Security Policy

Protecting Your Information

At Lychee Tech, keeping your personal and financial information secure is our top priority. We are committed to maintaining secure effective methods when collecting, using and exchanging your information.

We deploy and maintain security controls and procedures that are constantly monitored and reviewed to ensure they are relevant and operating effectively. Our approach focuses on prevention, detection and correction at different channels.

How to Protect Yourself:

In addition to using strong authentication methods, please do not release information that could be used to compromise your account. Regardless of the type of information requested, you are advised to:

  • Assess and determine the reasonableness of the request, and ask yourself how critical the requested information for the specific service.
  • Verify the requestor’s identity by requesting precise information (e.g. last name, first name, Lychee email address) and if you are unsure of anything, kindly contact us to inquire about the provided country contact information.

If you receive a suspicious e-mail or SMS message that appears to be from Lychee Tech, please do the following:

  • Do not respond to the message or click on any of its links.
  • Report to Lychee immediately via the phone number or e-mail that is specific to your country.

Lychee Tech will never ask for your secure credentials (such as user name, password, Credit Card info, voucher code….).

Passwords and Authentication:

Protect your accounts and identity by securing your credentials (user ID & passwords) 

Use a strong password and token for optimal security. Call our Customer Care Center for more information.

Please DO:

  • keep your computer or mobile device software updated.
  • Download mobile apps from reputable sources
  • Install and keep your anti-virus software up-to-date.
  • Lock your computer or phone when not in use.
  • Avoid installing applications from unknown sources.
  • Avoid using public places Wi-Fi such as internet cafes or free wireless internet when accessing “Lychee app” service.
  • Use unique password and PIN for different services.
  • Change your password and PIN frequently.
  • Shop online with verified by Visa/MasterCard (3D Secure) features.
  • Look for privacy and security policies when shopping online.
  • Sign out of “Lychee Platform”, clear your cache and close your browser after completing your transactions.

DO NOT:                                                                  

  • Share your authentication credentials.
  • Write your password down.
  • Use default passwords, names and dictionary words, even in different languages.
  • Grant permission to applications on your computer or mobile that do not state the reason for the permission.
  • Leave your devices unattended.
  • Open e-mail or (attachments/click on links) from senders you do not know.
  • Respond to unsolicited e-mails or click a link that is in a suspicious e-mail or text message.

Create and Use Strong Passwords Only

Passwords should be strong so they are not easily guessed or cracked (i.e. at least (8) characters long, upper/lower case letters, and include numbers and special characters).

Common attacks

Social Engineering

“Social Engineering” refers to the practice of manipulating people to circumvent security systems and conduct fraud. This technique involves obtaining information people would not normally reveal to strangers.

Social engineering can take a variety of forms (e.g. telephone, e-mail, written mail, fax or instant messaging).


Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker masquerades as a trusted entity.

Phishing messages can come from a growing number of sources, including: e-mails, phone calls, social media messages and text messages. Victims can often be tricked into clicking the malicious link, or opening the malicious attachment.

E-Mail and SMS Spoofing

“Spoofing ” is when an e-mail or SMS message appears to have originated from one source when it was actually sent from another.

For example:

A scammer contacts a company pretending to be a financial institution/vendor, claiming that their bank account number has changed, so that subsequent payments will then unknowingly be routed to a fraudulent account.

Identity Theft

Identity theft is a type of fraud where a thief uses your personal information, such as your national ID or bank account number, to open accounts or initiate transactions using your name. Criminals may approach you pretending that they are a representative of Lychee or the bank. For this reason, please verify the identity of an individual or entity prior to responding, either verbal or electronic, to requests, for personal or business-related information.

Tips to Safeguard Your Information

  • Only enter debit/credit card and personal information when it involves a transaction you initiate and only on websites you trust.
  • Always use a secure website or authentic mobile application when submitting debit/credit card numbers, financial or personal information online.
  • Update your phone number by notifying Lychee as soon as you change it to ensure you receive instant notifications for any conducted transactions on your account(s).
  • Regularly monitor your account activities to promptly detect fraudulent transactions.
  • Avoid accessing your Lychee app services in open, public areas like internet cafes.
  • Secure your mobile phone and immediately report to us if you lose it or suspect any unauthorized access.

Website Usage Tracking – Cookies

Upon accessing a Website, unique information may be stored temporarily on the computer you are using. Cookies are utilized for the purpose of identifying and tracking a computer's access to their site. Cookies do not gather information that identifies you personally, nor may they be used to gather information stored on your computer. Should you want to do so, you can prevent cookies from being set on your computer by making necessary adjustments that disallow cookies within your browser options.

Applicability of This Statement

  • Lychee refers to Lychee app and subsidiaries.

Changes to This Statement

From time to time, it may be necessary for us to amend our Security Statement. The current version will be maintained on our website.


How to deactivate your Lychee account:

To deactivate your Lychee account:

  • Log in to your account.
  • Navigate to 'Account Settings'.
  • Select 'Deactivate Account'. 

Your account will be scheduled for permanent deletion after 30 days. If you wish to reactivate your Lychee account, simply log in before the 30-day period expires.