Foreign Currency Exchange Limited (“FCE” or “We”) is committed to protecting your personal privacy.
Please read the following carefully to understand how we handle your information.
For the purpose of the General Data Protection Regulation 2016 (“GDPR”), the data controller is Foreign Currency Exchange Limited, which trades as FC Exchange, part of Global Reach Group Ltd. Registered Company No. 09907831.
Our legal bases for using your personal information
The GDPR sets out a number of different reasons for which a company may collect and process your information. For the most part, we require your personal data to enable us to deliver our services to you, and we rely on the following legal bases to do so:
1. Contractual obligations
Most of the information we collect from you is necessary to fulfil our contract with you and serve you as a customer.
For example, we require your banking details in order to settle payments on orders you place.
2. Legal obligations
In certain cases, we are required by law to collect and process your information.
For example, we require personal information to carry out Anti-Money Laundering checks, and we pass on the details of people involved in fraud or other criminal activity affecting FCE to relevant authorities.
In specific situations, we will collect and process your information with your consent.
For example, when you tick a box to receive marketing material from us.
We will always make it clear to you what you are consenting to and what information is necessary for which services. If you have given consent to our use of your personal information, you are entitled to withdraw this consent at any time. Please be aware, however, that in some circumstances the withdrawal of your consent may result in our being unable to provide some services to you.
4. Legitimate interests
Sometimes, we use your personal information to pursue our legitimate business or commercial interests in a way you might reasonably expect as part of running our business and operating our website. We will not rely on our own legitimate interests without first considering your own rights, freedoms or interests.
For example, we may use your personal data to create a smoother customer service experience, because we have a legitimate interest in improving our products, services, and relationships with our clients and partners.
Whenever we process your data for these purposes, we will ensure that we always keep your personal data rights in high regard and take account of these rights. You also have the right to object to this processing. If you wish to do so, please let us know by contacting firstname.lastname@example.org. Please bear in mind that if you object, this may affect our ability to provide you with some of our services.
The information we may collect from you
The information we collect and process may broadly include:
|Type of personal information||Description|
|Contact||Your name and contact details (address, email, phone number).|
|Transactional||Details about your accounts, and payments made to and from these accounts.|
|Communication records||Details recorded during our written and verbal communications with you (emails, records of phone calls).|
|Publicly available information||Information that you have made openly available about you in the public domain (such as information on your LinkedIn or company's website).|
|Documentary data||Additional personal information held on copies of documents you provide us, such as identification, and proof of residential address documents [see approved documents for full list].|
|Consents||Any consents or preferences you indicate, such as marketing or communication preferences.|
|Usage data||Information about how you use our products and services.|
|National Identifier||For example your National Insurance Number or Tax Identification Number (TIN).|
|Special category data||
Occasionally, when you supply us with copies of documents we need to open your account, we may inadvertently collect particularly sensitive data that the law treats differently. This may include data pertaining to:
- Racial or ethnic origin
- Religious, political or philosophical beliefs
- Biometric data
- Health Data
- Lifestyle information
- Criminal convictions and offences
For example, the photo on your passport is classified as biometric data.
Please note: We will never store this data without your explicit consent. We store this data with the utmost care, and for the purpose of providing our services to you.
Information gathered when you visit our website. This might include; the Internet Protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browsing plug-in types and versions, operating system and platform, Uniform Resource Locators (URL), and how you navigate our website.
How we collect your information
Information from other sources
Where we have obtained your consent, have a legitimate interest, or legal obligation, we may receive or share your information from other companies within the Global Reach group of companies if you use any of the other websites we operate (www.globalreach-partners.com) or other services we provide.
We may also receive or share your data from other third parties, such as:
- Our partners (companies that introduce you to us)
- Our clients (when they wish to make a payment to you)
- Credit reference agencies (such as Callcredit and Equifax)
- Fraud prevention agencies (such as Action Fraud)
- Identity verification agencies
- Agents, suppliers, sub-contractors and advisers
- Government and law enforcement agencies (such as Companies House and HMRC)
We may combine the information about you which we receive from other sources with the information you give to us and the information we collect about you, for the same purposes set out above.
Information you provide about other people
If you provide us with information about another person, you confirm that you have informed them of our identity and the purposes for which their information will be processed.
You may provide another person’s bank account details (if you are asking us to make a payment to them), or contact details such as; email address, mobile phone number or postal address. These are used to notify an individual that they will be receiving a payment from us on your behalf. A message may be sent to the other person using the contact details provided by you and this message will make reference to your name and explain to the recipient that you were the source of his/her contact details. We will never use the contact details you provide of another individual for marketing purposes.
How we use your information
We will use the information you provide us to:
- Provide you with the information, products and services that you request from us;
- Comply with our legal reporting obligations;
- Provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- Notify you about changes to our services; and
- Ensure that content from our website is presented in the most effective manner for you and for your computer;
We will use the information we collect about you to:
- Manage our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- Improve our website to ensure that content is well presented for you and for your computer;
- To comply with our legal reporting obligations;
- Measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- Continue our efforts to keep our website safe and secure; and
- Make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
We may share your information with authorities in order to comply with legal obligations, and provide you with our products and services.
Where you have provided consent, we may share your information with other select third parties for the performance of a contract, for example:
- Business partners;
- Suppliers; or
In addition, we may disclose your personal information to third parties:
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation;
- In order to conduct any necessary background checks on you
- In order to enforce or apply our terms and conditions and other agreements; or
- To protect the rights, property, or safety of FCE, our customers, or others.
Transfers and security
We may be required to transfer your information to other countries outside the European Economic Area (“EEA”), for example, when reporting to foreign authorities. In these cases, we will ensure our actions comply with the data security standards set out in the GDPR. We will also take all reasonable steps to ensure that this information is stored securely and is not passed on or sold to a third party for marketing purposes.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features, in line with the standards set out in the GDPR, to try to prevent unauthorised access.
You have a range of rights over your information and we will endeavor to respect any requests to exercise them.
You may request access to the information we hold about you by making a Subject Access Request (SAR). Once we have confirmed your identity, we will comply with an SAR free of charge within 30 days, unless we deem the request unfounded or excessive. In this event, we will explain why we have decided not to action your request.
You may request that we correct the information we hold on you when it is incorrect, out of date, or incomplete.
You may request that we destroy, delete or discontinue using your personal information when it is no longer necessary for the purpose we originally collected it.
You may request that we stop processing your information when you contest its accuracy or the lawfulness of the processing.
Whenever you have given us your consent to use your information, you have the right to change your mind at any time and withdraw your consent.
In cases where we are processing your information on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
We will do so unless we believe we have a legitimate overriding reason to continue processing your information.
You have the right to stop our use of your information for direct marketing activities through all channels, or selected channels. You always have the opportunity to opt-out and we will always comply with your request.
To do so, click the ‘unsubscribe’ link in any email communication we send to you to notify us that you would like us to stop any further emails.
Submitting a request
You can request to exercise these rights at any time by contacting us at email@example.com.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
If we choose not to action your request we will explain to you the reasons for our refusal.