PRIVACY POLICY

1. Summary

At GRE Finance we respect the privacy of our clients and we are committed to keeping all your Personal Data secure. This document lets you know what personal information we collect about you, how we collect it, what we use it for and on what basis. This includes what you tell us about yourself, what we learn by having you as a customer, and the choices you give us about what marketing you want us to send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you. In addition, you have the right to know what information we hold about you and to have a copy of it, and you can ask us to change or sometimes delete it. Please read this notice carefully as it applies to the products and services we provide you. If you have any questions you can find the relevant contact details on page 8.

2. New Clients

2.1 WHAT KINDS OF PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?

Contact details and other information to confirm your identity: Your name, address, email address, phone number, date of birth, passport Communications: Your communications with us, including emails and phone calls Consents: Any permissions, consents or preferences that you give us, including communications that you would like to receive from us and how you would like us to contact you.

 

2.3 How do we use your information and for what purposes?

We are only allowed to use your personal information if we have a lawful reason for doing so. We will use your information if we can satisfy that processing it is necessary:

  • To provide our product and/or services to you
  • To carry out specific marketing activities
  • In order for use to comply with a legal or regulatory obligation
  • When it is in our ‘legitimate interests’ (i.e. we have a business or commercial interest to use your information as long as it does not overly prejudice you)
  • When you consent to it

2.2 How do we collect your information?

We may collect personal information:

  • Via the website
  • Via face to face meetings with members of the GRE Finance team
  • Referral from existing client
  • By email and letters
  • By phone

 

2.4 Who do we share your information with?

We may share your information with any member of our group (which means our subsidiaries, our ultimate holding company and its subsidiaries, and with other teams / departments within GRE Finance, including Finance & Compliance, Customer Services, Analytics, Marketing and Technology for the purposes described in this policy)

We may share your information with the following third parties:

  • Third parties that we engage with to help us operate, improve, integrate, market and customise our product and/or services
  • GRE Finance KYC compliance officer
  • In order for us to comply with a legal or regulatory obligation
  • IT providers / hosted IT solution providers If a service provider needs to access information about you to perform services on our behalf, they do so under instruction from us and with controls in place in order to protect your information
  • We do not sell your data to any third parties

3. Existing Clients

3.1 What kinds of Personal Information do we collect about you?

We may collect and process the following data about you:

Contact details and other information to confirm your identity:
Your name, address, email address, phone number, date of birth and passport Communications:
Your communications with us, including emails and phone calls ‘KYC’ information:Details about you collected by us to identify and verify the identity of our customers, including a copy of your passport and a utility bill noting your home address
Anti-money laundering verification:
As a result of money laundering regulations, we may need to verify the source of your funds
Technical information:
The internet protocol (IP) address used to connect your computer to the interest, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
Behaviour:
Details about how you use our website and services, including information about your visit, including the full Uniform Resources Locators (URL) clickstream to, through and from our site (including date and time); products you viewed and searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page
Consents:
Any permissions, consents or preferences that you give us, including communications that you would like to receive from us and how you would like us to contact you

3.2 How do we collect your information?

We may collect personal information:

  • Via the website
  • Via face to face meetings with members of the GRE Finance team
  • By email and letters
  • By phone

We may also collect personal information from third parties we work with:

  • Identification / credit reference agencies
  • Financial advisers
  • Companies that introduce you to us

3.3 How do we use your information and for what purposes?

We are only allowed to use your personal information if we have a lawful reason
for doing so. We will use your information if we can satisfy that processing it is
necessary:

  • To provide our product and/or services to you
  • In order for us to comply with a legal or regulatory obligation
  • When it is in our ‘legitimate interests’ (i.e. we have a business or commercial interest to use your information as long as it does not overly prejudice you)
  • When you consent to it
  • We use information held about you in the following ways:

What we use your information for:
To manage our relationship with you:

  • To carry out marketing activities
  • To understand how our clients use our website and services
  • To provide guidance on our website and services

Our basis for using your information:

  • Provision of our products and services
  • Your consent
  • Compliance with legal and regulatory obligations
  • Our legitimate interests – developing products and services, keeping records and contact details up the date, determining which of our products may interest you

What we use your information for:
To deliver our product and services to you:

  • To report transaction activity to you
  • To adhere to our obligations set out in agreements and contracts

Our basis for using your information:

  • Provision of our product and services
  • Compliance with legal and regulatory obligations
  • Our legitimate interests – being efficient with how we fulfill our legal and
    contractual obligation

What we use your information for:
To develop our products and services:

  • To test new products and/or services or iterations of existing products and/or services
  • To administer our website and for internal operations, including troubleshooting, ata analysis, testing, research, statistical and survey purposes
  • To manage how we work with third parties that provide services to us

Our basis for using your information:

  • Provision of our product and services
  • Compliance with legal and regulatory obligations
  • Our legitimate interests – developing products and/or services; being efficient with how we fulfill our legal and contractual obligations

What we use your information for:
To detect, investigate and report financial crime:

  • To comply with laws and regulations
  • To manage risk
  • To monitor and prevent fraud
  • To verify a customer’s identity
  • To respond to and resolve complaints

Our basis for using your information:

  • Compliance with legal and regulatory obligations
  • Our legitimate interests – develop and improve how we deal with financial rime; being efficient with how we fulfill our legal and regulatory obligations

What we use your information for:
To run our business efficiently and in compliance with applicable regulatory standards:

  • Corporate governance
  • Financial and regulatory audits
  • Regulatory reporting and filings
  • Business, financial and strategic planning

Our basis for using your information:

  • Compliance with legal and regulatory obligations
  • Our legitimate interests – develop and improve our business operations; being efficient with how we fulfill our legal and regulatory obligations

3.4 Who do we share your information with?

We may share your information with any member of our group (which means our
subsidiaries, our ultimate holding company and its subsidiaries, and with other
teams / departments within GRE Finance, including Finance & Compliance,
Customer Services, Analytics, Marketing and Technology for the purposes
described in this policy).

We may share your information with the following third parties:

  • The Financial Conduct Authority (FCA), and other regulators and authorities
  • Financial Services Compensation Scheme (FSCS)
  • HM Revenue & Customs (HMRC)
  • Credit reference agencies
  • Fraud prevention agencies
  • Third parties that we engage with to help us operate, improve, integrate, market and customise our product and/or services
  • GRE Finance’s payment service provider
  • GRE Finance’s KYC compliance officer
  • IT providers / hosted IT solution providers
  • GRE Finance’s auditors
  • Banks and funding partners

If a service provider needs to access information about you to perform services on our behalf, they do so under instruction from us and with controls in place in order to protect your information.

We do not sell your data to any third parties.

What marketing activities do we carry out?

 

3.5 What marketing activities do we carry out?

We may use your personal information to provide you with information about products or services that may be of interest to you.

We can only use your personal information to send you marketing messages if we have either your consent or a ‘legitimate interest’. This is where we have a business or commercial reason to use your information as long as it does not overly prejudice you.

You can ask us to stop sending you marketing messages by contacting us at any time by emailing us at info@grefinance.com or calling us on +44 (0) 20 3883 6808.

Irrespective of your contact preferences, you will still receive transaction statements from us, and other important information such as any changes to existing products or services.

4. How Long Do We Keep Your Personal Information For?

We only keep personal information for as long as reasonably necessary to fulfil the relevant purposes described in this notice and in order to comply with our legal and regulatory obligations.

5. Where Do We Store Your Personal Information?

Unfortunately, the transmission of information via the internet is not completely
secure. Although we will do our best to protect your personal data, we cannot
guarantee the security of your data transmitted to our website and any transmission is at your own risk. For example, if you access the internet via an
unsecure network. Once we have received your information, we will use strict
procedures and security features to try to prevent unauthorised access.

We have extensive controls in place to maintain the security of our information
and information systems. Client files are protected with safeguards according to
the sensitivity of the relevant information. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised employees.

Where we have given you (or where you have chosen) a password and PIN which
enables you to access certain parts of our website, you are responsible for keeping this password and PIN confidential. We ask you not to share either with anyone

As a condition of employment, GRE Finance employees are required to follow all
applicable laws and regulations, including in relation to data protection law.
Access to sensitive Personal Data is limited to those employees who need it to
perform their roles. Unauthorised use or disclosure of confidential client information by a GRE Finance employee is prohibited and may result in disciplinary measures.

When you contact a GRE Finance employee about your file, you may be asked for
some Personal Data. This type of safeguard is designed to ensure that only you,
or someone authorised by you, has access to your file.

6. Do We Transfer Personal Data Outside Of The European Economic Area (EEA)?

The DP Legislation prohibits us from transferring personal information to countries outside the European Economic Area (EEA), unless we first put in place additional safeguards.

For example, before transferring information, we may need to enter into contracts with recipients in non-EEA countries which incorporate Standard Contractual Clauses approved by the EU Commission.

Currently the only occasion on which we would transfer any data outside the EEA is if you visit our website when your IP address, location data (country) and pages visited may be transferred to Google Inc in the USA who provide us with analytical data on how our website is used so that we can improve your experience. Your data is protected while in the USA by the Privacy Shield Treaty.

7. What Are Your Rights?

Under data protection law you have certain rights in relation to the personal
information that we hold about you. You may exercise these rights at any time by
contacting us using the details set out in this policy

In certain cases, we may not be able to comply with your request for reasons
such as our obligations to comply with any legal or regulatory requirements.
In the event that we cannot comply with your request, we will also respond to
you and tell you why.

Your rights include:

7.1 The right to access your personal information:

You are entitled to a copy of the personal information we hold about you and
certain details of how we use it.

Your information will be provided to you electronically, unless otherwise requested.

We will respond to your request within a reasonable period of time, but at the l
atest within one month of the request (assuming we have any requisite
information from you in order to be able to process your request).

7.2 The right to rectification:

You have the right to have your information rectified if it is inaccurate or
incomplete. We aim to ensure that your personal information is accurate,
however, please do contact us if you require your information to be updated
or amended.

7.3 The right to erasure:

You have the right to request the deletion or removal of your information.
There are, however, specific circumstances where we may be unable to deal
with your request,

e.g. if we need to retain your information to comply with a legal or regulatory
obligation.

7.4 The right to restrict processing:

You have the right to request that we limit the way we use your information if you
have a particular reason for wanting that restriction e.g. in circumstances where
you believe that we don’t have the appropriate rights to process your information.

7.5 The right to data portability:

You have the right to obtain some of your information in a format you can move
from one service provider to another. Should you request it, we will provide you
with an electronic file of your basic account information.

7.6 The right to object:

You have the right to object to us processing your information e.g. you can ask us
to stop sending you marketing communications at any time.

8. Consent

You can withdraw your consent at any time. Please contact us if you want to do so.

You have the right to opt out of receiving some or all of the marketing communications we may send you at any time and can do so by (i) emailing us at info@grefinance.com or (ii) calling us on +44 (0) 20 3883 6808.

10. How To Complain

If you want to make a complaint about how we have handled your personal information, please contact us at info@grefinance.com and we will investigate the matter and report back to you. If you are still not satisfied after our response or

believe we are not using your personal information in line with the law, you also have the right to complain to the UK’s data protection regulator – the Information Commissioner’s Office – https://ico.org.uk/.

9. How To Contact Us

You can withdraw your consent at any time. Please contact us if you want to do so.

You have the right to opt out of receiving some or all of the marketing communications we may send you at any time and can do so by (i) emailing us at info@grefinance.com or (ii) calling us on +44 (0) 20 3883 6808.

11. Changes To Our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.