top of page

Privacy Policy

Finmondo Ltd Data Privacy Notice


Data Protection Act 2018 & GDPR

The DPA 2018 sets out the data protection framework in the UK, alongside the UK GDPR.

The UK GDPR is the UK General Data Protection Regulation. It is a UK law which came into effect on 01 January 2021. It sets out the key principles, rights and obligations for most processing of personal data in the UK, except for law enforcement and intelligence agencies.

The DPA 2018 sets out the framework for data protection law in the UK. It updates and replaces the Data Protection Act 1998, and came into effect on 25 May 2018. It was amended on 01 January 2021 by regulations under the European Union (Withdrawal) Act 2018, to reflect the UK’s status outside the EU.

It sits alongside and supplements the UK GDPR - for example by providing exemptions. It also sets out separate data protection rules for law enforcement authorities, extends data protection to some other areas such as national security and defence, and sets out the Information Commissioner’s functions and powers.


ICO Registration Details

The ICO regulates data protection in the UK. They offer advice and guidance, promote good practice, monitor breach reports, conduct audits and advisory visits, consider complaints, monitor compliance and take enforcement action where appropriate.

Any business or sole trader who processes personal information must register with the Information Commissioner’s Office (ICO) under the Data Protection Act 2018 and failure to register is a criminal offence.

Finmondo Ltd is registered with the ICO under registration number: ZA751265


What is Personal Information

In short, personal data means information about a particular living individual. This might be anyone, including a customer, client, employee, partner, member, supporter, business contact, public official or member of the public.

It doesn’t need to be ‘private’ information – even information which is public knowledge or is about someone’s professional life can be personal data.

It doesn’t cover truly anonymous information – but if you could still identify someone from the details, or by combining it with other information, it will still count as personal data.

It only includes paper records if you plan to put them on a computer (or other digital device) or file them in an organised way. If you are a public authority, all paper records are technically included – but you will be exempt from most of the usual data protection rules for unfiled papers and notes.


How do we collect your personal information?

We collect your personal information in a number of ways, including:

  • When you visit our website, we may collect information about your visit, such as the pages you view and the links you click on.

  • When you contact us, we may collect information such as your name, address, email address, and phone number.

  • When you use our services, we may collect information such as your ID details, address details, telephone number, email address, source of funds and source of wealth. Copies of documents may also be retained.

  • Depending on the results of our risk profile, we can potentially ask for more information. In order to confirm the accuracy of the information submitted and determine if you fall under the purview of sanctions or are politically exposed, we may also employ third-party software to carry out additional background checks.

  • Billing address and credit card information for Customers who purchase Services may be gathered and stored on our behalf by our corporate Affiliates and our third-party payment processors.

  • For your protection, the safety of our staff, and to help fight crime and fraud, we may utilise CCTV to acquire information about you in our stores.


Why do we collect your personal information?

We collect your personal information for a number of reasons, including:

  • To provide you with our services.

  • To process your transactions.

  • To communicate with you about our services.

  • To improve our services.

  • To comply with regulatory & legal obligations.


How do we use your personal information?

We value your privacy and want you to know how we use your personal information. Here are some of the ways we may use it:

  • Providing our services to you

  • Processing your transactions securely

  • Communicating with you about our services

  • Improving our services based on your feedback and usage patterns

  • Complying with legal & regulatory obligations to protect you, your information and our business


We take your privacy seriously and strive to use your personal information in a responsible and transparent way.

Who do we share your personal information with?

We may share your personal information with a number of third parties, including:

  • Our service providers, such as payment processors.

  • Our affiliates.

  • Law enforcement or other government officials, if required by law.

  • If Finmondo Ltd merges, changes ownership/sells the company, files for bankruptcy, or is dissolved

  • To protect and defend the rights, property, or safety of ourselves or others, including through the enforcement of contracts or policies, or in connection with detecting and preventing fraud.


How do we protect your personal information?

We fully respect your right to privacy when you engage with the Services, and we go above and beyond to be transparent with you about the data we will collect and how we will use it. Likewise, we only collect and use someone else's information when it is legal for us to do so. The website of the Information Commissioner's Office ("ICO") offers details about Personal Data collected by UK organisations.

We take steps to protect your personal information, including:

  • Using secure servers.

  • Encrypting your personal information.

  • Limiting access to your personal information to authorized employees.

  • Training our employees on data protection.


How long do we keep your personal information?

We will keep your personal information for as long as necessary to fulfil the purpose for which it was collected, or as required by law.

Your rights

Under the GDPR, you have a number of rights with respect to your personal information, including:

  • The right to access your personal information.

  • The right to have your personal information corrected or erased.

  • The right to object to the processing of your personal information.

  • The right to restrict the processing of your personal information.

  • The right to data portability.

  • The right to withdraw your consent to the processing of your personal information.


The above points are explained in more detail below:

  • Your right of access - You have the right to ask us for copies of your personal data;

  • Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

  • Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances.

  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.

  • Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.

  • Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.

  • The right to withdraw your consent to the processing of your personal information - For any of the reasons specified in this privacy statement that require your consent, you can ask us to cease processing your customer data by getting in touch with us. Please be aware that if you refuse to allow such processing, we might not be able to provide you with all or a portion of the Service.

  • There are no fees associated with exercising your rights. In the event that you submit a request, we have one month to answer. Please get in touch with us if you have a request. Please be as specific as you can when requesting data so that we can find your information. Your name and the general dates of the transactions must be provided at the very least. When such a request is made, your ID will also be asked; this is for your protection and to make sure that we are not disclosing your information to a third party.

Notifying a breach

We will notify the ICO of serious data breaches involving customer data within 48 hours of becoming aware of them, as soon as is reasonably possible and without excessive delay. When a personal data breach is not expected to jeopardise the rights and freedoms of natural persons, it is not necessary to notify the ICO; however, if notification is not made within 48 hours, we shall record a valid justification for the delay. A severe breach is one that occurs due to a security gap that causes the unintended or unlawful destruction, loss, modification, unauthorised disclosure of, or access to, Personal Data that is communicated, stored, or otherwise processed. Such a breach must be reported to the ICO.

Any data breaches will be documented, and a report will be sent to the ICO notifying them of the incident. Recordings must also be made of any corrective actions done to make sure that such incidents don't happen again.

Clients who might be impacted by the hack will be made aware that their information may have been compromised.

Age Restriction

Only those 18 and older are permitted to use the service. Even if the amount being transferred is below the thresholds at which we request identification, we will nonetheless ask for an ID if we believe that a minor is attempting to use the service.

How to exercise your rights & Contact Info

You can exercise your rights by contacting us at or (0)2871 377 171.

Changes to this Notice

We may update this Notice from time to time. If we make any material changes to this Notice, we will notify you by posting a notice on our website.

The ICO's contact information and complaint procedures

If you have any issues regarding the way we processed your personal data, please get in touch with us using the details provided in the contact info section. You can also complain to the ICO (Information Commissioner's Office) if you are dissatisfied with the way we handled your inquiry. The Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF address is the ICO's address. Call us at (033) 123-1113. On the ICO website, at the following address:, you can get further information about this.

Cookies Policy

This Cookies Policy explains how our website uses cookies and other similar technologies to enhance your experience while browsing our site. By using our website, you consent to the use of cookies in accordance with this policy.

What Are Cookies?

Cookies are small data files that are placed on your computer or mobile device when you visit a website. They are widely used to enable website functionality, improve website performance, and provide website owners with information about how users interact with their website.

Types of Cookies We Use

We use the following types of cookies on our website:

Essential Cookies: These cookies are necessary to provide you with the services and features available on our website, such as keeping you logged in and remembering your preferences.

Analytics Cookies: These cookies collect information about how visitors use our website, including the number of visitors to the site, the pages they visit, and the time spent on each page. This information is used to improve our website and enhance your browsing experience.

Advertising Cookies: These cookies are used to deliver relevant advertisements to you and measure the effectiveness of our advertising campaigns. They may be used by third-party advertisers to target advertisements to you based on your interests and online behaviour.


How We Use Cookies

We use cookies to:

  • Remember your preferences and settings.

  • Analyze how you use our website.

  • Deliver targeted advertising.

  • Third-Party Cookies


We may use third-party cookies on our website, such as Google Analytics and Facebook Pixel. These cookies are placed by third-party service providers and are used to collect information about your browsing behaviour across multiple websites. We do not have control over these cookies and how they are used by third-party providers. Please refer to the privacy policies of these third-party service providers for more information.

Managing Cookies

You can choose to accept or decline cookies by changing your browser settings. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of our website.

Updates to this Policy

We reserve the right to make changes to this Cookies Policy from time to time. Any changes will be posted on this page.

Need Our Assistance? Give Us a Call Now!
bottom of page