Special discount
Special discount
Get 30 days free plus 40% off Lili Smart fee for 3 months
Get 40% off Lili Smart fee for 3 months
Effective Date: October 1, 2024
Protecting the privacy of your personal information (“PI”) is important to Lili App Inc. and our employees (collectively, “Lili”, “we”, “us” and “our” as appropriate). This Privacy Policy (“Policy”) explains how we may collect, use and disclose information we obtain through the Lili website or the Lili App (collectively, “Lili Service”).The words “you” and “your” mean each individual who accesses the Lili Service.
PI means any data that classifies as personal information, personal data, personally identifiable information, or similar terms under applicable data privacy and security laws and regulations. This includes any “personally identifiable financial information” that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise “publicly available.” It does not include data excluded or exempted from those laws and regulations, such as aggregated, anonymized, or deidentified data.
We collect information, including PI when you:
We may also collect PI from the following sources:
We take all necessary steps to safeguard PI. We restrict access to PI and account information to those employees who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards that comply with federal standards to guard PI.
You must register to use the Lili Service. When you choose to create a Lili Account, we are required to collect information including your name, address, date of birth, and social security number if you are a sole proprietor, or the same information for ultimate beneficial owners of legal entities. To further verify identity and prevent fraud, we collect additional information about you, such as biometric information, device information, IP address, email address and phone number, as well as information about your business. You may decline to provide this information, however, doing so may prevent you from engaging with and using the Lili Service.
We collect information from you as you use the Lili Service; when you initiate a transaction, when you send payments or otherwise engage with or use the Lili Service. Lili may offer additional financial and non-financial products and services via the Lili Service which are governed by this Privacy Policy.
We may collect information, including PI from you through your communications with our customer support or other team members.
We collect information about the computer, tablet, or mobile device you use to access the Lili Service which may include the hardware model, operating system and version, unique device identifiers and mobile network information. We may also collect other device identification information for the purposes of detecting and preventing fraud.
If you have ‘background location’ turned on, the Lili App will, from time to time, tell us about your mobile device’s location even if you are not directly interacting with the application.
When we have location information, we use it to tailor the Lili Service for you and others, like helping reduce debit card fraud by matching your card activity with your location.
When you visit the Lili website, we and third parties that provide certain functionality on the Lili Service may engage, receive and record information from your use of the Lili Service and server logs from your browser, including your IP address, cookies, and similar technology. This information is used for security purposes to authenticate your identity and improve the quality of our services, such as storing your account preferences.
Cookies are commonly used on websites and do not harm your system. By configuring your preferences or options in your browser, you determine if and how a cookie will be accepted. Most browsers allow you to block and delete cookies however by blocking cookies on our site it may impact the services we can provide you.
We use the information we collect, including PI to:
We use information, including PI, for internal and service-related purposes and may provide it to third parties to allow us to facilitate the Lili Service. We may use and retain any data we collect to provide and improve our services.
We share information, including PI, with service providers who may share it with a credit reference or fraud prevention agency for the purposes of verifying identity, assessing the risk of giving credit, preventing fraud, and tracing debtors. For more information, please see the Credit Reference Agency Information Notice (“CRAIN”) notice located here.
We may send emails or text messages to the email address and phone number you provide to us to verify your account and for informational and operational purposes, such as account management, customer service, or system maintenance. We may store your email address and phone number, your message and our response for quality assurance. We may also do this to meet legal and regulatory requirements.
We do not rent, sell, or share PI about you with other individuals or non-affiliated companies for their direct marketing purposes, unless we have your permission. We also do not provide any PI to any third-party advertising networks. We may use your PI and other information to communicate with you by email to provide you with information and services we think may be of interest to you.
We may cleanse and aggregate data collected through the Lili Service and use it for any purpose. Information that has been aggregated or deidentified under applicable laws is not PI.
We may share your information, including aggregated or deidentified PI, with our third-party service providers, vendors and other partners:
We are permitted under law to disclose PI about you to other third parties in certain circumstances. For example, we may disclose PI about you to third parties, such as service providers and vendors, to assist us in servicing your account with us and to prevent wrongful conduct. We do not disclose any PI about you to anyone, except as permitted by law.
If you decide to close your account(s) or become an inactive customer, we will continue to adhere to the privacy policies and practices described in this notice.
We may share any information we receive with vendors and service providers retained in connection with the provision of the Lili Service. Our vendors and service providers may compare your identifiers (such as email address, IP address, and phone number) and PI with consortia information to assist us in preventing fraud, money laundering and other wrongful conduct. Conversely, this information may be used by the consortia to prevent fraud, money laundering and other wrongful conduct at other financial institutions.
We may disclose your PI, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order, levy, garnishment, or subpoena; respond to your requests; or protect yours, ours or others’ rights, property, or safety.
If we are involved in a merger, acquisition, reorganization, sale of company assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We cannot control how such entities may use or disclose such information.
We take steps to ensure that your information is treated securely and in accordance with this Policy. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure.By using the Lili Service or providing PI to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Lili Service. If we learn of a security system breach, we may attempt to notify you electronically by posting a notice on the Lili Service or sending an email to you. You may have a legal right to receive this notice in writing. To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice), please notify us at [email protected].
The Lili Service may allow you to access third party services to provide information about you, including PI, to the Lili Service. This Policy applies only to the information collected by the Lili Service. When logging into a third party service or following a link to third party websites from the Lili Service, please be aware that the privacy practices of those services may differ. We encourage you to carefully read the privacy policy for each website you visit. We are not responsible for the privacy policies or practices of linked third party sites or services.
If you are visiting from outside the United States, please note that you are agreeing to the transfer of your information to the United States and processing globally. By providing your information you consent to any transfer and processing in accordance with this Policy.
This section of our Privacy Policy is applicable to persons located in Australia. If you are an Australian resident, you may have certain rights to access the PI we hold about you and to correct personal information we hold about you (if applicable). To exercise those rights, or if you have any questions about this Policy please reach out using the information in the “Contact Information” section below. Additionally, PI about you that you provide while in Australia may be transferred to the United States.
More information about privacy law and privacy principles is available from the Office of the Australian Information Commissioner (“OAIC”) and from their website. You may contact the OAIC using their contact details set out here.
Residents of Canada have certain rights with respect to their data under Canada’s Personal Information protection and Electronic Documents Act (“PIPEDA”) and related provincial privacy laws, including Law 25 that applies specifically to residents of Quebec.
As required under applicable law, Lili has appointed a Data Protection Officer (“DPO”) to uphold compliance with these laws. Our designated DPO may be contacted by email at [email protected].
Canadian residents have a right to access, correct, erase, and to restrict processing of personal information that we may hold about you. If necessary, we may request additional information reasonably necessary to authenticate you and your request. To submit a request, you may contact our DPO using the information above, or using the information provided in the “Contact Information” section below. Residents of Canada can learn more about their rights by clicking here to read about PIPEDA, and here for information on Law 25.
This section of our Privacy Policy is applicable to persons located in the European Union (“EU”), an European Economic Area member state (“EEA”), United Kingdom (“UK”), or Switzerland as well as to persons whose personal information is processed in or transferred from the EU, EEA, UK, or Switzerland. You are entitled under the EU General Data Protection Regulation and UK General Data Protection Regulation (collectively, the “GDPR”), to the information in this section of our Privacy Policy.
You are entitled by law to access, correct, amend, or delete personal information about you that we hold. A summary listing these rights appears below. Please note that these rights are not absolute and certain exemptions may apply to specific requests that you may submit to us.To exercise these rights, please contact us using the information below in the “Contact Information” section. For your protection, we may need to verify your identity before responding to your request. In the event that we refuse a request, we will provide you a reason as to why.
You have the right to obtain from us confirmation as to whether or not we are processing personal information about you, and if so, the right to be provided with the information contained in this Policy. You also have the right to ask us for copies of your personal information. When making a request, please provide an accurate description of the personal information to which you want access. Where requests are repetitive or manifestly unfounded or excessive, we may charge a reasonable fee based on administrative cost.
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
You have the right to ask us to erase your personal information if:
However, this right is not absolute. Even if you make a request for deletion, we may need to retain certain information for legal or administrative purposes, such as record keeping, maintenance of opt-out requirements, defending or making legal claims, or detecting fraudulent activities. We will retain information in accordance with the “Data Retention” section below.
If you do exercise a valid right to have your personal information deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others).
You have the right to ask us to place a restriction on our use of your personal information if one of the following applies to you:
You have objected to us using your information, while we check whether our legitimate grounds override your right to object.
You have the right to ask that we transfer the personal information you gave us from one organization to another, or give it to you (i.e., data portability). This applies to personal information we are processing to service a contract with you and to personal information we are processing based on your consent.
If we obtain your written consent to collect and process your personal information, you can subsequently withdraw such consent as to any further processing of such information.
If you believe your rights under the GDPR have been violated, the GDPR gives you the right to file a complaint with your supervisory authority. A list of supervisory authorities is available here: EEA and EU Data Protection Authorities (DPAs); Swiss Federal Data Protection and Information Commissioner (FDPIC); UK Information Commissioner’s Office (ICO).
To the extent that we engage in decision-making based solely on automated processing, including profiling, which produces legal effects concerning you or which significantly affects you, you have the right not to be subject to such decision-making.
You have the right to object to the processing of your personal information that is based on legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us). If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or we can demonstrate the processing is for the establishment, exercise, or defense of legal claims. You can object to the processing of your personal information by contacting us using the information in the “Contact Information” section below.
We collect your personal information to provide our products and services to you; otherwise, we may not be able to process the transactions you request. We will only process your personal information when we have a lawful basis for doing so. If you are in a country in the EU, EEA, UK, or Switzerland, you are entitled to an explanation of the legal basis we rely on to process your personal information. The legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it, which is discussed below.
• Consent. We may process your personal information based on your consent such as when you purchase a service or ask us to send you certain kinds of marketing communications. You have the right to withdraw your consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal.
• Children’s Consent. We do not knowingly process data of EU, EEA, UK, or Switzerland residents under the age of 16 without reasonably verified parental consent.
• Our Legitimate Interests. We may process your personal information if doing so is necessary for our legitimate interests relating to our business purposes arising from your relationship with us, and your rights as an individual do not override those legitimate interests. For example, our legitimate interests include but are not limited to when we process your personal information to carry out fraud prevention activities and activities to increase network and information security, identify usage trends, determine the effectiveness of promotional campaigns, expand our business activities and improve our services and the content and functionality of our services. Our legitimate interests also include providing you with the products and services you request, view, engage with, or purchase; and communicating with you regarding your account or transactions with us.
• To Perform a Contract. We may process your personal information to administer and fulfill contractual obligations to you. We will also collect and process your personal information as necessary for the performance of a contract to which you are a party.
• To Enable Us to Comply With a Legal Obligation. We may process your personal information to comply with legal obligations to which we are subject. This may include any requirement to produce audited accounts, any legal obligation to share information with law enforcement agencies, public or governmental authorities, and to comply with legal process.
• Necessary for the Exercise or Defense of Legal Claims. If you bring a claim against us or we bring a claim against you, we may process your personal information in relation to that claim.
Depending on the situation, we may be the controller or the processor for personal information collected from residents of the EU, EEA, UK or Switzerland. If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information for any specific processing activity, please contact us using the “Contact Information” section below.
This section of our Privacy Policy is applicable to persons located in New Zealand. If you are a New Zealand resident, you may have certain rights to access the PI we hold about you, to correct personal information we hold about you (if applicable), and to request deletion of the PI we hold about you (if applicable). To exercise those rights, or if you have any questions about this Policy please reach out using the information in the “Contact Information” section below. Additionally, PI about you that you provide while in New Zealand may be transferred to the United States.
More information about privacy law and privacy principles is available from the Office of the Privacy Commissioner and from their website.
We process personal information on our servers in the United States of America, and may do so in other countries. If you use our services or otherwise provide us with information from outside of the United States, you expressly consent to the transfer of your data to the United States, the processing of your data in the United States, and the storage of your data in the United States.
We may transfer your information outside of your jurisdiction for processing. While your personal information is held outside of your jurisdiction, it may be accessed by the courts, law enforcement, and national security authorities of the processing jurisdiction.
If you have any questions or concerns about this Policy or the use of your information, or to modify or update any information we have received, please contact us at [email protected].
If you are a registered user of the Lili Service, you may modify your account settings and information through the Settings portal within the Lili Service.
If you wish to terminate your account, we will be sad to see you go, but you can contact customer support at the email address below to do so. When you terminate your Lili Account, or if we terminate it, you will no longer be able to view your Lili Account or profile information, but we may continue to have access to your information for a period of time in order to comply with applicable legal or service obligations. We suggest that you download all your monthly statements before contacting customer support to close your Lili Account.
We will retain your Lili Account and associated information for as long as your account is active or as needed to provide you the Lili Service. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We may update this Policy to reflect changes to our information practices. If we make any change in how we use PI, we will notify you by means of a notice on the Lili Service prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Through our vendor or directly, we collect certain biometric data from individuals for the purpose of verifying their identity. We recognize the sensitivity of Biometric Data (defined below) and take seriously our obligation to maintain the confidentiality and protect security of such data. To promote these efforts, we have adopted the following biometric information privacy policy.
“Biometric Data” means any biological characteristics of a person, or information based upon such a characteristic, including characteristics such as those defined as “Biometric Identifiers” and “Biometric Information” under laws regulating the processing of biometric identifiers or information.
“Biometric Identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry, or any additional characteristics defined as such under laws regulating the processing of biometric identifiers or information.
“Biometric Information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual, or any additional characteristic or measurement defined as such under laws regulating the processing of biometric identifiers or information.
We (or our service provider) use facial recognition software to compare an individual’s driver’s license photograph against that individual’s self-taken picture to verify the identity of the individual.
We will not disclose or disseminate any Biometric Data to anyone other than our service providers (who would be acting on our behalf and subject to contractual obligations) without/unless:
We will use a reasonable standard of care to store, transmit and protect from disclosure any paper or electronic Biometric Data collected.
We will retain Biometric Data only until, and shall request that any service providers that may have access to the Biometric Data destroy such data when, the first of the following occurs:
The Lili Service is not intended for businesses only. It is not intended for individuals (except sole proprietorships). In connection with verifying the identity of businesses, we do collect information on the sole proprietor or on the control person and other ultimate beneficial owners of legal entity customers. The Lili Service is not intended for children under 18 years of age, and we do not knowingly collect personal information from children under 18. In the event that we learn that we have collected personal information from a child under age 18 without verification or parental consent, we will immediately delete that information. If you believe that we might have any information from or about a child under 18, please contact us at the email address provided below.
If you have any questions about this Privacy Policy, please contact us at [email protected].
Lili is a financial technology company, not a bank. Banking services are provided by Choice Financial Group, Member FDIC, or Sunrise Banks, N.A., Member FDIC. The Lili Visa® Debit Card is issued by Choice Financial Group, Member FDIC, or Sunrise Banks, N.A., Member FDIC, pursuant to a license from Visa U.S.A., Inc. Please see the back of your Card for its issuing bank. The Card may be used everywhere Visa debit cards are accepted.
Wire Transfer service provided by Column Bank N.A., Member FDIC. All wires are subject to acceptance criteria and risk-based review and may be rejected at the sole discretion of Column Bank N. A. or Lili App Inc.
1 Available to Lili Pro, Lili Smart, and Lili Premium account holders only, applicable monthly account fee applies. For details, please refer to our Choice Financial Group Account Agreement if your Lili business deposit account was opened with Choice Financial Group, Member FDIC, or Sunrise Banks Account Agreement if your Lili business deposit account was opened with Sunrise Banks, N.A., Member FDIC.
2 Available to Lili Smart and Lili Premium account holders only, applicable monthly account fee applies. For details, please refer to our Choice Financial Group Account Agreement if your Lili business deposit account was opened with Choice Financial Group, Member FDIC, or Sunrise Banks Account Agreement if your Lili business deposit account was opened with Sunrise Banks, N.A., Member FDIC.
3 The Annual Percentage Yield (“APY”) for the Lili Savings Account is variable and may change at any time. The disclosed APY is effective as of October 1, 2024. Must have at least $0.01 in savings to earn interest. The APY applies to balances of up to and including $100,000. Any portions of a balance over $100,000 will not earn interest or have a yield. Available to Lili Pro, Lili Smart, and Lili Premium account holders only.
4 BalanceUp is a discretionary overdraft program for debit card purchases only, offered for Lili Pro, Lili Smart, and Lili Premium Account holders. You must meet eligibility requirements and enroll in the program. Once enrolled, your Account must remain in good standing with a deposit and spending history that meets our discretionary requirements to maintain access to the feature. BalanceUp overdraft limits of $20-$200 are provided at our sole discretion, and may be revoked any time, with or without notice.
5 Early access to ACH transfer funds depends on the timing of payer’s submission of transfers. Lili will generally post these transfers on the day they are received which can be up to 2 days earlier than the payer’s scheduled payment date.
6 Up to $1,000 per 24 hours period and a maximum of $9,000 per month. Some locations have lower limits and retailer fees may vary ($4.95 max). Note that Lili does not charge transaction fees.
7 Lili AI and other reports related to income and expense provided by Lili can be used to assist with your accounting. Final categorization of income and expenses for tax purposes is your responsibility. Lili is not a tax preparer and does not provide tax, legal or accounting advice. You should consult your own tax, legal and accounting advisors regarding your specific situation.
8 Lili does not charge debit card fees related to foreign transactions, in-network ATM usage, or card inactivity, or require a minimum balance. The Lili Visa® Debit Card is included in all account plans, and remains fee-free with the Lili Basic plan. Applicable monthly account fee applies for the Lili Pro, Lili Smart, and Lili Premium plans. For details, please refer to our Choice Financial Group Account Agreement if your Lili business deposit account was opened with Choice Financial Group, Member FDIC, or Sunrise Banks Account Agreement if your Lili business deposit account was opened with Sunrise Banks, N.A., Member FDIC.
9 The Mail a Check, Outgoing Wire Transfers and Invite Your Accountant features are only available for Lili business deposit accounts opened through Sunrise Banks, N.A., Member FDIC.
© 2024 Lili App Inc. All Rights Reserved.