1. Privacy
At GC Partners, we understand that your privacy is important. We respect and value the privacy of everyone who visits www.gcpartners.co (the “Site”). We exclusively collect and use your Data as described in this Privacy Notice (the “Notice”) and as permitted by Data Protection Legislation.
The purpose of this policy is to explain how and why we collect information from you, who has access to it and what your rights are. Please read this Notice carefully and ensure that you understand it.
Please note that our Site is not intended for use by individuals under 18 years old.
2. Who are we?
We are GC Partners, and our Site is owned and operated by Global Currency Exchange Network Limited and Global Custodial Services Ltd (both trading as GC Partners), a company registered in the UK at 3rd Floor 20 Dering Street, London, England, W1S 1AJ (“GC Partners”, or “we”, “us” or “our”).
For the purposes of the Data Protection Legislation, we are the data controller under the UK Data Protection Act/UK GDPR, as well as under the EU/EEA GDPR, we are responsible for determining the purposes and means of how your data is processed.
If you have any concerns about how we Process or protect your Data or would like to contact us about any aspect of this Policy, please get in touch with our Data Protection Officer, who oversees our handling of Data, and who can be contacted at [email protected]
This Policy should be read together with our Cookies Policy which can be found here, and our Site terms of service
3. What data do we collect about you?
We will collect Data about you from the following sources:
- directly from you via telephone, face-to-face, registration forms, email, or written format; (for example, when you create an account, make a payment, tell us about your preferences or respond to our campaigns, communicate with us, or use our Site); or
- from our clients and third-party brokers (with whom you may have a direct relationship with, for example as a third party or an investor) who have shared your information with us in order for us to provide services to our clients;
- GC Partners will collect information relating to your interactions on the Site and from cookies and tracking devices on your devices where you have permitted their use;
- All other information that is collected by us is information that you provide to us yourself, or that we have received from one of our clients (as set out above).
We will collect the following types of information:
| Type of Data | Description |
|---|---|
| Your personal and contact details | Information including your name, home address, email address, telephone number. |
| Account information | Information about your account with us, including your date of birth, unique account number, unique customer identification, payment method information, marketing preferences, complaints details and any notes added to your account. |
| Visual images | Including videos and photographs of you provided in your interactions with us in social events we host and your profile image on social media if you choose to enable this through your social media account. |
| Financial information | Any information that allows us to understand your creditworthiness or your payment method, including bank account or payment card details. |
| Transactions and account history | All transactions you have made. We will also receive information about you from any third-party brokers. |
| Lifestyle and demographic | All that is available publicly on your social media profile where you connect with or contact us through your social media account. |
| Your communications via our Site | Including chat conversations via the Site your recorded telephone conversations with our customer support staff and emails. |
| How you use the Site | Any pages you visit, which content you view and what links and buttons you click. This information may be collected through cookies or similar technologies. For more information, please see our Cookie Policy here. |
| General Location information | The device or computer you use to access the Site will provide us with your IP address. The IP address tells us which city, state, or country you are accessing the Site from but does not give us detailed information about your location. |
| Device and other technical information | Such as the unique device identifier and other information about the device’s hardware and software. |
| Advertising and direct marketing preferences and responses | Your interactions with offers and competitions, including any requests to stop receiving marketing communications. This information may be collected through cookies or similar technologies. For more information, please see our Cookie Policy here. |
| Sensitive Information | We may also Process Data about you that is sensitive in order to meet our legal and regulatory obligations and to protect our business. This includes Data as required by the Financial Conduct Authority (FCA), the Anti-Money Laundering Regulations and the Proceeds of Crime Act and otherwise to fulfil our legal and regulatory obligations as a money services business. This also includes biometric data (such as through photograph and CCTV) and information about suspected fraud, theft, or offences. If you come to an event that we host, this also includes information you provide (such as dietary preferences or disability information). |
4. How we use your data?
We use your Data in the following ways, and for the following reasons:
| What we use your Data for | The basis on which we can use your Data |
|---|---|
| To register you as a new user on the Site. | We need to Process this information to meet our contractual obligations. |
| To allow you to use our services (including managing your payments). | We need to Process this information to meet our contractual obligations and to comply with our legal and regulatory obligations. |
| To communicate with you about updates to the Site, our services, and any changes to our terms and conditions or Privacy Policy. | We need to Process this Data to meet our contractual obligations; to comply with our legal and regulatory obligations; and it is in our legitimate business interests to keep accurate records. |
| To receive feedback from you on our products and services. | We need to Process this Data to meet our contractual obligations and it is in our legitimate business interests to understand how we can improve our products and services. You do not have to provide us with this information. |
| To run our promotional events such as competitions and offers which may be of interest to you.
We may send you marketing material about our offers and events via email, text, or phone. You may opt out of direct marketing at any time (see section 11). |
We need to Process this Data as it is in our legitimate business interests to provide you with a personalised experience when you use our services.
Where necessary, we Process this Data based on your consent. |
| To provide customer support services. | It is in our legitimate business interests to respond to any communications we receive from you. If you do not wish to provide us with this information, we may not be able to respond fully to your queries. |
| To train our staff (for example our customer service team). | It is in our legitimate business interests to provide you with a helpful service. |
| To maintain and administer our Site. | It is in our legitimate business interests to maintain our IT services, network security, to maintain our system; and we need to Process this information to comply with our legal and regulatory obligations. |
| To improve our Site, products and services, and experiences, such as by understanding analytics. | It is in our legitimate business interests to better understand your preferences, update our Site, and develop our business strategy. |
| To comply with our legal and regulatory obligations as payment services operator.
This may involve verifying your identity. |
We need to Process this information to comply with our legal and regulatory obligations and it is in our legitimate business interests to prevent fraud and illegal activities on our Site. |
| To protect our business from money laundering, terrorist financing and other illegal activities.
We may identify you electronically using technology such as cookies. |
We need to Process this information to comply with our legal and regulatory obligations under a payment processor, anti-money laundering, anti-fraud and anti-terrorism laws.
We also Process this information in the public interest, and it is in our legitimate business interests to protect our business from any illegal or abusive use of our Site. |
| To provide you with advertising, which is relevant to you, and to understand your advertising preferences. | It is in our legitimate business interests to understand how you use our Site and how we should develop our marketing strategy. |
| In relation with a legal action, or when acquiring or selling a business. | It is in our legitimate business interest to be able to protect ourselves through legal action and to develop the business through acquiring or selling parts of our business. |
We will not share any of your Data with any other organisation or third parties for any purposes other than storage on an email and/or web hosting server without your consent.
5. Who will we share your information with?
In some cases, we may share your Data with third parties. This is to support your needs, to provide you with services, or to comply with our legal obligations. We may also share Data with third parties if it is in the public interest or the sharing is in our legitimate interest or the legitimate interest of another organisation.
The other organisations we may share your Data with are typically:
- Members of the GC Partners Group of companies for the purposes in section 4 above.
- Third-party suppliers and service providers for the purposes identified above – in particular, we work with platform services (to provide money transfer and account management functions), cloud providers (to host the Site), affiliate platform services, customer support software services, data storage services, payment service providers, know-your-customer and anti-money laundering services as well as enhanced due diligence, anti-fraud services, and fraud detection and protection services.
- Business partners and other organisations to help us meet our contractual and regulatory obligations, including audit, legal and compliance services.
- Identity verification and fraud prevention agencies such as banks, credit card companies and similar agencies which investigate and prevent fraudulent, criminal, or suspicious activity, or any other behaviour we are legally required to investigate. We will also pass on your information if we have reason to believe you have undertaken such activity.
- Analytics and search engine providers alongside other selected organisations which provide us with feedback about our Site and aid us in improving their optimisation.
- Statutory authorities when we are required to comply with a request for information, a court order disclose your Data, a regulatory investigation from a relevant governmental or financial regulatory authority, our legal obligations including our requirement to report suspicious behaviour.
- Regulator, law enforcement or fraud prevention agencies as well as legal professionals, courts, and other adjudication services to investigate any actual or suspected criminal activity.
We may also share your Data with third parties:
- If we consider selling or acquiring businesses or assets, in which case we will share your Data with the counterparty.
- If the GC Partners, or any of its group companies, becomes insolvent (i.e., becomes subject to administration or liquidation processes).
- If we, or substantially all of our assets, are acquired by a non-GC Partners group entity.
- If we need to enforce our terms and conditions.
- To protect our safety, rights, property, or the safety, rights or property of our customers, staff and others by sharing information with other companies and organisations such as the local police.
6. What rights do I have and can I access the information held on me?
Under Data Protection Legislation, you have several rights in relation to your Data. We have listed these below, but please note that some only apply in specific circumstances (detailed in the Data Protection Legislation):
| Your rights | How to exercise your rights |
|---|---|
| Right to access and receive a copy of the Data we hold about you. | It is generally free for you to request access to your Data by contacting us via [email protected]. If your request is repetitive or excessive, we may refuse to comply or we may charge you a fee. |
| Right to correct any inaccurate Data we hold about you. | You can amend, correct, delete or edit your Data. If you wish to, please contact our customer support team. Please see our contact details here. |
| Right to require us to erase your Data if (for example): (i) we no longer need the Data for the purpose we originally collected it for; (ii) we only collected it with your consent, and you now withdraw your consent; or (iii) you object to how we are Processing your Data. | You can request erasure of your Data by contacting our customer support team. Please see our contact details here. Or by emailing us via [email protected].
This process is not reversible. |
| Right to request that we restrict the Processing of your Data if (for example): (i) you believe that the Data we hold on you is inaccurate; (ii) you have the right to request that we erase your Data but would prefer us to restrict our Processing instead; or (iii) we no longer need the Data for the purpose we originally collected it for, but you require the Data for legal actions. | You can request the restriction of Processing of your Data by contacting our customer support team. Please see our contact details here. Once you have requested this you can change your mind at any time by contacting us again. Your account will not be accessible while the restriction is in place. |
| Right to request a copy of the Data we hold on you in a structured, commonly used and machine-readable format. You can also request that we transfer this to a third party on your request. Please note that this right may not apply to all of your Data. | In some circumstances, you can request the transfer of your Data to a third party by contacting us via [email protected] . The request must include which Data you would like to be transferred, to whom it should be transferred and by which method. |
| Right to object to our Processing of your Data, including for marketing purposes. Please note that in some cases, we may demonstrate that we have legitimate grounds to Process your information which overrides this right. | You can object to Processing of your Data by contacting our customer support team. Please see our contact details here.
Once you have objected you can change your mind at any time by contacting us again. Your account will not be accessible while the restriction is in place. |
| Right to not be subject to a decision based solely on an automated process, such as profiling, which results in you being significantly affected or produces legal effects concerning you. | You can exercise this right by contacting our customer support team. Please see our contact details here. |
| Right to withdraw your consent where we only Process your Data based on your consent. You can withdraw your consent to receive marketing communications from us at any time and for free. | To exercise your right to withdraw your consent to receive marketing communications please see section 10 above. |
You can also request access to your personal data or exercise your other individual rights by emailing us at [email protected] or contacting us here.
If you are accessing our services from the EEA, our representative in the EEA is LeagueLions and they can be contacted at [email protected]
7. How long do you keep my information for?
We will not keep your Data for longer than is required for the purposes for which we collected it, including for the purposes of satisfying any legal requirements. The length of time for which we retain your Data will depend on what we are using it for as set out in this Policy. For example, we will keep your email address whilst dealing with your enquiries, however, if you unsubscribe, we are required to retain your email address to ensure that we do not send you any email communications in the future and for our know-your-customer (“KYC”) purposes.
Please note, that we may be subject to legal and regulatory requirements to keep your Data for a longer period. We may also extend the retention times where the Data is needed to investigate a crime, handle a claim, or resolve a complaint. Generally, we keep your Data based on the criteria below:
| Type of Data | Typical Retention Time | Information |
|---|---|---|
| Marketing consents | Until you no longer consent | If you withdraw consent, we will keep this information on a ‘suppression list’ so we don’t contact you. |
| Customer call recordings | 12 Months | An extended retention may be applied on a case-by-case basis |
| Customer Data | Five years from the date your account is closed | We will only continue to retain this Data where this is:(i) Legally required under FCA or tax legislation or regulations; or(ii) Required to exercise or defend our legal rights. |
Where it is no longer necessary to Process your Data, we will delete it, anonymise or aggregate it by removing all details that identify you in accordance with Data Protection Legislation.
8. Where do we transfer your Data?
We primarily store and process our Account data within the UK or the European Economic Area (“EEA”). However, if we transfer your Data outside of the EEA, we ensure a similar degree of protection is afforded to it to safeguard your Data in accordance with Data Protection Legislation, which can include by:
- ensuring that your Data is only processed in countries which provide adequate data protection laws (in accordance with the Data Protection Legislation);
- o requiring recipients to sign up to strong contractual commitments that ensure the protection of your Personal Data (such as the EU Model Clauses); and/or
- taking any other measures that comply with Data Protection Legislation.
9. Keeping your Data safe
The nature of the internet means that the transmission of information may not be totally secure. We have implemented security measures to prevent your Data from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed.
Where you use a password to access certain services and features of our Site or Apps, it is essential this is kept confidential and do not share this with anyone. Unfortunately, we cannot guarantee the complete security of the information transmitted via the internet. While we have implemented security measures, any transmission is at your own risk.
10. Cookies
We use Cookies on our Site for the purposes listed in Section 4 above. For more information, please see our Cookies Policy here.
11. Marketing
You can tell us whether you wish to be contacted for marketing purposes, if so, how we can contact you. We will obtain this information from you when we first collect your Data and we will ask you what kind of communication you would like to receive from us.
You can opt-out from receiving marketing communications from us at any time by following the instructions below:
- Email marketing: to opt-out from emails, use the unsubscribe link provided within any email you receive.
Please be aware that it may take up to 28 days for your request to take effect. However, you will continue to receive other important information about our product and services.
12. Privacy policies of other websites
Our Site may contain links to other websites. This Policy only applies to our Site. If you click on a link to another website, you should read their privacy and cookie policies to understand how they Process your information.
13. Changes to this privacy policy
We may, from time to time, change or update this Privacy Policy in line with legal requirements or if our business changes. All changes to this Privacy Policy will be published on this page of the Site. Each change will become effective on publication. We recommend that you revisit and read this Privacy Policy regularly to ensure that you are up to date with the current terms.
This policy was last reviewed and updated in January 2023.
14. Any Questions?
If you have any questions or comments about this Policy, want to know more about how we use your Data, or want more information on your rights, please contact our Data Protection Officer by contacting: [email protected] or GC Partners, 3rd floor, 20 Dering Street, London, W1S 1AJ.
15. Complaints
If you have a complaint about how we Process your Data, please contact us at [email protected] and will try to resolve this.
However, if you feel that we haven’t addressed your concern in a satisfactory manner, you also have the right to complain to the Information Commissioner’s Office (“ICO”) at www.ico.org.uk/global/contact-us. You can read more about these rights here – https://ico.org.uk/your-data-matters/
If you are a user in the EU accessing our services from the EEA, you can complain to your local supervisory authority. Our representative in the EEA is League Lions and they can be contacted at [email protected]
16. Further information about us
- Global Currency Exchange Network Ltd Registration number: Z3248515
- Global Custodial Services Ltd Registration number: ZA083139
17. Glossary
| Term | What this means |
|---|---|
| Data | Information relating to an identifiable person, who can be directly or indirectly identified in particular by reference to an identifier, or which is otherwise defined as ‘Personal Data’ under Data Protection Legislation. |
| Data Protection Legislation | UK Data Protection Act 2018, UK General Data Protection Regulation 2018 (GDPR), EU GDPR, the Privacy and Electronic Communications (EC Directive) Regulations 2003, and any other applicable laws relating to the protection of Data. |
| Process, Processing or Processed | Accessing, collecting, obtaining, recording, holding, disclosing, using, altering, deleting, erasing, or destroying Data, or carrying out any operation(s) on the Data or as otherwise defined under applicable Data Protection Legislation. |