Privacy Policy

JBH Partners Ltd ("we," "us," or "our"), a company established in the United Kingdom, is committed to protecting the privacy and security of your personal and company information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our foreign exchange services (the "Services") or interact with our website, applications, and other platforms (collectively, the "Platforms") globally.

By accessing or using our Services and Platforms, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. This policy is governed by the laws of the United Kingdom, including the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR).

1. Information We Collect

We collect different types of information, including:  

1.1 Personal Information: This is information that identifies or can be used to identify an individual. This may include:

  • Identification and Contact Information: Name, address, email address, phone number, date of birth, nationality, government-issued identification (e.g., passport, driver's license), national insurance number or equivalent, and other similar identifiers.

  • Financial Information: Bank account details, transaction history, payment card information, source of funds, investment experience, and financial status.

  • KYC/AML Information: Information collected to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations, including documentation and verification details.

  • Usage Data: Information about how you use our Platforms and Services, including login details, browsing history, transaction details, and preferences.

  • Technical Information: IP address, device type, operating system, browser type, and other technical details collected automatically when you interact with our Platforms.

  • Communication Data: Records of our communications with you, including emails, chat logs, and phone call recordings (where permitted by law and with your consent where required).

1.2 Company Information: This is information related to businesses or organizations using our Services. This may include:

  • Business Identification Information: Company name, registration number, business address, industry, and other organizational details.

  • Contact Person Information: Names, titles, email addresses, and phone numbers of authorized representatives.

  • Financial Information: Company bank account details, transaction history, and financial statements.

  • Ownership and Control Information: Information about the beneficial owners, directors, and controlling persons of the company.

  • KYB/AML Information: Information and documentation collected to comply with Know Your Business (KYB) and AML regulations.

2. How We Collect Your Information

We collect information in various ways, including:

  • Directly from You: When you register for an account, complete forms, enter information on our Platforms, communicate with us, or provide documentation for KYC/AML or KYB/AML purposes.

  • Automatically: When you use our Platforms, we may collect certain information automatically through cookies, web beacons, and other tracking technologies.

  • From Third Parties: We may receive information from third-party service providers, identity verification services, credit reference agencies, financial institutions, and publicly available sources to comply with legal obligations, verify your identity, and enhance our Services.

3. How We Use Your Information

We use your information for various purposes, including:

  • Providing and Improving Our Services: To process transactions, manage your account, provide customer support, personalize your experience, and improve our Platforms and Services.  

  • Compliance with Legal and Regulatory Obligations: To comply with KYC/AML, KYB/AML, tax reporting, and other legal and regulatory requirements in the UK and other relevant jurisdictions.

  • Security and Fraud Prevention: To protect against fraud, unauthorized access, and other illegal activities.

  • Communication: To communicate with you about your account, transactions, updates to our policies, and promotional offers (where permitted by law and with your consent where required).  

  • Marketing and Analytics: To analyze usage patterns, understand our customer base, and develop targeted marketing campaigns (with your consent where required).

  • Internal Operations: For internal administrative purposes, such as data analysis, auditing, and research.

4. Legal Basis for Processing Personal Information

Under the UK GDPR, we must have a lawful basis for processing your personal information. These bases may include:

  • Contractual Necessity: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.

  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject (e.g., AML/KYC regulations).  

  • Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests do not override your rights and freedoms (e.g., improving our services, preventing fraud).  

  • Consent: You have given your explicit consent to the processing of your personal information for a specific purpose (e.g., marketing communications).

5. How We Share Your Information

We may share your information with the following categories of recipients:

  • Affiliated Companies: We may share information with our subsidiaries and affiliates for internal business purposes and to provide integrated services.

  • Service Providers: We engage third-party service providers to assist us with various functions, such as payment processing, identity verification, data analysis, marketing, and customer support. These providers are contractually obligated to protect your information and process it in accordance with our instructions.  

  • Financial Institutions: We may share transaction-related information with banks and other financial institutions to process payments and facilitate transactions, including international payment networks.

  • Regulatory Authorities and Law Enforcement: We may disclose your information to regulatory authorities, government agencies, and law enforcement officials in the UK and other relevant jurisdictions when required by law or to comply with legal processes.

  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity. We will notify you of any such transfer and any changes to this Privacy Policy.  

  • With Your Consent: We may share your information with third parties with your explicit consent.

6. International Data Transfers

As a foreign exchange company operating globally from the UK, we may transfer your personal and company information to countries outside of the UK and the European Economic Area (EEA). These countries may have data protection laws that are different from the laws in the UK.

When we transfer your personal data outside the UK and the EEA, we will ensure that appropriate safeguards are in place to protect your information in accordance with the UK GDPR. These safeguards may include:

  • Transferring to countries that have been deemed to provide an adequate level of protection by the UK government.  

  • Implementing Standard Contractual Clauses approved by the UK government, which provide contractual guarantees for the protection of your personal data.

  • Relying on other legally recognized transfer mechanisms where applicable.

7. Your Rights Under the UK GDPR

Under the UK GDPR, you have several rights regarding your personal information:

  • The right to be informed: You have the right to be provided with clear and transparent information about how we process your personal data. This Privacy Policy serves this purpose.

  • The right of access: You have the right to request access to the personal information we hold about you.

  • The right to rectification: You have the right to request that we correct any inaccurate or incomplete personal information.  

  • The right to erasure ('right to be forgotten'): You have the right to request the deletion of your personal information under certain circumstances.  

  • The right to restrict processing: You have the right to request that we restrict the processing of your personal information under certain circumstances.  

  • The right to data portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.  

  • The right to object: You have the right to object to the processing of your personal information for certain purposes, such as direct marketing.  

  • Rights in relation to automated decision making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.  

  • The right to withdraw consent: If we rely on your consent to process your personal information, you have the right to withdraw your consent at any time.

To exercise these rights, please contact us using the contact details provided below. We may require you to verify your identity before responding to your request. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.  

8. Data Security

We implement appropriate technical and organizational measures to protect your personal and company information from unauthorized access, use, disclosure, alteration, or destruction. These measures include encryption, firewalls, access controls, and regular security assessments. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.  

9. Data Retention

We will retain your personal and company information for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with our legal and regulatory obligations in the UK and other relevant jurisdictions.  

Specifically, for compliance with UK Anti-Money Laundering regulations, we are generally required to retain transaction records and customer identification data for five (5) years from the end of the business relationship or the date of the transaction (whichever is later).

However, other legal and regulatory requirements in the UK or in the jurisdictions where you are located may necessitate longer retention periods. For example, tax laws may require us to retain certain financial information for a longer duration. We will adhere to the longer retention periods mandated by applicable law.

Once the applicable retention period expires, we will take reasonable steps to securely destroy or de-identify your personal and company information in accordance with our data destruction policies and applicable data protection laws.

10. Links to Third-Party Websites

Our Platforms may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party websites you visit.  

11. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe that we have inadvertently collected personal information from a child, please contact us immediately, and we will take steps to delete the information.  

12. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated Privacy Policy on our Platforms and indicate the date of the latest revision. We encourage you to review this Privacy Policy periodically. Your continued use of our Services and Platforms after the posting of any changes constitutes your acceptance of the updated Privacy Policy.  

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: support@jbhpartners.com

Phone: +447842727000

WhatsApp: +447842727000

In writing: JBH Partners Ltd, Abercorn House, 79 Renfrew Road, Paisley, PA3 4DA