LuLu Exchange Loader

Data Privacy Policy

We, LuLu International Exchange LLC (LuLu), is a company registered in UAE and licensed by the Central Bank of UAE operating in the country and referred in this Privacy Policy as ‘We’, ‘Us’, ‘Our’ (including all grammatical variations).

Introduction to the Policy

This data privacy policy (“Privacy Policy”) published and shared by LuLu governs the use of personal and financial data supplied by our customer while availing any of our services whether on our website, LuLu Money mobile app or through any other medium (“Platform”).

The Customer’s trust is most important to us, which is why we are committed to ensure that the Customer’s privacy is secured and protected. We want to strengthen that trust by being transparent with how we collect, use and protect the Customer’s Personal Data (defined hereinafter).

The information that the Customer shares with us, enables us to provide the Customer with, and allows us to constantly improve our Services such as (i) remittance services via the LuLu Platform; (ii) various value-added services like bill payments, insurance, and banking related services; (iii) salary credit services (collectively referred to as “Services”). For example, certain services such as remittances are only available once the Customer has gone through the Know-Your-Customer (KYC) process – this is to ensure that all transactions on the Platform are legal and follow the rules set by the AML/CFT Laws and Regulations and Central Bank Directives.

To constantly provide the proper protection to the Personal Data, we may update this Data Privacy Policy periodically to keep it responsive with data privacy requirements, coverage, and technology security advancements. We encourage our customers to check this page from time to time to ensure that they are updated and pleased with any changes we made. Customers are welcome to ask questions and can email us at

Why we collect Personal Data

We collect the Customer’s Personal Data such as:

  • name,
  • date and place of birth,
  • specimen signature or biometrics,
  • present and permanent address,
  • source of fund or income,
  • name of employer or the nature or self-employment or business,
  • contact details such as contact numbers and email address,
  • mother’s maiden name,
  • and marital status

without limiting the generality of the purpose, to facilitate the Customer’s transaction needs and avail of our products and services, among others:

  1. Enhance the Customer’s experience and improve, develop, and determine tailored products to meet their preferences and needs.
  2. Communicate relevant products and/or advisories to the Customers.
  3. Show them relevant advertisements on and off our Services and measure the effectiveness and reach of ads and Service.
  4. Abide by any safety, security, public service or legal requirements and processes; and
  5. Process information for statistical, analytical, and research purposes

Furthermore, we collect the Personal Data to the extent necessary to comply with the requirements of the law and legal process, such as a legal and regulatory obligation of the Anti-Money Laundering Acts, or to prevent imminent harm to public security, safety, or order.

We also need the Personal Data for statistical, analytical, and research purposes to create anonymous and aggregate reports, which enables us to provide a better service to each of our customers.

Collection of Personal Data

We collect the following types of Personal Data to provide the Customer with the usage of the Platform, and to help us personalize and improve the Customer’s experience.

Information we collect automatically: When the Customer uses the Platform, we collect information sent to us by the Customer’s computer, mobile phone or other access device. The information sent to us includes, but is not limited to, the following:

  • data about the pages they access,
  • computer IP address,
  • device ID or unique identifier,
  • device type,
  • geo-location information,
  • computer and connection information,
  • mobile network information,
  • statistics on page views,
  • traffic to and from the sites,
  • referral URL, ad data, and
  • standard web log data and other information.

Information the Customer provides to us: We may collect and store any information the Customer provide us when they use the Platform, including when they add information on a web form, add or update their account information, participate in chats, or dispute resolutions, or when the Customer otherwise correspond with us regarding the Services.

In addition, when the Customer registers with us for the first time on the Platform or uses the Services, we may collect the following types of information:

  • Contact information, such as the Customer’s name, address, phone, email, and other similar information.
  • Financial information, such as the full bank account numbers and/or related information that the Customer wishes to link to our Platform or give us when they use the Services.
  • Detailed Personal Data such as the Customer’s date of birth or national ID number.

Information from other sources: We may also obtain information about Customers from third parties such as credit bureaus and identity verification services.

Authentication and Fraud Detection: To help protect the Customers from fraud and to prevent misuse of Personal Data, we may collect information about them and their interaction with the Platform. We may also evaluate their computer, mobile phone or other access device to identify any malicious software or activity.

Using Services via Mobile Devices: We may offer the Customers the ability to connect with the Platform using a mobile device, either through a mobile application or via a mobile optimized website. The provisions of this Data Privacy Policy apply to all such mobile access and use of mobile devices. When the Customer downloads or uses the Platform, or accesses one of our mobile optimized sites, we may receive information about their location and their mobile device, including a unique identifier for their device. We may use this information to provide the Customers with location-based services, such as personalized content based on the geography of the Customer. Most mobile devices allow the Customer to control and/or disable location services in the device’s setting’s menu. If the Customer has questions about how to disable their device’s location services, we recommend them to contact their mobile service carrier or the manufacture of their device.

All credit/debit cards details, and personally identifiable information will NOT be stored, sold, shared, rented, or leased to any third parties.

Use and Storage of Personal Data

We use Personal Data to provide the Customers with services and products the Customers explicitly request for, to resolve disputes, troubleshoot concerns, help promote safe services, provide Services, measure consumer interest in Services, inform them about offers, products, services, updates, customize their experience, detect, and protect us against error, fraud, and other criminal activity, enforce our terms and conditions, etc. We may occasionally ask the Customers to complete optional online surveys. These surveys may ask the Customers for contact information and demographic information (like postal code, age, gender, etc.). We use this data to customize their experience on the Platform, providing them with suggestions that we think they might be interested in and to display such suggestions according to their preferences highlighted in such surveys.

The security of the Customer’s Personal Data, in paper and electronic format, is important to us and we take reasonable steps to protect it from misuse, interference, loss, unauthorized access, modification, and unauthorized disclosure by establishing and enforcing organizational, physical, and technical security measures. When there is a need for us to store the Personal Data with a third-party data storage provider, we use contractual arrangements to ensure that those providers take appropriate measures that are aligned with the industry best practices in the data privacy and information security industry. We will keep copies of the Customer’s registration and transaction records for minimum 10 years in adherence with the requirement of the Central Bank and countries Laws and Regulations. The Personal Data will be destroyed in irretrievable and unusable form in adherence with our physical and/or technical information security measures once retention is over.

We will not sell, share, or rent the Customer’s Personal Data to any 3rd party or use the Customer’s email address/mobile number for unsolicited emails and/or SMS other than for any transactional communication. Any emails and/or SMS sent by us will only be in connection with the provision of agreed services and products and this Privacy Policy.

Periodically, we may reveal general statistical information about us and our users, such as number of visitors, number and type of services availed, etc. We reserve the right to communicate the Customer’s Personal Data to any third party that makes a legally compliant request for its disclosure.

When do we share Personal Data

There are times, when we need to share the Personal Data, and we would always ask the Customers for their consent. This is unless it would be used to comply with legal and regulatory mandates set by appropriate government agencies or when sharing the Personal Data with our group companies and affiliates. With the Customer’s consent, we would share their Personal Data with contracted third-party service providers for processing, marketing, research, and other specified legitimate purpose. In these instances, we will ensure that the Personal Data will be secured and protected under the terms of a data sharing agreement, or any other relevant agreement made with parties that can demonstrate sufficient organizational, physical, and technical security measures to protect Personal Data.


A “cookie” is a small piece of information stored by a web server on a web browser so it can be later read back from that browser. We use cookie and tracking technology depending on the features offered. No Personal Data will be collected via cookies and other tracking technology; however, if the Customer previously provided personally identifiable information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.

Links to Other Sites

Our Platform links to other websites that may collect personally identifiable information about the Customers. We are not responsible for the privacy practices or the content of those linked websites. The Customers are advised to use their discretion while clicking on any such links.


We have stringent security measures in place to protect the loss, misuse, and alteration of the information or Personal Data under our control. Whenever the Customer changes or accesses the Customer’s account information, we offer the use of a secure server. Once the Personal Data is in our possession we adhere to strict security guidelines, protecting it against unauthorized access.


By using and/or visiting the Platform, using our Services and/or by providing the Customer’s Personal Data, the Customers consent to the collection and use of the information they disclose on the Platform in accordance with this Privacy Policy, including but not limited to their consent for sharing their information as per this privacy policy.

How can Customers access their Personal Data

As we are a transparent organization, the Customers will always have a way to access or correct their Personal Data unless there are practical, contractual, and legal reasons that would prevent us from doing so. We would just need ample time to provide or correct that information for the Customers, but rest assured it would be completed. The Customers can let us know what they think, and if they need any assistance on their data privacy needs or concerns, they can email us at:

The Website Policies and Terms & Conditions including this Data Privacy Policy may be changed or updated occasionally to meet the requirements and standards. Therefore, the Customers are encouraged to frequently visit these sections in order to be updated about the changes on the website.

Modifications will be effective on the day they are posted.