Lexe Privacy Policy

Last updated: 2024-12-11

Lexe utilizes state-of-the-art secure hardware and end-to-end encryption to provide hosted, non-custodial Bitcoin and Lightning payment services to users worldwide ("Services").

Data Protection

Your Lexe node data is always encrypted. It can never be viewed or modified by anyone but yourself and your Lexe node. Any communication between your Lexe app and Lexe node is private and protected by mutually authenticated TLS (mTLS). Likewise, your communication with Lexe backend services is always secured with TLS.

Information you provide

Account Information. Your device generates a random cryptographic identifier for use as its Lexe account. We don't currently collect any personal information. Additional technical information is stored on our servers, including randomly generated authentication tokens, public keys, push notification tokens, and other material that is necessary for basic operation.

Payments. The Lexe backend stores limited metadata on user payments to support efficient operation. The body of each payment is encrypted; what Lexe sees is the payment id and payment creation date. The payment id is typically an opaque hash value or client generated id. On-chain Bitcoin receives use the Bitcoin Transaction Id (txid), which fully identifies the transaction on-chain.

Lightning Payments. When you send or receive Lightning payments, they flow through the Lexe LSP (Liquidity Service Provider). We observe the payment value from the proportional fees we collect. When you send a payment, we cannot determine the recipient. Likewise, we cannot determine the original sender when you receive a payment. The payment route is privately computed inside your Lexe node.

Node Logs. We collect logs from your Lexe node so that we can diagnose production issues and improve our performance and reliability. These logs may contain information like network request metadata, performance counters, runtime errors, or node lifecycle events. These logs never contain sensitive data like private keys, passwords, or authentication tokens.

Camera Permissions. We request limited camera access only when you attempt to scan a QR code. We never store nor share any scanned QR codes or other images.

User Support. If you contact Lexe User Support, any personal data you may share with us is kept only for the purposes of researching the issue and contacting you about your case.

Information we may share

Third Parties. We do not and will not sell your data to any third parties. We do work with third parties to provide some of our Services. For example, your Lexe node syncs data from Third-Party Bitcoin blockchain data providers.

Other instances where Lexe may need to store or share your data

To meet any applicable law, regulation, legal process or enforceable governmental request.
To detect, prevent, or otherwise address fraud, security, or technical issues.
To protect against harm to the rights, property, or safety of Lexe, our users, or the public as required or permitted by law.

Updates

We will update this privacy policy as needed so that it is current, accurate, and as clear as possible. Your continued use of our Services confirms your acceptance of our updated Privacy Policy.

Contact Us

If you have questions about our Privacy Policy please contact us at privacy@lexe.app.