English
العربية
Book a Demo
Login

Lynq Privacy Policy

Effective Date: 10th April, 2026

1. Introduction

Lynq by Mawarid (“Lynq”, “we”, “us”, or “our”) is committed to protecting your personal data and handling it responsibly.

Lynq is a financial platform made available by Mawarid Finance PJSC (“Mawarid”), with NymCard Payment Services LLC (“NymCard”) supporting the delivery of certain services, including payment processing, card program management, and cross-border payment infrastructure.

This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you access or use Lynq’s platform, including our website, application, and related services (the “Services”).

Mawarid acts as the primary data controller for your personal data. NymCard processes personal data as a data processor and, where required for regulated payment services (including cross-border transactions), may act as an independent controller in accordance with applicable laws.

By using Lynq, you acknowledge and agree to the practices described in this Privacy Policy.

2. Service Roles

Lynq operates through a combination of regulated financial services and supporting technology infrastructure.

  • Mawarid Finance PJSC is the financial institution responsible for issuing prepaid cards and providing regulated financial services. Mawarid is licensed and regulated by the Central Bank of the UAE (CBUAE).
  • NymCard Payment Services LLC is licensed by the Central Bank of the UAE under the Retail Payment Services and Card Schemes Regulation (RPSCS). NymCard acts as the technology provider and program manager, supporting:
  • Platform operations
  • Card processing and transaction infrastructure
  • Cross-border payment services, including foreign exchange and international transfers
  • Lynq provides the platform interface through which customers access services, including onboarding, account management, and payment initiation.

3. What Data We Collect

We collect personal data necessary to onboard you, provide services, and meet regulatory obligations.

3.1 Identity & Verification Data (KYB & KYC)

As part of onboarding, we perform full Know Your Business (KYB) and Know Your Customer (KYC) checks, including:

  • Full name, nationality, place and date of birth, and any other citizenships.
  • Emirates ID, passport, and identification documents
  • Proof of address and supporting documentation
  • Company information (trade license, ownership structure, UBOs)
  • Biometric or photo verification (where applicable)
  • Beneficial owners, representatives, authorised signatories, and details of shareholdings and directorships
  • Tax status, sources of income and funds, assets and liabilities
  • Whether you are a politically exposed person

3.2 Account & Contact Information

  • Email address
  • Phone number
  • Login credentials
  • User roles and permissions

3.3 Financial & Transaction Data

  • Details of your products and services including application information, customer ID number, account number, and details of additional signatories
  • Account balances and activity
  • Card usage and transactions
  • Payment details (including cross-border transfers)
  • Beneficiary and supplier information
  • Information relating to complaints and/or fraud reports and details associated with account closure and/or card cancellation

3.4 Technical & Usage Data

  • IP address and device information
  • Browser type and operating system
  • Platform usage and interaction data
  • Mobile phone location data, MAC address and other technical information regarding your use of the Services

3.5 Data from Third Parties

We will generally collect your personal data from you directly. In addition, we may receive data from:

  • Identity verification providers
  • Sanctions and AML screening databases
  • Fraud prevention agencies
  • Banking and payment partners
  • Your employer
  • Publicly available directories and information,
  • Regulatory or public sources
  • Other members of our group

4. Why We Use Your Data

4.1 Service Delivery

  • Creating and managing your account
  • Issuing and managing cards
  • Processing domestic and cross-border payments
  • Enabling platform functionality

4.2 Identity Verification & Compliance

  • Conducting KYB and KYC checks
  • AML, sanctions screening, and fraud prevention
  • Meeting regulatory and legal obligations

4.3 Payment Processing & Infrastructure

  • Executing transactions through card networks and payment rails
  • Supporting cross-border transfers and foreign exchange processing
  • Settlement and reconciliation of transactions

4.4 Platform Operations

  • Customer support and issue resolution
  • Monitoring system performance and usage
  • Preventing misuse or unauthorized activity

We may monitor, record, view, intercept and keep records of calls, emails, text messages, social media messages, meetings and other communications where permitted by law or regulation and where the law or regulation requires it. This may be done to comply with regulatory rules, prevent or detect crime, protect the security of our systems and procedures, maintain records of discussions and instructions, protect you in relation to fraud risks, and for quality control and staff training purposes. We may also conduct short-term carefully controlled monitoring of your activities on your account where necessary for our legitimate interests or to comply with our legal obligations, including where we suspect fraud, money laundering or other crimes.

4.5 Communications

  • Sending service-related updates and notifications
  • Security alerts and account-related messages

5. Legal Basis for Processing

We process your data based on:

(a) processing is necessary to perform our contract with you or to take steps prior to entering into it;

(b) processing is necessary for our legitimate interests including administering and managing your account and services, testing the performance of our products, services and internal processes, carrying out monitoring and keeping records, management and auditing of our business operations, and fraud prevention, provided such interests are not overridden by your rights;

(c) processing is necessary to comply with our legal and regulatory obligations, including identity checks, anti-money laundering checks, fraud prevention, record keeping, and responding to lawful requests by regulators, courts or authorities; or

(d) where required under applicable law, processing is based on your consent.

If we ask you to provide personal data to comply with a legal/regulatory requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory and the possible consequences if you do not provide it. Where processing is based on your consent, you have the right to withdraw that consent for future processing at any time, unless the personal data is required for our business operations related to the provision of products and services to you.

6. Sharing Your Data

We may share your personal data with:

6.1 Within the Lynq Ecosystem

  • Mawarid Finance PJSC
  • NymCard Payment Services LLC
  • Other group companies, where relevant.

6.2 Service Providers

  • Payment networks (e.g. Visa, Mastercard)
  • Cloud and hosting providers
  • Identity verification and compliance partners
  • Legal and other professional advisers, auditors; communication tool providers; IT software and maintenance providers; document storage providers; and suppliers of other back office functions.

6.3 Regulatory Authorities

  • Central Bank of the UAE
  • Law enforcement or government authorities where required
  • Courts, tax authorities, fraud prevention agencies and where required or permitted by law.

6.4 Payment & Banking Partners

  • Banks and financial institutions involved in transactions
  • Cross-border payment and FX partners
  • Other payment service providers, financial institutions and trade associations, and buyers and their professional representatives as part of any restructuring or sale of our business or asset.

7. International Data Transfers

Your personal data may be processed outside the UAE where required for:

  • Payment processing
  • Cross-border transactions
  • Infrastructure and hosting

We will make sure that appropriate safeguards are implemented in line with applicable data protection laws before we transfer your personal data to such territories.

8. Data Retention

We retain your personal data for as long as is necessary for the purposes for which it was collected and to meet legal, regulatory and operational requirements.

For customer and transaction records, this will generally include the duration of your relationship with Mawarid and a minimum of 8 years after account closure or as otherwise required by applicable law or regulation. When we have no ongoing legitimate need to process your personal data, we will either delete or anonymise it or, if this is not possible, securely store it and isolate it from any further processing until deletion is possible.

9. Your Rights

Under applicable laws, You may have the right to:

  • The right to be informed about the processing of your personal data
  • Access your personal data and obtain information about how we process it
  • The right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed
  • Request deletion (subject to legal obligations)
  • The right to move, copy or transfer your personal data
  • Withdraw consent where applicable

10. Data Security

We implement appropriate safeguards to protect the personal information that we collect and process about you including:

  • Encryption and secure storage
  • Access controls and authentication
  • Fraud monitoring systems
  • Perimeter security systems

We utilize physical, electronic and procedural security measures to protect against loss, misuse, and alteration of personal information under our control.

We have put in place procedures to deal with any suspected personal data breach. In the event of a personal data breach, we will notify the relevant regulatory authorities and, where required, affected individuals without undue delay and in accordance with applicable laws, including within 72 hours where mandated.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Enable platform functionality
  • Improve performance and user experience
  • Analyze usage

Where required by applicable law, we will obtain your consent before placing non-essential cookies on your device. Consent is obtained through clear opt-in mechanisms, such as cookie banners or pop-ups presented when you first access our platform.

You can manage or withdraw your consent at any time through your browser settings or through the cookie preferences available on our platform.

12. Communications

We may use your Personal Information (i) to communicate with you about our Services and let you know about our policies and terms; (ii) to respond to you when you contact us; (iii) to provide you with relevant marketing communications, relating to the products and services that you have with us or that we offer.

We shall contact you via:

  • Email
  • SMS
  • Phone
  • Platform notifications

You are responsible for keeping your contact details up to date.

13. Third-Party Links

Lynq may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy notices and cookie notices and we do not accept any responsibility or liability for those notices or your use of those websites.

Transactions and dealings you enter into with merchants and/or third parties shall be effective only between you and the relevant merchant and/or third party, and Lynq shall neither be a party thereto nor be responsible for any such transaction.

14. Updates to This Policy

We may update this Privacy Policy from time to time in response to changing regulatory, legal, technical or business developments. Updates will be published on the Lynq platform and will take effect upon posting.

15. Contact Us

For any questions or concerns about our use of your personal data, or if you wish to exercise your rights under applicable laws, please contact us using the following details:

Email: support@getlynq.ae

Phone: +971 600 505 005

Data Protection Officer (DPO) – NymCard Payment Services LLC

For queries specifically related to data protection, you may also contact the Data Protection Officer at:

Email: dpo@nymcard.com

We may require further information from you in order to carry out any request and may ask you to provide proof of your identity.

16. Regulatory Framework

This Privacy Policy aligns with:

  • UAE Federal Decree Law No. 45/2021 (PDPL)
  • Central Bank of UAE regulations
  • Applicable financial services and data protection requirements
  • Platform notifications
Book a Demo
Login