Privacy Policy

Last updated: April 28, 2020

Introduction

Your privacy is important to us. This Online Privacy Policy explains how we collect, share, use and protect your personal information when you visit or use this and other online services offered by Strowz (Strowz Ltd of 3 Waterhouse Square, 138-142 Holborn, London, EC1N 2SW) that link to or reference this policy (collectively, our “online services”). Please note, however, that this Online Privacy Policy is not an exclusive statement of our privacy principles across all products and services.


Other privacy principles or policies may apply depending on the financial products or services you obtain from us, or the jurisdiction in which we are doing business with you. You can access many of these policies using the links at the bottom of this page.


We protect your information.

We take our responsibility to protect the privacy and confidentiality of your information, including personal information, very seriously. We maintain physical, electronic and procedural safeguards that comply with applicable legal standards to secure such information from unauthorized access and use, alteration and destruction.

Information We Collect and Why

The types of personal information we may collect from you when you visit or use our online services include:


Identity Data such as your name, date of birth, copies of ID documents such as passport or driving license, if you open an ISA we also request your national insurance numbers.


Contact Data such as email address, mailing address, telephone number(s).


Financial Data such as your bank account details for making withdrawals.


Transactional Data such as your transaction information for example purchase item, price and location date if you use our ‘Savings Buckets’ and ‘Round-Ups’ products. Remember, you do not have to sign up to these products as our user. We collect this data through the government’s Open Banking API securely through Salt Edge third-party. Where such an API connection is requested you will not need to provide your account credentials in the App, rather you will authorise access directly with your bank or account provider.


The links to SaltEdge’s privacy policy and Terms of Service are provided below:


We may also collect your email and name details for our newsletter forms, competitions or promotions.

In addition to the personal information described above, we may collect certain information about your use of our online services. For example, we may capture the IP address of the device you use to connect to the online service, the type of operating system and browser you use, and information about the site you came from, the parts of our online service you access, and the site you visit next.


We may also collect information about you from additional online and offline sources including commercially available third-party sources, such as credit reference agencies.


We also collect marketing and communications data such as your pretences in receiving marketing from us and your communication preferences (which we may collect directly from you.)


We may also use cookies to collect information about you. This helps us to provide you with a good experience while using our website and our App.




How we may use information.

We may use the information we collect from you to help us deliver our online services; to administer, evaluate and improve our business (including developing new products and services, improving existing products and services, performing data analytics, and performing accounting, auditing and other internal functions); manage our risks; market our services and products; and to comply with and enforce applicable laws and regulations, relevant industry standards, contractual obligations and our policies.


We may also use data that we collect on an aggregate or anonymous basis (such that it does not identify any individual clients) for various business purposes, where permissible under applicable laws and regulations.

How Your Personal Information Is Protected

For your convenience, Strowz offers you the ability to access some of our products and services through mobile applications and mobile-optimized websites. When you interact with us through your mobile device, we may collect information such as unique device identifiers, your screen resolution and other device settings, information about your location, and analytical information about how you use your mobile device. We may ask your permission before collecting certain information, such as precise geolocation information.


We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.


We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where legally required to do so. Your transactional data is encrypted at rest using disk-level encryption, as well as physically encrypting the data using salted encryption keys.


Data from our third-party banking provider is retrieved via their SSL-encrypted API as background tasks on our servers. The process is inaccessible to users, and is indirectly triggered by a task scheduler or the user performing an action from the web or mobile application.


Disclosing your information


We do not share your information with third parties other than for providing our products or services to you.


We may share your information with the below selected third parties:


  • GoCardless Ltd to facilitate direct debits
  • Onfido Ltd to conduct required background, credit and compliance checks
  • SaltEdge Ltd to connect securely for Open Banking API connections
  • Analytics and search engine providers that assist with optimisation of our services such as Google
  • Facebook for our Single Sign On and to analyse the App installs

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow out third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.


We provide you with relevant and appropriate choices regarding the sharing of personal information.


We may give you choices regarding the sharing of personal information with affiliates and third parties. Choices you have about the sharing of your personal information will be described in the privacy policies or notices you receive in connection with the financial products or services you obtain from us.

We offer you the opportunity to access and correct your information on file with us

Keeping your account information up-to-date is very important. You may review or update certain account information by logging in and accessing the “Profile” section. If you cannot change the incorrect information online, or you prefer to request changes offline, please contact us using the contact information listed on your account statements, records or other account materials.


Access to your personal data:
You have the right to request access to your personal data. If you would like a copy of the information held on you, please contact us (see details below)


Erasure of your personal data:
You have the right to request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.


Objection to processing of your personal data:
You have the right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.


Restriction of processing your personal data:
You have the right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.


Withdrawing consent to marketing:
By submitting your personal information, you agree that Strowz may use your information for marketing purposes (including electronic marketing). Strowz will not disclose your information to any third party for marketing purposes, without your further consent. You have the right, at any time, to ask us not to process your personal information for marketing purposes. You can do so by contacting us (see below)


We may change this Online Privacy Policy from time to time. When we do, we will let you know by appropriate means such as by posting the revised policy on this page with a new “Last Updated” date. All changes will become effective when posted unless indicated otherwise.

Questions

If you have any questions on the privacy policy, please contact us at:
Strowz Ltd
3 Waterhouse Square
138-142 Holborn
London
EC1N 2SW
support@strowz.com