to exercise your right to view, correct, complete or remove your Personal Data, please contact us at Upon verification of your identity, we will attempt to quickly fulfill your request, provided we will not act contrary to applicable legislation by fulfilling your request. Any recipient of email notices may opt out of receiving them at anytime. To opt out of receiving emails, follow the unsubscribe instructions located near the bottom of each service update, newsletter, or promotional email, or email your request to

Contact Us
If you have any questions or concerns about this Policy, please feel free to contact us any time through the sites or at Privacy Policy Concerns, c/o Lumanu Inc., 1528 Webster St, Oakland, 

CA 94612

Changes to this policy
We reserve the right to change the terms of this privacy policy at any time. When we make changes, we will revise the “last updated” date at the top of the policy. If there are material changes to this statement or in how we will use your personal information, we will notify you by prominently posting a notice of such changes here or on our home page, or by sending you an email. We encourage you to review this policy whenever you visit one of our websites or applications.Information Sharing with PartnersWe may share your personal information with select third parties, including i3 Bank (privacy policy), so that they can provide services to us or directly to you on our behalf.

Data security is a priority for Lumanu. If you believe you’ve found a security vulnerability in’s service, please notify us. We will work with you to resolve the issue promptly.

Disclosure Policy

We will maintain standard confidentiality in our communications with you.

We commit to thoroughly investigate and make every reasonable effort to address confirmed issues in a way that prioritizes the safety and security of those who may be impacted by a reported vulnerability.

We will work with you confirm and address your disclosure appropriately.

What we ask of Researchers

If you believe you’ve discovered a potential vulnerability, please let us know by emailing and including the subject line Lumanu Security - (issue found). We will acknowledge your email within ten business days.

We ask researchers to supply adequate technical details and context required for our team to verify reported issues, including screen recordings where relevant.

Make a good faith effort to avoid violating privacy, interrupting or degrading service, or destroying data. Please only interact with accounts you own or for which you have explicit permission from the account holder.

‍Provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within 24 hours of disclosure.


While researching, we’d like you to refrain from:

Distributed Denial of Service (DDoS)


Social engineering or phishing of Lumanu employees

Thank you for helping to keep and our users safe!


Lumanu is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at


It is the Security team’s responsibility to see this policy is enforced.

© 2024 Lumanu, Inc. All Rights Reserved.

Lumanu, Inc. is a financial technology company and not a bank. Lumanu accounts are provided by i3 Bank, Member FDIC.

© 2024 Lumanu, Inc. All Rights Reserved.

Lumanu, Inc. is a financial technology company and not a bank. Lumanu accounts are provided by i3 Bank, Member FDIC.

© 2024 Lumanu, Inc. All Rights Reserved.

Lumanu, Inc. is a financial technology company and not a bank. Lumanu accounts are provided by i3 Bank, Member FDIC.

© 2024 Lumanu, Inc. All Rights Reserved.

Lumanu, Inc. is a financial technology company and not a bank. Lumanu accounts are provided by i3 Bank, Member FDIC.

© 2024 Lumanu, Inc. All Rights Reserved.

Lumanu, Inc. is a financial technology company and not a bank. Lumanu accounts are provided by i3 Bank, Member FDIC.