Legal
Privacy and Cookies Policy
We take your privacy seriously. This privacy policy is provided by Bound Rates Limited and sets out how we process your Data.
For purposes of the applicable Data Protection Laws, Bound is the "data controller". This means that Bound determines the purposes for which, and the manner in which, your Data is processed.
We have tried to make this privacy policy as short and clear as possible but if there is anything you would like further information about or if you have any questions, please get in touch with us by using the contact details in the final Section of this policy.
If you provide us with someone else’s Data, you must tell them what Data you’ve shared with us and direct them to read this privacy policy.
This privacy policy was last updated on 09 October 2024.
Please read this privacy policy carefully.
Definitions and interpretation
In this privacy policy, the following definitions are used:
Data: means personal data as defined in the Data Protection Laws; it is information which relates to you.
Cookies: a small text file placed on your computer by this Website when you visit certain parts of the Website and for when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below;
DataProtection Laws: any applicable law relating to the processing of Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations and secondary legislation;
GDPR: the UK General Data Protection Regulation;
Bound, we or us: Bound Rates Limited, a company incorporated in England and Wales with registered number 13036275 whose registered office is at 16 Great Chapel Street, London, W1F 8FL ;
UK Cookie Law: the Privacy and Electronic Communications (EC Directive) Regulations 2003
Website: the website that you are currently using, www.bound.co, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Whose Data do we use
The Data that we use will depend on your relationship with us. For the purposes of this privacy policy, we obtain and process Data relating to:
our customer, their relevant employees and users of our services;
prospective customers;
external stakeholders;
visitors to our website;
those who receive direct marketing from us;
payment beneficiaries; and
our business partners, suppliers and their personnel.
Data collected and used
We may collect the following Data from you:
General information includes first name, maiden name, last name, title, gender, nationality, details of languages spoken and date of birth;
Contact Details includes telephone numbers, email addresses (personal or work), work address, home address, billing address, delivery address;
Identification documentation includes copies of your passport, driving licence, national or work ID card, bank statements, utility bills;
Services transaction details includes payer and payee information, details of loan agreements, information necessary to process and analyse invoices and to enable payment transactions, open accounts, or other information necessary to deliver our products and services;
Employment and Business Details includes industry, job role, business activities, employer, work contact details, details of services/products provided, the terms and conditions of your contract;
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
Financial Information includes transaction history and details, bank details and account numbers, invoice details;
Support Data such as comments, feedback and information that you submit to us when using our support services and logs/ticket information of support services;
Transaction Details includes contact history, purchase and transaction history, details about payments and saved items;
Social Media includes information from social media accounts you provide or link to us such as Facebook;
Incident History includes health and safety accidents, security incidents, accident information, complaints communications, insurance claims history;
Usage Details includes information about the browser or device you used and the date and time you accessed our IT systems, other information about how you use our website, products and services;
Marketing Data includes your marketing preferences in relation to receiving marketing communications from us and (if relevant) third parties;
Security Data includes results from due diligence and security checks;
Communications Data includes your communication preferences, responses, comments, views and opinions when you communicate with us;
Images and recordings including your photograph, film/video footage and recordings (which may include your voice); and
Technical Data which is any information obtained from cookies such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. Please see our cookies policy for more information https://www.bound.co/legal/cookie-declaration.
Information about your visit and your behaviour on our Website (for example, the pages that you click on). This may include the website you visit before and after visiting our Website (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting] further service or downloads;
How we collect Data
We usually collect your Data from the information you provide to us during the course of our relationship for example:
when you contact us through the Website, by telephone, post, e-mail or through any other means;
when you register with us and set up an account to receive our products/services;
when you complete surveys that we use for research purposes (although you are not obliged to respond to them);
when you enter a competition or promotion through a social media channel;
when you make payments to us, through this Website or otherwise;
when you elect to receive marketing communications from us;
when you use our services;
We may also collect Data about you from:
from other individuals within a customer organisation;.
from third parties who might introduce or refer customers to us or who provide us with details of potential customers;
payment sender where you are a payment beneficiary;
other third parties directly (e.g. credit reference agencies);
third parties with your consent (e.g. your bank);
trusted suppliers (e.g. payment providers, marketing agencies);
via publicly available sources such as internet search engines, national company registers, national regulatory registers, international company registers and private company information sites.
open electoral registers and social media sites;
from other companies within our group of companies;
through customer satisfaction surveys and market research;
third party references, including previous employers and named referees;
IT systems, including via our services platform;
cookies on our website;
HM Revenue and Customs;
government agencies;
insurance companies;
professional advisors including external legal advisors; or
IT service providers.
5. Our use of Data
We will process your Data in connection with the management of our relationship with you, for the following purposes supported by the following legal bases:
Purpose :To discuss new customer onboarding/offer a free trial/provide assisted onboarding services.
Legal Basis
If you are a sole trader, we need to use your Data to enter into an agreement with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to onboard a new customer).
Purpose: Administration and management (including moderation and record keeping) of your account to facilitate the provision of our services.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to administer, invoice and manage our customers’ accounts).
Purpose: To communicate with you generally, to resolve any complaints you may have and to provide you with notifications about any changes to our services or products.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to send you communications and updates about our services and ensure that complaints are handled appropriately).
Purpose: To provide user support when you use our products or to respond to any support queries.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of an organisation of a prospective customer, we need to use your Data for our legitimate business interests (to provide user support for you to be better able to use our services).
Purpose: To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
Legal Basis
We have a legitimate business interest (to understand how we can improve the products and services we offer)
Purpose: To administer and protect our business and keep our products working, safe and secure (by troubleshooting, data analysis, testing, system maintenance and monitoring and addressing other security/technical issues and monitoring and assessing compliance with our policies and standards).
Legal Basis
We have a legitimate business interest (to take all necessary measures to protect and uphold our systems, carry out investigations to prevent security issues).
We have a legal obligation to ensure the security of Data and our systems.
Purpose: To comply with applicable laws, court orders, government and law enforcement agencies’ requests.
Legal Basis
We have a legitimate business interest to comply with law enforcement agencies' requests and assist with the prevention/detection of criminal activity.
We have a legal obligation.
Purpose: For general business management and operation purposes such as business planning and audits.
Legal Basis
We have a legitimate business interest (to effectively manage our business).
Purpose:To carry out marketing or customer relationship activities or send you marketing information about our products or services.
Legal Basis
We have your consent.
We have a legitimate business interest (to send you information about our products or services which we think you may be interested in).
Purpose: To carry out money laundering, financial and credit checks and for fraud and crime prevention and detection purposes.
Legal Basis
We have a legal obligation.
Purpose: To carry out customer satisfaction surveys.
Legal Basis
We have a legitimate business interest (to understand how we can improve the products and services we offer).
Purpose: To exercise and/or defend our legal rights.
Legal Basis
We have a legitimate business interest (to exercise and/or defend our legal rights).
Purpose: In connection with a business transaction such as merger, restructuring or sale of the business or business strategies.
Legal Basis
We have a legitimate business interest (for business administration and operations)
6. Who we share Data with
We may share your Data with the following recipients for the following reasons:
other representatives within a customer's organisation – as part of administration and delivery of our products and services and as part of customer engagement;
third party service providers who provide services to us which require the processing of Data - to assist with performing functions on our behalf to help ensure the website runs smoothly, deliver our services and products to you and for marketing and sales automation;
third party payment providers who process payments made over the Website - to enable third party payment providers to effectively process user fundings, payments, conversions and refunds within the prescribed regulatory standards;
relevant authorities - to prevent fraud and/or to facilitate the detection of crime;
selected third parties in connection with the sale, transfer or disposal of our business;
professional advisors such as lawyers and auditors – for the purposes of obtaining advice and managing our business;
any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request.
7. Disclosing your information
We share your information with our selected third party providers including:
(a) business partners, partner providers, suppliers and sub-contractors for the performance of any contract we enter into with them or you, including (but not limited) to:
1. Muinmos APS, Hovedgaden, 7190 Billund, Denmark, to conduct the required background, identity and compliance checks
2. Currency Cloud, 12 Steward St, London E1 6FQ, for the provision of fx and payment services
3. Intercom R&D Unlimited Company, Intercom R&D Unlimited Company, to facilitate the chat function
4. Docusign, The Pavilions, Bridgwater Road, Bristol, England, BS13 8FD, for the provision of document signing software
5. Typeform, Carrer de Bac de Roda, 163, Spain, for collection of onboarding information
6. Mixpanel, Avenida Diagonal, 442 - P. 3 PTA. 1 08037, Barcelona, Spain, for product usage analytics
7. HSBC UK, 1 Centenary Square, Birmingham, B1 1HQ, to provide banking services
8. TRAction, 28 Queen St London EC4R 1BB, for trade reporting
9. Hubspot, 1 Sir John Rogerson's Quay, Dublin 2 Ireland, for sales and marketing services
8. Keeping Data secure
We will use technical and organisational measures to safeguard your Data, for example:
access to your account is controlled by a password and a user name that is unique to you.
we store your Data on secure servers.
payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: data@bound.co.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
9. Data retention
Below are the general criteria we use to determine how long we will keep your personal information, where upon we will either delete or anonymise the data:
We will continue to keep your Data while you are registered and have an account with us or we otherwise have an ongoing relationship with you (e.g. you have signed up to receive direct marketing, you have an ongoing complaint).
We will retain Data for at least seven (7) year if transactions have been entered into, in accordance with our regulatory obligations;
We will retain general correspondence and papers (including emails) received by us and our customer service team (excluding complaints and investigations) for 7 years.
Our register of complaints and investigations will be reviewed every 7 years.
Images and messages provided by you on our social media feed will be kept until you ask for them to be deleted.
Your IP address is kept in accordance with your cookie preferences.
If you have given us permission to send email marketing messages to you then we will retain your marketing preferences until you notify us that you no longer wish to receive such communications. We will review our marketing lists regularly and may contact you to ask if you wish to still continue receiving marketing emails.
Where not subject to the above or other requirements, we will generally keep your Data in accordance with any applicable limitation period (as set out in applicable law) plus one (1) year, to allow reasonable time for review and deletion or anonymisation of the Data held. This will usually be seven (7) years following the expiry of our business relationship with you.
In some circumstances we may store your Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements or so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Data or dealings.
10. Your rights
You have the following rights in relation to your Data:
Right to access - the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is "manifestly unfounded or excessive." Where we are legally required to, we may have to refuse your request. If we refuse your request, we will tell you the reasons why.
Right to correct - the right to have your Data rectified if it is inaccurate or incomplete.
Right to erase - the right to request that we delete or remove your Data from our systems.
Right to restrict our use of your Data - the right to "block" us from using your Data or limit the way in which we can use it.
Right to data portability - the right to request that we move, copy or transfer your Data.
Right to object - the right to object to our use of your Data including where we use it for our legitimate interests.
Right to withdraw consent – the right to withdraw consent at any time where we are relying on consent to process your Data.
Rights relating to automated decision-making – the right not to be subject to a decision based solely on automated means.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: data@bound.co
We encourage you to contact us (using the details in the Contacting Us section (see section 15) if you have any concerns with how we use your Data and we will do our best to resolve your concerns. If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk/.
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
11. Transfers outside the United Kingdom
Data which we collect from you may be stored and processed in and transferred to countries outside of the UK. For example, this could occur if our servers are located in a country outside the UK or one of our service providers is situated in a country outside the UK.
We will only transfer Data outside the UK where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, e.g. by way of data transfer agreement, incorporating the international data transfer agreement issued by the Information Commissioner's Office in the UK or ensuring the transfer is to a country which has been deemed to provide an adequate level of protection for your Data.
To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.
12. Links to other websites
This Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
13. Cookies
We use cookies on our website. Cookies are small text files that are downloaded onto your device when you visit a website. For more information about our use of cookies, please go to https://www.bound.co/cookie-declaration.
14. Changes to this privacy policy
Bound reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this privacy notice so you are fully aware of any changes or updates.
15. Contacting us
If you have any queries about the contents of this privacy policy, or wish to inform us of a change or correction to your Data, would like a copy of the data we collect on you or would like to raise a complaint or comment, please contact Gerard Hurley, our Data Protection Officer, using the following details: info@bound.co.
We take your privacy seriously. This privacy policy is provided by Bound Rates Limited and sets out how we process your Data.
For purposes of the applicable Data Protection Laws, Bound is the "data controller". This means that Bound determines the purposes for which, and the manner in which, your Data is processed.
We have tried to make this privacy policy as short and clear as possible but if there is anything you would like further information about or if you have any questions, please get in touch with us by using the contact details in the final Section of this policy.
If you provide us with someone else’s Data, you must tell them what Data you’ve shared with us and direct them to read this privacy policy.
This privacy policy was last updated on 09 October 2024.
Please read this privacy policy carefully.
Definitions and interpretation
In this privacy policy, the following definitions are used:
Data: means personal data as defined in the Data Protection Laws; it is information which relates to you.
Cookies: a small text file placed on your computer by this Website when you visit certain parts of the Website and for when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below;
DataProtection Laws: any applicable law relating to the processing of Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations and secondary legislation;
GDPR: the UK General Data Protection Regulation;
Bound, we or us: Bound Rates Limited, a company incorporated in England and Wales with registered number 13036275 whose registered office is at 16 Great Chapel Street, London, W1F 8FL ;
UK Cookie Law: the Privacy and Electronic Communications (EC Directive) Regulations 2003
Website: the website that you are currently using, www.bound.co, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Whose Data do we use
The Data that we use will depend on your relationship with us. For the purposes of this privacy policy, we obtain and process Data relating to:
our customer, their relevant employees and users of our services;
prospective customers;
external stakeholders;
visitors to our website;
those who receive direct marketing from us;
payment beneficiaries; and
our business partners, suppliers and their personnel.
Data collected and used
We may collect the following Data from you:
General information includes first name, maiden name, last name, title, gender, nationality, details of languages spoken and date of birth;
Contact Details includes telephone numbers, email addresses (personal or work), work address, home address, billing address, delivery address;
Identification documentation includes copies of your passport, driving licence, national or work ID card, bank statements, utility bills;
Services transaction details includes payer and payee information, details of loan agreements, information necessary to process and analyse invoices and to enable payment transactions, open accounts, or other information necessary to deliver our products and services;
Employment and Business Details includes industry, job role, business activities, employer, work contact details, details of services/products provided, the terms and conditions of your contract;
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
Financial Information includes transaction history and details, bank details and account numbers, invoice details;
Support Data such as comments, feedback and information that you submit to us when using our support services and logs/ticket information of support services;
Transaction Details includes contact history, purchase and transaction history, details about payments and saved items;
Social Media includes information from social media accounts you provide or link to us such as Facebook;
Incident History includes health and safety accidents, security incidents, accident information, complaints communications, insurance claims history;
Usage Details includes information about the browser or device you used and the date and time you accessed our IT systems, other information about how you use our website, products and services;
Marketing Data includes your marketing preferences in relation to receiving marketing communications from us and (if relevant) third parties;
Security Data includes results from due diligence and security checks;
Communications Data includes your communication preferences, responses, comments, views and opinions when you communicate with us;
Images and recordings including your photograph, film/video footage and recordings (which may include your voice); and
Technical Data which is any information obtained from cookies such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. Please see our cookies policy for more information https://www.bound.co/legal/cookie-declaration.
Information about your visit and your behaviour on our Website (for example, the pages that you click on). This may include the website you visit before and after visiting our Website (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting] further service or downloads;
How we collect Data
We usually collect your Data from the information you provide to us during the course of our relationship for example:
when you contact us through the Website, by telephone, post, e-mail or through any other means;
when you register with us and set up an account to receive our products/services;
when you complete surveys that we use for research purposes (although you are not obliged to respond to them);
when you enter a competition or promotion through a social media channel;
when you make payments to us, through this Website or otherwise;
when you elect to receive marketing communications from us;
when you use our services;
We may also collect Data about you from:
from other individuals within a customer organisation;.
from third parties who might introduce or refer customers to us or who provide us with details of potential customers;
payment sender where you are a payment beneficiary;
other third parties directly (e.g. credit reference agencies);
third parties with your consent (e.g. your bank);
trusted suppliers (e.g. payment providers, marketing agencies);
via publicly available sources such as internet search engines, national company registers, national regulatory registers, international company registers and private company information sites.
open electoral registers and social media sites;
from other companies within our group of companies;
through customer satisfaction surveys and market research;
third party references, including previous employers and named referees;
IT systems, including via our services platform;
cookies on our website;
HM Revenue and Customs;
government agencies;
insurance companies;
professional advisors including external legal advisors; or
IT service providers.
5. Our use of Data
We will process your Data in connection with the management of our relationship with you, for the following purposes supported by the following legal bases:
Purpose :To discuss new customer onboarding/offer a free trial/provide assisted onboarding services.
Legal Basis
If you are a sole trader, we need to use your Data to enter into an agreement with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to onboard a new customer).
Purpose: Administration and management (including moderation and record keeping) of your account to facilitate the provision of our services.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to administer, invoice and manage our customers’ accounts).
Purpose: To communicate with you generally, to resolve any complaints you may have and to provide you with notifications about any changes to our services or products.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to send you communications and updates about our services and ensure that complaints are handled appropriately).
Purpose: To provide user support when you use our products or to respond to any support queries.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of an organisation of a prospective customer, we need to use your Data for our legitimate business interests (to provide user support for you to be better able to use our services).
Purpose: To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
Legal Basis
We have a legitimate business interest (to understand how we can improve the products and services we offer)
Purpose: To administer and protect our business and keep our products working, safe and secure (by troubleshooting, data analysis, testing, system maintenance and monitoring and addressing other security/technical issues and monitoring and assessing compliance with our policies and standards).
Legal Basis
We have a legitimate business interest (to take all necessary measures to protect and uphold our systems, carry out investigations to prevent security issues).
We have a legal obligation to ensure the security of Data and our systems.
Purpose: To comply with applicable laws, court orders, government and law enforcement agencies’ requests.
Legal Basis
We have a legitimate business interest to comply with law enforcement agencies' requests and assist with the prevention/detection of criminal activity.
We have a legal obligation.
Purpose: For general business management and operation purposes such as business planning and audits.
Legal Basis
We have a legitimate business interest (to effectively manage our business).
Purpose:To carry out marketing or customer relationship activities or send you marketing information about our products or services.
Legal Basis
We have your consent.
We have a legitimate business interest (to send you information about our products or services which we think you may be interested in).
Purpose: To carry out money laundering, financial and credit checks and for fraud and crime prevention and detection purposes.
Legal Basis
We have a legal obligation.
Purpose: To carry out customer satisfaction surveys.
Legal Basis
We have a legitimate business interest (to understand how we can improve the products and services we offer).
Purpose: To exercise and/or defend our legal rights.
Legal Basis
We have a legitimate business interest (to exercise and/or defend our legal rights).
Purpose: In connection with a business transaction such as merger, restructuring or sale of the business or business strategies.
Legal Basis
We have a legitimate business interest (for business administration and operations)
6. Who we share Data with
We may share your Data with the following recipients for the following reasons:
other representatives within a customer's organisation – as part of administration and delivery of our products and services and as part of customer engagement;
third party service providers who provide services to us which require the processing of Data - to assist with performing functions on our behalf to help ensure the website runs smoothly, deliver our services and products to you and for marketing and sales automation;
third party payment providers who process payments made over the Website - to enable third party payment providers to effectively process user fundings, payments, conversions and refunds within the prescribed regulatory standards;
relevant authorities - to prevent fraud and/or to facilitate the detection of crime;
selected third parties in connection with the sale, transfer or disposal of our business;
professional advisors such as lawyers and auditors – for the purposes of obtaining advice and managing our business;
any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request.
7. Disclosing your information
We share your information with our selected third party providers including:
(a) business partners, partner providers, suppliers and sub-contractors for the performance of any contract we enter into with them or you, including (but not limited) to:
1. Muinmos APS, Hovedgaden, 7190 Billund, Denmark, to conduct the required background, identity and compliance checks
2. Currency Cloud, 12 Steward St, London E1 6FQ, for the provision of fx and payment services
3. Intercom R&D Unlimited Company, Intercom R&D Unlimited Company, to facilitate the chat function
4. Docusign, The Pavilions, Bridgwater Road, Bristol, England, BS13 8FD, for the provision of document signing software
5. Typeform, Carrer de Bac de Roda, 163, Spain, for collection of onboarding information
6. Mixpanel, Avenida Diagonal, 442 - P. 3 PTA. 1 08037, Barcelona, Spain, for product usage analytics
7. HSBC UK, 1 Centenary Square, Birmingham, B1 1HQ, to provide banking services
8. TRAction, 28 Queen St London EC4R 1BB, for trade reporting
9. Hubspot, 1 Sir John Rogerson's Quay, Dublin 2 Ireland, for sales and marketing services
8. Keeping Data secure
We will use technical and organisational measures to safeguard your Data, for example:
access to your account is controlled by a password and a user name that is unique to you.
we store your Data on secure servers.
payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: data@bound.co.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
9. Data retention
Below are the general criteria we use to determine how long we will keep your personal information, where upon we will either delete or anonymise the data:
We will continue to keep your Data while you are registered and have an account with us or we otherwise have an ongoing relationship with you (e.g. you have signed up to receive direct marketing, you have an ongoing complaint).
We will retain Data for at least seven (7) year if transactions have been entered into, in accordance with our regulatory obligations;
We will retain general correspondence and papers (including emails) received by us and our customer service team (excluding complaints and investigations) for 7 years.
Our register of complaints and investigations will be reviewed every 7 years.
Images and messages provided by you on our social media feed will be kept until you ask for them to be deleted.
Your IP address is kept in accordance with your cookie preferences.
If you have given us permission to send email marketing messages to you then we will retain your marketing preferences until you notify us that you no longer wish to receive such communications. We will review our marketing lists regularly and may contact you to ask if you wish to still continue receiving marketing emails.
Where not subject to the above or other requirements, we will generally keep your Data in accordance with any applicable limitation period (as set out in applicable law) plus one (1) year, to allow reasonable time for review and deletion or anonymisation of the Data held. This will usually be seven (7) years following the expiry of our business relationship with you.
In some circumstances we may store your Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements or so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Data or dealings.
10. Your rights
You have the following rights in relation to your Data:
Right to access - the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is "manifestly unfounded or excessive." Where we are legally required to, we may have to refuse your request. If we refuse your request, we will tell you the reasons why.
Right to correct - the right to have your Data rectified if it is inaccurate or incomplete.
Right to erase - the right to request that we delete or remove your Data from our systems.
Right to restrict our use of your Data - the right to "block" us from using your Data or limit the way in which we can use it.
Right to data portability - the right to request that we move, copy or transfer your Data.
Right to object - the right to object to our use of your Data including where we use it for our legitimate interests.
Right to withdraw consent – the right to withdraw consent at any time where we are relying on consent to process your Data.
Rights relating to automated decision-making – the right not to be subject to a decision based solely on automated means.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: data@bound.co
We encourage you to contact us (using the details in the Contacting Us section (see section 15) if you have any concerns with how we use your Data and we will do our best to resolve your concerns. If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk/.
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
11. Transfers outside the United Kingdom
Data which we collect from you may be stored and processed in and transferred to countries outside of the UK. For example, this could occur if our servers are located in a country outside the UK or one of our service providers is situated in a country outside the UK.
We will only transfer Data outside the UK where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, e.g. by way of data transfer agreement, incorporating the international data transfer agreement issued by the Information Commissioner's Office in the UK or ensuring the transfer is to a country which has been deemed to provide an adequate level of protection for your Data.
To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.
12. Links to other websites
This Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
13. Cookies
We use cookies on our website. Cookies are small text files that are downloaded onto your device when you visit a website. For more information about our use of cookies, please go to https://www.bound.co/cookie-declaration.
14. Changes to this privacy policy
Bound reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this privacy notice so you are fully aware of any changes or updates.
15. Contacting us
If you have any queries about the contents of this privacy policy, or wish to inform us of a change or correction to your Data, would like a copy of the data we collect on you or would like to raise a complaint or comment, please contact Gerard Hurley, our Data Protection Officer, using the following details: info@bound.co.
We take your privacy seriously. This privacy policy is provided by Bound Rates Limited and sets out how we process your Data.
For purposes of the applicable Data Protection Laws, Bound is the "data controller". This means that Bound determines the purposes for which, and the manner in which, your Data is processed.
We have tried to make this privacy policy as short and clear as possible but if there is anything you would like further information about or if you have any questions, please get in touch with us by using the contact details in the final Section of this policy.
If you provide us with someone else’s Data, you must tell them what Data you’ve shared with us and direct them to read this privacy policy.
This privacy policy was last updated on 09 October 2024.
Please read this privacy policy carefully.
Definitions and interpretation
In this privacy policy, the following definitions are used:
Data: means personal data as defined in the Data Protection Laws; it is information which relates to you.
Cookies: a small text file placed on your computer by this Website when you visit certain parts of the Website and for when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below;
DataProtection Laws: any applicable law relating to the processing of Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations and secondary legislation;
GDPR: the UK General Data Protection Regulation;
Bound, we or us: Bound Rates Limited, a company incorporated in England and Wales with registered number 13036275 whose registered office is at 16 Great Chapel Street, London, W1F 8FL ;
UK Cookie Law: the Privacy and Electronic Communications (EC Directive) Regulations 2003
Website: the website that you are currently using, www.bound.co, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Whose Data do we use
The Data that we use will depend on your relationship with us. For the purposes of this privacy policy, we obtain and process Data relating to:
our customer, their relevant employees and users of our services;
prospective customers;
external stakeholders;
visitors to our website;
those who receive direct marketing from us;
payment beneficiaries; and
our business partners, suppliers and their personnel.
Data collected and used
We may collect the following Data from you:
General information includes first name, maiden name, last name, title, gender, nationality, details of languages spoken and date of birth;
Contact Details includes telephone numbers, email addresses (personal or work), work address, home address, billing address, delivery address;
Identification documentation includes copies of your passport, driving licence, national or work ID card, bank statements, utility bills;
Services transaction details includes payer and payee information, details of loan agreements, information necessary to process and analyse invoices and to enable payment transactions, open accounts, or other information necessary to deliver our products and services;
Employment and Business Details includes industry, job role, business activities, employer, work contact details, details of services/products provided, the terms and conditions of your contract;
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
Financial Information includes transaction history and details, bank details and account numbers, invoice details;
Support Data such as comments, feedback and information that you submit to us when using our support services and logs/ticket information of support services;
Transaction Details includes contact history, purchase and transaction history, details about payments and saved items;
Social Media includes information from social media accounts you provide or link to us such as Facebook;
Incident History includes health and safety accidents, security incidents, accident information, complaints communications, insurance claims history;
Usage Details includes information about the browser or device you used and the date and time you accessed our IT systems, other information about how you use our website, products and services;
Marketing Data includes your marketing preferences in relation to receiving marketing communications from us and (if relevant) third parties;
Security Data includes results from due diligence and security checks;
Communications Data includes your communication preferences, responses, comments, views and opinions when you communicate with us;
Images and recordings including your photograph, film/video footage and recordings (which may include your voice); and
Technical Data which is any information obtained from cookies such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. Please see our cookies policy for more information https://www.bound.co/legal/cookie-declaration.
Information about your visit and your behaviour on our Website (for example, the pages that you click on). This may include the website you visit before and after visiting our Website (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting] further service or downloads;
How we collect Data
We usually collect your Data from the information you provide to us during the course of our relationship for example:
when you contact us through the Website, by telephone, post, e-mail or through any other means;
when you register with us and set up an account to receive our products/services;
when you complete surveys that we use for research purposes (although you are not obliged to respond to them);
when you enter a competition or promotion through a social media channel;
when you make payments to us, through this Website or otherwise;
when you elect to receive marketing communications from us;
when you use our services;
We may also collect Data about you from:
from other individuals within a customer organisation;.
from third parties who might introduce or refer customers to us or who provide us with details of potential customers;
payment sender where you are a payment beneficiary;
other third parties directly (e.g. credit reference agencies);
third parties with your consent (e.g. your bank);
trusted suppliers (e.g. payment providers, marketing agencies);
via publicly available sources such as internet search engines, national company registers, national regulatory registers, international company registers and private company information sites.
open electoral registers and social media sites;
from other companies within our group of companies;
through customer satisfaction surveys and market research;
third party references, including previous employers and named referees;
IT systems, including via our services platform;
cookies on our website;
HM Revenue and Customs;
government agencies;
insurance companies;
professional advisors including external legal advisors; or
IT service providers.
5. Our use of Data
We will process your Data in connection with the management of our relationship with you, for the following purposes supported by the following legal bases:
Purpose :To discuss new customer onboarding/offer a free trial/provide assisted onboarding services.
Legal Basis
If you are a sole trader, we need to use your Data to enter into an agreement with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to onboard a new customer).
Purpose: Administration and management (including moderation and record keeping) of your account to facilitate the provision of our services.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to administer, invoice and manage our customers’ accounts).
Purpose: To communicate with you generally, to resolve any complaints you may have and to provide you with notifications about any changes to our services or products.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of one of our customers, we need to use your Data for our legitimate business interests (to send you communications and updates about our services and ensure that complaints are handled appropriately).
Purpose: To provide user support when you use our products or to respond to any support queries.
Legal Basis
If you are our customer, we need to use your Data to perform the agreement we have with you.
If you are a representative or account management contact of an organisation of a prospective customer, we need to use your Data for our legitimate business interests (to provide user support for you to be better able to use our services).
Purpose: To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
Legal Basis
We have a legitimate business interest (to understand how we can improve the products and services we offer)
Purpose: To administer and protect our business and keep our products working, safe and secure (by troubleshooting, data analysis, testing, system maintenance and monitoring and addressing other security/technical issues and monitoring and assessing compliance with our policies and standards).
Legal Basis
We have a legitimate business interest (to take all necessary measures to protect and uphold our systems, carry out investigations to prevent security issues).
We have a legal obligation to ensure the security of Data and our systems.
Purpose: To comply with applicable laws, court orders, government and law enforcement agencies’ requests.
Legal Basis
We have a legitimate business interest to comply with law enforcement agencies' requests and assist with the prevention/detection of criminal activity.
We have a legal obligation.
Purpose: For general business management and operation purposes such as business planning and audits.
Legal Basis
We have a legitimate business interest (to effectively manage our business).
Purpose:To carry out marketing or customer relationship activities or send you marketing information about our products or services.
Legal Basis
We have your consent.
We have a legitimate business interest (to send you information about our products or services which we think you may be interested in).
Purpose: To carry out money laundering, financial and credit checks and for fraud and crime prevention and detection purposes.
Legal Basis
We have a legal obligation.
Purpose: To carry out customer satisfaction surveys.
Legal Basis
We have a legitimate business interest (to understand how we can improve the products and services we offer).
Purpose: To exercise and/or defend our legal rights.
Legal Basis
We have a legitimate business interest (to exercise and/or defend our legal rights).
Purpose: In connection with a business transaction such as merger, restructuring or sale of the business or business strategies.
Legal Basis
We have a legitimate business interest (for business administration and operations)
6. Who we share Data with
We may share your Data with the following recipients for the following reasons:
other representatives within a customer's organisation – as part of administration and delivery of our products and services and as part of customer engagement;
third party service providers who provide services to us which require the processing of Data - to assist with performing functions on our behalf to help ensure the website runs smoothly, deliver our services and products to you and for marketing and sales automation;
third party payment providers who process payments made over the Website - to enable third party payment providers to effectively process user fundings, payments, conversions and refunds within the prescribed regulatory standards;
relevant authorities - to prevent fraud and/or to facilitate the detection of crime;
selected third parties in connection with the sale, transfer or disposal of our business;
professional advisors such as lawyers and auditors – for the purposes of obtaining advice and managing our business;
any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request.
7. Disclosing your information
We share your information with our selected third party providers including:
(a) business partners, partner providers, suppliers and sub-contractors for the performance of any contract we enter into with them or you, including (but not limited) to:
1. Muinmos APS, Hovedgaden, 7190 Billund, Denmark, to conduct the required background, identity and compliance checks
2. Currency Cloud, 12 Steward St, London E1 6FQ, for the provision of fx and payment services
3. Intercom R&D Unlimited Company, Intercom R&D Unlimited Company, to facilitate the chat function
4. Docusign, The Pavilions, Bridgwater Road, Bristol, England, BS13 8FD, for the provision of document signing software
5. Typeform, Carrer de Bac de Roda, 163, Spain, for collection of onboarding information
6. Mixpanel, Avenida Diagonal, 442 - P. 3 PTA. 1 08037, Barcelona, Spain, for product usage analytics
7. HSBC UK, 1 Centenary Square, Birmingham, B1 1HQ, to provide banking services
8. TRAction, 28 Queen St London EC4R 1BB, for trade reporting
9. Hubspot, 1 Sir John Rogerson's Quay, Dublin 2 Ireland, for sales and marketing services
8. Keeping Data secure
We will use technical and organisational measures to safeguard your Data, for example:
access to your account is controlled by a password and a user name that is unique to you.
we store your Data on secure servers.
payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: data@bound.co.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
9. Data retention
Below are the general criteria we use to determine how long we will keep your personal information, where upon we will either delete or anonymise the data:
We will continue to keep your Data while you are registered and have an account with us or we otherwise have an ongoing relationship with you (e.g. you have signed up to receive direct marketing, you have an ongoing complaint).
We will retain Data for at least seven (7) year if transactions have been entered into, in accordance with our regulatory obligations;
We will retain general correspondence and papers (including emails) received by us and our customer service team (excluding complaints and investigations) for 7 years.
Our register of complaints and investigations will be reviewed every 7 years.
Images and messages provided by you on our social media feed will be kept until you ask for them to be deleted.
Your IP address is kept in accordance with your cookie preferences.
If you have given us permission to send email marketing messages to you then we will retain your marketing preferences until you notify us that you no longer wish to receive such communications. We will review our marketing lists regularly and may contact you to ask if you wish to still continue receiving marketing emails.
Where not subject to the above or other requirements, we will generally keep your Data in accordance with any applicable limitation period (as set out in applicable law) plus one (1) year, to allow reasonable time for review and deletion or anonymisation of the Data held. This will usually be seven (7) years following the expiry of our business relationship with you.
In some circumstances we may store your Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements or so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Data or dealings.
10. Your rights
You have the following rights in relation to your Data:
Right to access - the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is "manifestly unfounded or excessive." Where we are legally required to, we may have to refuse your request. If we refuse your request, we will tell you the reasons why.
Right to correct - the right to have your Data rectified if it is inaccurate or incomplete.
Right to erase - the right to request that we delete or remove your Data from our systems.
Right to restrict our use of your Data - the right to "block" us from using your Data or limit the way in which we can use it.
Right to data portability - the right to request that we move, copy or transfer your Data.
Right to object - the right to object to our use of your Data including where we use it for our legitimate interests.
Right to withdraw consent – the right to withdraw consent at any time where we are relying on consent to process your Data.
Rights relating to automated decision-making – the right not to be subject to a decision based solely on automated means.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: data@bound.co
We encourage you to contact us (using the details in the Contacting Us section (see section 15) if you have any concerns with how we use your Data and we will do our best to resolve your concerns. If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk/.
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
11. Transfers outside the United Kingdom
Data which we collect from you may be stored and processed in and transferred to countries outside of the UK. For example, this could occur if our servers are located in a country outside the UK or one of our service providers is situated in a country outside the UK.
We will only transfer Data outside the UK where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, e.g. by way of data transfer agreement, incorporating the international data transfer agreement issued by the Information Commissioner's Office in the UK or ensuring the transfer is to a country which has been deemed to provide an adequate level of protection for your Data.
To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.
12. Links to other websites
This Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
13. Cookies
We use cookies on our website. Cookies are small text files that are downloaded onto your device when you visit a website. For more information about our use of cookies, please go to https://www.bound.co/cookie-declaration.
14. Changes to this privacy policy
Bound reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this privacy notice so you are fully aware of any changes or updates.
15. Contacting us
If you have any queries about the contents of this privacy policy, or wish to inform us of a change or correction to your Data, would like a copy of the data we collect on you or would like to raise a complaint or comment, please contact Gerard Hurley, our Data Protection Officer, using the following details: info@bound.co.
F¥£K FX
F¥£K FX
F¥£K FX