Introduction

At LemFi, we are familiar with the sour taste that losing money online can bring to customers. We understand that to you, the security of the funds you’re sending to your friends, loved ones and business counterparts is of top priority.

Therefore, we put together this guide to help you consume our services in the safest, most secure manner possible. This is the LemFi promise.

• Authentic versions, always. Ensure all copies and versions of our apps are obtained from official sources (Google PlayStore, Apple iOS Store). This is designed to protect you, your data and your sensitive transaction information from leaks and interception.
• Passwords, PINs, and OTPs. Login to user accounts can be passworded with minimum 8 and up to 256 alpha-numeric and special characters. Encryption of these takes place with a 256-bit Hash key. We also send One Time Passwords to the clients registered details to provide for that extra layer of end-to-end security.
• User Verification. At LemFi, we require Government-issued Identity Documents as part of our onboarding process. We independently verify the provided data by running it against multiple government & independent industry repositories. This process is consented (add link to privacy policy here) to by users during the signup process.
• Data Protection. All (meta)data that is created and collected using our platforms and services are secured in accordance with the stipulated industry best practices. Data can include information such as transaction history, passwords, personal data. LemFi is obligated to comply with industry regulations with respect to client data retention (add link to Data Retention section of Privacy policy here)

1. Fraud

Fraudsters use a variety of methods and trickery, in a bid to ensure you part with your hard-earned cash. As its our primary means of communication, many of these attempts will come via email. This section of this article is designed to help you spot fraud before you become a victim.

• Urgency. Fraudsters love to use this as victims do not have time to verify the authenticity of requests being directed at them. LemFi will NEVER coerce you to consummate transactions in an urgent manner.
• Panic. This is another common tool in the arsenal of fraudsters. They create fictitious scenarios through which they intend to make financial gain. LemFi’s Customer Support Team WILL directly contact platform users whose accounts have been detected to have suspicious activity.
• Links and Attachments. Fraudsters send unsolicited links and/or attachments masquerading to have authentic transaction information. LemFi will only send authorized emails (Transactional and Informational) to users of our platforms. The certificates used to sign these emails can be publicly verified.
• Credential Request. This is usually accompanied with a phone call. In this scenario, fraudsters will initiate OTP requiring transactions and will attempt to compel the user to provide them with the same. LemFi or its representatives will NEVER request OTPs, PINs or Passwords from our users. Any attempts should be reported to the Customer Support Team.

2. Regulatory Obligations

LemFi is a registered Financial services provider in each of the countries we provide money transfer services. In Canada, we are a registered entity with FINTRAC whilst in the United Kingdom and its environs, we are authorized as a payments institution by the FCA. As part of our overall transparent governance strategy, we are compliant with the GDPR and undergo frequent regulatory and independently driven audits to ensure compliance with laid down statutes.

3. Securing your Activities

For United Kingdom based Users:

• Ensure bank account access is only granted to the LemFi App through our third-party open banking partner, TrueLayer. Our integration with TrueLayer only serves to enable us fund your GBP Wallet and nothing more. Only you, the account owner can initiate and approve the transactions.
• LemFi will NEVER request permissions to manage your bank accounts. Our representatives and affiliates will not ask you to download or permit any other individuals or computer accounts to access your data.
• If you suspect your user data has been compromised, please send us an email on support@lemfi.com

For Canada-based Users:

• Wallet funding can only be done using the Interac platform. With this service, users can fund their wallets by using the email address associated with the wallet. This provides seamless use of the platform, guarding against users funding the wrong wallets.
• Users can send transaction references to our team at deposit@lemfi.com. This will help with quicker settlement of funds into wallets.
• If you suspect your user data has been compromised, please send us an email on support@lemfi.com

If you suspect your account has been compromised in any way, please ensure you change your password, PINs & leave us a report at support@lemfi.com. Users should also endeavour to routinely check their transaction histories and report any suspicious patterns and charges.

4. Data Collection, usage, processing and retention

Providing payment services in this manner is no simple task. We require numerous data points by regulation to be collected from our customers. This enables us provide services specifically tailored to our suit our clients at their points of need. To make this possible, we collect a variety of data that includes but isn’t limited to:

• Personally identifiable information such as names, physical & email addresses and phone numbers.
• Browser-based information such as IP addresses, device type and location.
• Behavioral data for analytics. This data subset includes keystrokes, selections made on pages viewed, links clicked, communications data, comments and file transmissions.

This user data is collected via a variety of mechanisms that our clients provide consent to. These include:

• Online registration to use any of LemFi products or services.
• Download and installation of the applications from any of the official repositories.
• Voluntarily completed customer surveys on any of our message boards or via email.

This collected data will be used in the following ways:

• To provide services to our clients.
• To enhance the safety, security, usability and experience of our customers.
• For marketing purposes.