Privacy Policy

GetBanked Ltd is the data controller responsible for the personal data described in this policy.

Company: GetBanked Ltd (trading as GetBanked)

Website: getbanked.co

Privacy contact: privacy@getbanked.co

GetBanked is an independent banking infrastructure advisor. We are not a bank, electronic money institution (EMI), payment institution, or regulated financial services provider, and we are not required to be. We do not hold, handle, or transmit client funds at any point.

We collect only the data necessary to provide our services and operate our website. The categories of data we collect are:

We do not collect payment card information. We do not process any special-category personal data (e.g. health, biometric, or political data).

• To assess your pre-approval application and identify suitable banking or EMI partners from our network
• To communicate with you about your enquiry or application
• To send our newsletter (banking regulatory updates, industry news) — only with your explicit consent
• To understand how visitors use our website and improve our content (analytics, with consent only)
• To comply with legal, regulatory, or contractual obligations

We will never use your data for automated decision-making or profiling that produces legal or significant effects on you.

We do not sell, rent, or share your personal data for third-party marketing. We share data only where necessary:

Banking Partners (with your explicit consent only): If you choose to proceed after pre-approval, we will share relevant business information with specific banking or EMI partners to facilitate your introduction. We will always identify which institution and obtain your agreement before sharing.

Data Processors: We engage the following third-party processors who handle data on our behalf under data processing agreements:

SCCs = EU Standard Contractual Clauses, the approved legal mechanism for transferring data to countries outside the UK/EU.

Some of our processors are based in the United States. Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, including:

• EU Standard Contractual Clauses (SCCs) under Article 46 GDPR / UK GDPR Schedule 21
• The UK International Data Transfer Agreement (IDTA) where applicable

You may request details of the transfer mechanisms in place by contacting privacy@getbanked.co.

We use cookies to operate our website and, with your consent, to understand how visitors use it. No advertising or cross-site tracking cookies are used.

We implement Google Analytics in Consent Mode v2: analytics cookies are blocked by default and only activated if you click “Accept Analytics” in the cookie banner. You may change your preference at any time by clearing your browser cookies and revisiting the site.

We retain personal data for no longer than necessary:

• Pre-approval applications: 24 months from submission date, or the duration of any ongoing engagement
• Contact form submissions: 12 months from the date of last contact
• Newsletter subscribers: Until you unsubscribe, plus 30 days for system propagation
• Analytics data: 14 months (standard Google Analytics retention setting)

You may request deletion of your data at any time — see Section 8 below.

Under UK GDPR and EU GDPR, you have the following rights regarding your personal data:

• Right of access — to receive a copy of the data we hold about you
• Right to rectification — to correct inaccurate or incomplete data
• Right to erasure (“right to be forgotten”) — to request deletion of your data
• Right to restrict processing — to limit how we use your data in certain circumstances
• Right to data portability — to receive your data in a structured, machine-readable format
• Right to object — to object to processing based on legitimate interests
• Right to withdraw consent — at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, email us at privacy@getbanked.co. We will respond within 30 days. There is no charge for exercising your rights.

If you are in the UK, you also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

If you are in the EU, you may complain to your national data protection authority. A list of EU supervisory authorities is available at edpb.europa.eu.

We implement appropriate technical and organisational measures to protect your personal data, including:

• TLS/HTTPS encryption for all data in transit
• Access controls limiting who can access personal data internally
• Data minimisation — we only collect what is necessary for the stated purpose
• Regular review of third-party processor security practices

No method of transmission over the internet is 100% secure. In the event of a data breach that poses a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform affected individuals without undue delay.

Our website and services are intended solely for businesses and their authorised representatives. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected data from a minor, please contact us immediately at privacy@getbanked.co.

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be announced via a notice on our website or by email. The “last updated” date at the top of this page always reflects the most recent version. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

For any privacy-related enquiries, to exercise your rights, or to raise a concern:

Email: privacy@getbanked.co

We aim to respond to all privacy requests within 5 business days and will resolve them within 30 days as required by law.