Privacy Notice

  1. About us

We are Key Currency Limited (“Key”), company registered number 09603083. This notice details the types of data we use, why we use it and how.

  • “We” and “Us” refers to Key Currency Limited (“Key”). Key is authorised and regulated by the Financial Conduct Authority. Registered office: 42 Lytton Road, Barnet EN5 5BY. Registered in England and Wales.
  • For the purposes of data privacy laws, we are a Data Controller in relation to the information that we collect and hold about you. This means that we are responsible for ensuring that your data is processed fairly and lawfully by us.
  1. Your rights

You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this notice. You might need a copy of the information we hold, or you may ask us to correct it or delete it amongst other things. This section explains your rights and what to do if you’re not happy.

  • Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

  • Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object to being subject to automated decision processes and where we are processing your personal information for direct marketing purposes.
  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of your personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see above).
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party in a machine-readable, commonly used and structured format.

Where you have previously given us your permission to use your personal information, withdraw that permission. Where your permission is withdrawn, your previous consent will remain valid in respect of our use of your information prior to the date you withdrew it, or if any marketing material has been sent prior to you advising that you do not wish us to contact you again.

If you want to exercise any of these rights then please contact the Information Officer (see Section 9) in writing.

Please note that in some cases even when you make a request concerning your personal information, we may not be required, or may not be able, to honour it as this may result in us not being able to fulfil our legal and regulatory obligations or there is a minimum statutory period of time for which we have to keep your information. If this is the case then we will let you know our reasons.

  • Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

  • Fees

You will not have to pay a fee to access your personal information (or to exercise any of the other rights).  In some cases, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or if you request multiple copies of the information. Alternatively, we may refuse to comply with the request in such circumstances.

  • What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

  • Right to complain

If you wish to request further information about any of the above rights, or if you are unhappy with how we have handled your information, contact the Information Officer (see Section 9 for contact details).

If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office: https://ico.org.uk/global/contact-us/ 0303 123 1113.

  1. Information we collect

We collect the following kinds of information about you:

  • Information you provide to us

You provide us with certain information when you apply for foreign currency services. This may include:

  • Your name, address, date of birth, email address and telephone number;
  • Previous address details;
  • Credit or debit card details;
  • Nationality and country of residence;
  • In certain circumstances, utility bills, bank statements or copies of official identity records such as passports, driving licenses or birth and marriage certificates; and
  • The same details as above of other people with whom you are associated.
  • Combining data

The information you give us may be combined with other information about you that is obtained from other sources. The combination is usually undertaken with a view to enhancing an existing database with more information.

The information you give us may be compared with data available elsewhere in the public domain such as social media profiles or electoral role information to verify your identity or validate the information you have provided (for example, if you make a joint application or need to rely on a guarantor or in the context of anti-fraud measures).

  • Information provided from your use of our website

We gather information about how often you and other users access the website, the way in which you navigate around it, and how long you spend on particular pages.

  • Information from your devices when you use our website

We gather information about the devices that you use to access the website, such as the operating system, hardware, software versions, browser configuration, display size, browser configuration and connection information such as IP addresses.

We use cookies to recognise when you return to our site and to compile anonymous, aggregated statistics that allow us to understand how users use our site and to help us improve the structure of our website.We also use cookies to measure performance of our web server and, via a third party, allow you to leave comments on our blog pages. You can find more information about the types of cookies we use in our Cookie Policy.

  • Other information

We monitor or record your communications with us to meet our regulatory obligations and to improve our services.

If you provide us with information about another person, it is important you ask them if its ok and tell them what information you are providing and why,for example, if you make a joint application for  services. If they do not want their information given to us, then you should not provide it. If they would like to know more, they can have a copy of this Privacy Notice or they can write to our Information Officer using the contact details in Section 9.

  1. How we use that information

We collect information about you for the following purposes:

  • Verifying your identity

The information you provide will help us to verify your identity so that we know we are dealing with the correct person. We do this by checking the information you give us against external databases.

  • Providing you with our services

We will use the information that we hold about you in order to enter or look to enter into a contract with you for our services and the to fulfil our obligations under such contract. This includes contacting you to communicate with you in connection with our services and to deal with any queries concerning the data that we hold.

  • Fraud prevention and other legitimate interests

We will use the information in order to detect or prevent fraud and to comply with our legal obligations (for example, to ensure that no-one has fraudulently used your details or to confirm you have only entered information about yourself).Information can be used to corroborate your details (including using third parties to undertake those checks on our behalf).

Information is also being used, by us or third parties (see section 6), for risk assessment and management, identification and debt collection.

  • Securing and monitoring the relevance of our services

Information about your devices and your use of the website is used to ensure that our service is user-friendly and to help improve the content and user experience of the website. It also allows us to tailor the website to match your interests and preferences better and understand who has visited which pages to determine the most popular areas of the website.

  • Marketing

We use your information to identify products and services that we think may be of interest to you.

We will only send you marketing messages where you have consented to such contact, or in the case of products and services, where these are like those that we have already provided to you.

You have the right to ask us not to not send you marketing messages by post, telephone or e-mail or any combination of these at any time.

You can do this by:

  • Post

You can withdraw your consent for postal marketing from anyone by adding your details to the Mail Preference Service. For more details please go to www.mpsonline.org.uk.

  • E-mail or SMS (text message)

You can unsubscribe from receiving e-mail or SMS marketing communications by using the instructions in any email or SMS communication we send you.

  • Telephone calls

To withdraw your consent for live or automated calls from anyone you can add your name to the Telephone Preference Service which is maintained at this website address: www.tpsonline.org.uk.

  • Social media and online

You can configure your advertising preferences on social media such as Facebook, Twitter, Instagram or Pinterest by accessing your settings or preference options on the relevant platform.

  1. Our basis for using your information

In terms of the legal bases we rely on to process your information, these are where the processing is necessary:

  • for the performance of a contract with you for provision of our products and/or services or to take steps at your request prior to entering into such a contract;
  • to comply with our legal obligations;
  • for our legitimate interests in:
    • ensuring the quality of the products and services we provide to you;
    • collecting information for marketing purposes;
    • communicating with you
    • improving the functionality of our website; and
    • statistical analysis; or
  • where you have consented to such use.

We process your sensitive and special categories of information (this includes data concerning your health, personal data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or data concerning sexual orientation) where we have asked for your explicit consent or otherwise where this is necessary for the establishment, exercise or defence of legal claims.

In the case that you have provided (for example in the context of anti-fraud measures).

If you do choose to provide your consent you can withdraw it at any time by contacting the Information Officer.

  1. Who we share information with

We will not pass your information on to third parties except in accordance with this notice.

  • Our suppliers

We will provide your information to our service providers to allow them to assist us with delivering the products or services that you have requested, under the following categories:

  • accountants;
  • auditors;
  • lawyers;
  • information technology and information security providers; and
  • market research and analytics companies.
  • payment service providers
  • ID verification providers

We share your personal information with these service providers for the purposes of:

  • providing our services to you;
  • market research;
  • analytical and statistical purposes; and
  • maintaining a record of our relationship.

If you would like further information regarding the specific named recipients that we share data with, please contact us by writing to the Information Officer.

  • Fraud prevention, law enforcement agencies and other non-marketing users

We may share your personal information, or any suspected fraud relating to you, with law enforcement agencies and regulators where we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation, or if we reasonably consider that this is necessary to help prevent or detect fraud or other crime or to protect the rights, property, or our safety, our customers or others.

The personal information you provide (including your email and internet protocol (IP) addresses) may also be copied, stored, used and licensed to assist with identity verification, prevention of fraud and money laundering, service delivery and process implementation.

We may share your information if we are under a duty to disclose or share your information with HM Revenue & Customs (HMRC), who may transfer it to the government or the tax authorities in another country where you may be subject to tax.

We may also share your personal information withany other third parties where we are required to do so by law.

The results of your identity check may also be disclosed to authorised third parties through credit referencing, fraud prevention, risk assessment and identification products.

  • International transfers

We do not transfer, use and/or store your personal information outside of the European Economic Area (“EEA”).

We may update this list from time to time and any changes will be communicated to you via an update to this privacy notice.

Transfers occur to our third-party service providers are to enable them use and store your personal information on our behalf.  We will, however, put in place appropriate security procedures in order to protect your personal information. We also ensure that, where your information is transferred to any country outside the EEA this is done using specific legally-approved safeguards.  You can request further details and a copy of these by contacting the Information Officer (see Section 9).

  1. Keeping your data

We will keep your information only for as long as necessary depending on the purpose for which it was provided. Details of retention periods for different aspects of your personal information are available in our retention policy which is available from the Information Officer.

When determining the relevant retention periods, we will take into account factors including:

  • legal obligations under applicable law to retain data for a certain period of time;
  • statute of limitations under applicable law(s);
  • (potential) disputes; and
  • guidelines issued by relevant supervisory authorities.
  1. Our security measures

We are aware of the importance of safeguarding the information under our control and endeavour to take all reasonable steps to protect it. All data collected is stored on secure servers, and we have stringent security and confidentiality procedures covering the storage and disclosure of such information in accordance with the current data protection regulations.

We link to a wide variety of other sites. We are not responsible for the content or privacy policies of these sites, nor for the way in which information about their users is treated. In particular, unless expressly stated, we are not agents for these sites nor are we authorised to make representations on their behalf.

  1. How to contact us

You may write to us at:

Information Officer

Key Currency Limited

St Piran House

Truro Technology Park

Truro

TR1 2XN