Effective date: 26 June 2023

Whether you visit our website, use our mobile app, speak to one of our team or use our services more widely, you are trusting us with your information. This policy sets out how we collect, use and respect such information, and how the law protects you and your information.

Why this policy exists  
        

This privacy policy explains how we collect and process your information and what rights and options are available to you under applicable privacy laws, including the Data Protection Act 2018, the UK retained version of Regulation (EU) 2016/679 (UK GDPR) and the General Data Protection Regulation (EU) 2016/679 (EU GDPR).  All references to information in this policy, means any data which identifies a natural person or which allows that person to be identified when combined with other data.

We keep our privacy policy under regular review. The version of the policy became effective on the date shown above.

We are committed to protecting and respecting your privacy. If you have any comments or questions you can contact us by emailing info@cadro.com.

Navigation

This policy sets out:
Information we collect about you and how it is usedCookies and other technologiesWho we give your information toWhere we store your informationHow long we keep your informationYour rightsContact Us
Please read the following carefully to understand our practices regarding your personal data and how we will treat it. By browsing, signing into and otherwise using our App you acknowledge you have read and understood this privacy policy.

Information we collect about you and how it is used

We collect and use information to deliver our services and to operate our website and our app, as well as to provide useful updates and other information about our services.  In this context, we are a data controller. Where we need to collect information by law, or under the terms of a contract and you do not provide that information when requested, we may not be able to perform the contract or provide you with our services.

We will collect and process the following personal data about you:

Prospect information

This includes contact information about you and information that indicates that you might be interested in our services (for example, general portfolio information, business information and information that places you in the bracket of our target customers).  

We may receive this information because you have reached out to us directly, because we have spoken with you at an event or because we have received your data from other sources (for example, publicly available sources such as LinkedIn) and have identified a legitimate basis for a limited and targeted contact with you to assess your interest in our services. We will hold this data on our prospects database prior to you creating a full account with us, and your rights over this data are as set out further below (see section "Your Rights").

We collect and process this information either on the basis of your consent, or on the basis of our legitimate interest in developing and enhancing our business.

Cadro account registration and access to Cadro services:

  • Identity verification: if you wish to access our Wealth Management Services, we will request information required to verify your identity
    Our Platform ensures that you are able to review and manage your portfolio entirely securely and with strong and trusted lines of communication. To that end if you are accessing our Services we will seek identity-verification information which might include a copy of a government-issued ID or other form of identity documentation (you will be free to refuse to give this information but it will affect your ability to use the suite of functionality available on the Platform).  
    We may use third party service to undertake such checks and you will be informed at the time of the name of the service-provider and the verification requirements. We only use trusted third parties who we have vetted for security compliance and we do not share any data about our users with such third parties unless required by law, or with your instructions and consent.
    We collect and process this information on the basis of our legal and regulatory requirements.
  • Account information
    We will collect contact information including address, email address and telephone numbers, financial data including your bank account, identity data including about your nationality, tax residency and national insurance number, as well as your bank information.
    We collect and process this information on the basis of our contract with you (so we can provide our services).

Information you give us as part of your general use of our mobile app

This is information about you that you give us directly when you interact with us as part of your general use of our mobile app, for example by filling in forms or by corresponding with us by phone, email or otherwise. It includes information you provide when you register to use the app, conduct searches, update details, submit a query, and when you report a problem.

We collect and process this information typically on the basis of our contract with you (so we can provide our services). We may also use this information on the basis of our legitimate interests to provide you with information, products and services that you request from us.

Information passively collected regarding your use of our website and/or app

We may automatically collect information from you in the event you visit our website and/or app. This includes:  

  1. Technical information, which may include the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  2. Information about your session, which may include the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), page response times, download errors, which pages of our website or app were visited, the length of your visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.

We collect and process this information on the basis of our legitimate interest in understanding how users engage with our services and informing, developing and enhancing our services (e.g. for ensuing content on the Platform is presented in the most effective manner for you).  

Information for promotional updates and communications

Where permitted in our legitimate interest or with your prior consent where required by law, we will use your personal information for marketing analysis and to provide you with promotional update communications by email or by notification on the Platform about our services. Additionally, when you use the “Contact Us” form or “Sign up to our newsletter” form on our website we will add your personal information to our marketing database.

You can object to further marketing at any time by checking and updating your preferences within your account, or selecting the "unsubscribe" link at the end of all our marketing and promotional update communications to you, or by sending us an email to info@cadro.com.

How we use cookies

Our website uses cookies and similar technologies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our website. You can set your browser to refuse all or some browser cookies. For more information about the cookies we use, see our Cookie Policy.

Information relating to children

Our website, our app and our services are not intended for anyone under the age of 18. Without a parent or legal guardian’s written consent, we do not knowingly collect personally identifiable information from anyone under 18 years of age. If you believe that we have received information on someone under the age of 18 without parental consent, please contact us.

Change of purpose

We will only use your information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Who we share your information with and why

We may give your information to selected third parties who process your personal data on our behalf and in accordance with our instructions and applicable data protection law. This includes in supporting the services we offer through the app - in particular our staff and those running our business, and those providing data hosting services, providing fulfilment services, distributing any communications we send and providing IT support services from time to time. These organisations will only use your information to the extent necessary to perform their support functions.

We will also disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets subject to the terms of this privacy policy.
  • If Cadro or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we need to carry out identity verification for the reasons identified in this notice under " Information we collect about you".
  • With your authorisation when you link your Cadro Account with a third-party service (in which case information may be shared on the basis of your knowledge and consent)

We will share information, without notice, only if we are required to do so by law or we, in the good faith, believe that such action is necessary to:

  • comply with legislation or any legal process served on us;
  • protect and defend our rights and/or property; and
  • to protect personal safety.

We do not sell or give your information to third parties for them to contact or market their goods or services to you without your consent.

Where we store your information

The data that we collect from you is primarily processed in the UK and is stored on our servers in the UK .

If your information is ever transferred outside the UK and/or the EEA, we take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognised legal adequacy mechanism or the adoption of approved standard contractual clauses that ensure the strong UK and EEA protections are carried through in all our contractual relationships, and that personal data is at all times treated securely and in accordance with this privacy policy.

How long we keep your information

We will retain information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorised use or disclosure of the information, the purposes for which we process the information and whether we can achieve those purposes through other means, and the applicable legal requirements.

We typically retain personal data for as long as you have an account with us in order to meet our contractual obligations to you and for six years after the date of our last interaction with you or until the relevant statutory limitations period has expired. We may also be required by law to keep certain financial records for longer than the above period.

We regularly review the information we hold, taking into account the lawful purpose for which we hold it, and any data that is deemed no-longer relevant or required is deleted where it is practicable to do so.

We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.

Your rights

Privacy laws give you certain rights.  For example, you can choose whether to receive marketing from us and you can ask us what information we have about you.

Opt Out Rights

You may, at any time opt-out of receiving marketing communications from us by contacting us or selecting the unsubscribe option in any e-mail from us.

Other Legal Rights

You have the right under certain circumstances to:

  • Request access. This means you can ask us to provide you with a copy of the information we hold about you;
  • Request correction. This means if we have incomplete or inaccurate information, you can ask us to correct it. It is important that the information we hold about you is accurate and current. Please keep us informed if the information you provide us changes as our relationship evolves. Note, we may need to verify the accuracy of the new data you provide to us.
  • Request erasure. This means you can ask us to delete or remove any information we have if there is no good reason for us continuing to have it. You also have the right to ask us to delete or remove information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Request restriction. This means you can ask us to suspend using your information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to use it.
  • Object to processing. This means you can contact us if you feel our use of your information impacts on your rights and freedoms. This applies if we are: (a) relying on our legitimate interest (or those of a third party) to use your information; (b) if we are using your information for direct marketing purposes; (c) if you believe we are using your information unlawfully; or (d) where we need to erase you information to comply with local laws. It is unlikely, but in some cases we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request transfer. This means you can ask us to transfer the information we hold on you to you, or to a third party. We will provide to you, or the third party you have chosen, your information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we used the information to perform a contract with you.
  • Withdraw consent. This means you can tell us that you no longer consent to our use of your information at any time where we are relying on consent to process your information. If you withdraw your consent, we may not be able to provide certain services or content to you. We will advise you if this is the case at the time you withdraw your consent. Note that this will only apply to any information where we were previously relying on consent as the legal basis to use your information. This action will also not affect the lawfulness of any processing carried out before you withdraw your consent

What we may need from you

We may need to request specific information from you to help us confirm your identity and your rights in relation to your request. This is a security measure to ensure that information is not disclosed to any person who does not have a right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

No fee usually required

You will not have to pay a fee to exercise the rights listed above. However, we may charge a reasonable fee if your request is unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Time limit to respond

We try to respond to all legitimate requests as soon as reasonably practicable and at least within one month. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Right to complain to the Information Commissioner’s Office

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

How to Contact Us

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to: info@cadro.com.

We are Cadro Technologies Limited. Our business is registered in England with business number 11797448 and our registered office is Berkeley Square House, Berkeley Square,  London W1J 6BD.