Privacy Notice for RegTechPRO

Effective Date: 10 January 2022

1. Who We Are

RegTechPRO Limited operates this compliance workflow management platform to help FCA-regulated firms meet regulatory compliance obligations. For applicable data protection legislation, RegTechPRO Limited is the "data controller" of your data, meaning we determine how and why your data is processed.

Our contact details are:

  • Address: RegTechPRO, Offices 1 - 7, 2 Wood Ridge Crescent, Cambridgeshire, PE19 6BG 

  • Email: admin@regtechpro.co.uk

2. What Information We Collect

We collect and process various types of personal data to deliver and improve our services. This may include the following categories of information:

2.1 Information You Provide to Us

  • Account Information: When registering an account, we collect personal data such as your name, email address, contact details, job title, and company information.

  • Payment Information: When subscribing to our services, we collect payment information (such as credit card details) to process payments securely.

  • Communications: Any data you provide when contacting us via email or through the platform, including feedback and support requests.

2.2 Information We Collect Automatically

  • Usage Data: We collect information about your interaction with our platform, including IP addresses, browser type, operating system, pages visited, and links clicked.

  • Cookies and Tracking Technologies: We use cookies and similar tracking technologies to monitor your activity on our website and platform. For more details, refer to our Cookie Policy.

2.3 Information from Third Parties

  • Third-Party Integrations: If you integrate third-party services with our platform, we may receive data from those services, such as user authentication details.

  • Public Sources: We may collect information from public databases or social media platforms to verify your identity or enhance the accuracy of our records.

3. How We Use Your Information

We use the personal data we collect for the following purposes:

3.1 To Provide Our Services

  • To create and manage your account on the RegTechPRO platform.

  • To process payments and manage billing.

  • To provide customer support and respond to inquiries.

  • To ensure compliance with regulatory obligations, including FCA regulations.

3.2 For Platform Improvement and Development

  • To monitor usage patterns and improve our platform’s functionality.

  • To analyse trends and user behaviour to enhance user experience.

  • To conduct research and development for new features and services.

3.3 Marketing and Communication

  • We may send you newsletters, product updates, and promotional content with your consent.

  • To notify you about changes to our platform, services, or policies.

3.4 Compliance with Legal Obligations

  • To fulfill legal and regulatory requirements, including data protection, financial regulations, and anti-money laundering (AML) laws.

  • To prevent, detect, and investigate security breaches, fraud, or other criminal activities.

4. Legal Basis for Processing

Under GDPR, we rely on several legal bases to process your data:

4.1 Consent

Where you have provided explicit consent for specific data processing activities, such as receiving marketing communications.

4.2 Contractual Necessity

We process your data where necessary to fulfill our contractual obligations to you, such as providing the services you have subscribed to.

4.3 Legal Obligation

We process your data where required to comply with applicable legal obligations, such as financial record-keeping and reporting requirements.

4.4 Legitimate Interests

We may process your data where necessary for our legitimate business interests, such as improving our platform or preventing fraud, provided that your rights and interests do not override these interests.

5. Sharing Your Information

We do not sell or rent your data to third parties. However, we may share your information in the following circumstances:

5.1 Service Providers

We may share your data with trusted third-party service providers who perform functions on our behalf, such as payment processors, cloud storage providers, and IT support services. Confidentiality agreements bind these service providers and must process your data in accordance with this Privacy Notice.

5.2 Legal and Regulatory Authorities

We may disclose your data to regulatory authorities, law enforcement agencies, or other governmental bodies if required by law or in response to valid legal processes.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our assets, your data may be transferred to the new entity as part of the transaction. We will notify you of any such changes and ensure your data remains protected.

6. Data Retention

We will retain your data for as long as necessary to fulfill the purposes outlined in this Privacy Notice. This may include retaining your data to comply with legal obligations, resolve disputes, and enforce our agreements.

6.1 Retention Periods

  • Account Information: Retained for the duration of your account, plus an additional period to comply with legal obligations (such as financial records).

  • Payment Data: Retained as long as necessary to process payments and comply with tax or audit requirements.

  • Communication Data: Retained to respond to your inquiries or feedback for a reasonable period.

When we no longer require your data for these purposes, we will securely delete or anonymise it.

7. Data Security

We take the security of your data seriously and implement appropriate technical and organisational measures to protect it. These measures include encryption, access controls, and secure data storage solutions.

7.1 Security Measures

  • Encryption: We use bank-grade encryption to protect personal data in transit and at rest.

  • Access Control: Access to personal data is restricted to authorised personnel who need it for legitimate business purposes.

  • Regular Audits: We review and update security measures to address emerging threats.

However, no data transmission over the Internet or electronic storage method is completely secure. While we strive to protect your data, we cannot guarantee its absolute security.

8. Your Rights

As a data subject, you have the following rights under GDPR and other applicable data protection laws:

8.1 Right to Access

You have the right to request a copy of the personal data we hold about you and information about how we process it.

8.2 Right to Rectification

If your data is inaccurate or incomplete, you can request that we correct or update it.

8.3 Right to Erasure

You have the right to request the deletion of your data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected or when you withdraw your consent.

8.4 Right to Restrict Processing

You may request that we restrict the processing of your data under certain conditions, such as when you contest the accuracy of the data or object to processing.

8.5 Right to Data Portability

You have the right to request that we provide your data in a structured, commonly used, and machine-readable format so that you can transfer it to another service provider.

8.6 Right to Object

You may object to our processing of your data based on legitimate interests or direct marketing. If you object, we will stop processing your data unless we can demonstrate compelling, legitimate grounds to continue.

8.7 Right to Withdraw Consent

If you have provided consent for certain types of data processing, you can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please email us at admin@regtechpro.co.uk. We will respond to your request within one month, although we may extend this period in certain circumstances.

9. International Data Transfers

Your data may be transferred to and processed in countries outside the UK or the European Economic Area (EEA), where data protection laws may be different. If we transfer your data outside these regions, we will ensure that appropriate safeguards are in place to protect your data, such as Standard Contractual Clauses or reliance on privacy frameworks such as the EU-U.S. Privacy Shield (where applicable).

10. Changes to This Privacy Notice

We may update this Privacy Notice occasionally to reflect changes in our data processing practices or legal requirements. We will notify you of any significant changes via email or platform. Your continued platform use following such updates will constitute acceptance of the revised Privacy Notice.

11. Contact Us

If you have any questions or concerns about this Privacy Notice or our data practices, please get in touch with us at:

Global Change Initiatives (UK) Limited

  • Email: admin@regtechpro.co.uk

  • Address: RegTechPRO, Offices 1 - 7, 2 Wood Ridge Crescent, Cambridgeshire, PE19 6BG 

We will address your concerns and provide clear and detailed responses to any inquiries about how we handle your data.

12. Complaints

If you believe we have not complied with applicable data protection laws or are dissatisfied with our data handling. In that case, you can complain to the Information Commissioner’s Office (ICO) or another relevant supervisory authority.

Contact the ICO:

  • Website: https://ico.org.uk

  • Phone: 0303 123 1113

  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

If you are outside the UK, you may also contact your local data protection authority.