Privacy
Policy.

How Luvnos Dynamic Bank collects, uses, and protects your personal and financial information. Transparency is a core operating principle of this institution.

1. Information We Collect

Luvnos Dynamic Bank collects information that is necessary to provide our private banking services, verify your identity, and comply with applicable financial regulations. The categories of information we collect include:

• Identity Information: Full legal name, date of birth, government-issued identification numbers, and biometric verification data submitted through our KYC process.
• Contact Information: Email address, physical address, telephone number, and emergency contact details.
• Financial Information: Account balances, transaction history, card issuance records, loan details, and income verification documents.
• Technical Information: Device fingerprints, IP addresses, browser metadata, session duration, and interaction patterns within the Luvnos platform.
• Verification Data: Photographs, identity documents, proof of address, and any supplementary materials submitted during the tier verification process.

2. How We Use Your Information

Your information is used exclusively for the following purposes. Luvnos does not sell, rent, or trade personal data to third parties under any circumstances.

• Account Administration: Processing transactions, maintaining your double-entry ledger, issuing virtual cards, and managing loan disbursements and repayments.
• Security & Fraud Prevention: Continuous session monitoring, device fingerprint validation, location anomaly detection, and automated account protection mechanisms as described in our Security Architecture.
• Regulatory Compliance: Know Your Customer (KYC) verification, anti-money laundering (AML) screening, and reporting to relevant financial authorities as required by United States federal law.
• Service Improvement: Aggregated, anonymized analytics to improve platform performance, user experience, and security posture. No individual data is used for marketing or profiling.

3. Data Storage & Encryption

All data is stored on encrypted infrastructure using AES-256 encryption at rest and TLS 1.3 in transit. Sensitive information — including card security codes, transaction PINs, and identity documents — is encrypted at the application level before storage. Cryptographic hashing (bcrypt, 12 rounds) is applied to all authentication credentials.

Your data is stored exclusively on servers located within the continental United States. We do not transfer personal data across international borders without explicit consent and appropriate safeguards.

4. Data Retention

Luvnos retains your personal and financial records for the duration of your account relationship plus a period of seven years following account closure, in accordance with federal recordkeeping requirements for financial institutions. Upon expiration of this retention period, all personal data is securely destroyed using NIST SP 800-88 compliant data sanitization methods.

You may request a copy of your data at any time through your account settings or by contacting our support team. Export requests are fulfilled within 30 calendar days.

5. Your Rights

As a Luvnos account holder, you have the following rights regarding your personal data:

• Access: Request a complete copy of all personal data we hold about you, delivered in a structured, machine-readable format.
• Correction: Request correction of any inaccurate or incomplete personal information through your account settings or by contacting support.
• Deletion: Request deletion of your personal data, subject to regulatory retention requirements. Note that transaction ledger records are immutable and cannot be deleted as they form part of the permanent financial audit trail.
• Restriction: Request restriction of processing in specific circumstances, such as during a dispute regarding data accuracy.
• Portability: Receive your data in a portable format for transfer to another financial institution.

6. Cookies & Tracking

Luvnos uses only essential session cookies required for authentication and security. We do not use tracking cookies, advertising cookies, or third-party analytics services that profile user behavior. The session cookie contains a cryptographically signed token and expires upon logout or after 24 hours of inactivity.

7. Third-Party Services

Luvnos integrates with the following third-party services for essential operations. Each provider is vetted for compliance with our security standards:

• Currency Exchange Rates: Live FX rates are sourced from ExchangeRate-API. No personal data is transmitted with these requests.
• Email Communications: Transactional emails (password resets, security alerts) are delivered via Resend. Only your email address and the specific notification content are transmitted.
• Identity Verification: KYC document review is performed by our internal compliance team. No third-party identity verification services are used.

8. Children's Privacy

Luvnos Dynamic Bank does not knowingly collect information from individuals under the age of 18. Our services are intended exclusively for adults who can form legally binding contracts. If we discover that a minor has created an account, it will be immediately terminated and all associated data will be deleted.

9. Policy Updates

This Privacy Policy is reviewed quarterly and updated as necessary to reflect changes in our practices or regulatory requirements. Account holders will be notified of material changes via email at least 30 days before the effective date. Continued use of Luvnos services after the effective date constitutes acceptance of the updated policy.

10. Contact

For questions regarding this Privacy Policy or to exercise your data rights, contact the Luvnos Data Protection Office at privacy@luvnos.com or through the secure messaging channel in your account dashboard. All inquiries receive a response within 5 business days.