Privacy policy

Information About Us

Who we are

Modulr provides regulated software-driven payment services. We help hundreds of enterprise customers and thousands of SMEs to process and reconcile large amounts of payments automatically and in real time.

This Privacy Notice describes the data we collect, use and process about you as an individual in relation to the products and/or services you receive from us. This notice also outlines your data subject rights and how you can contact us.

Please note, your data is processed by Modulr Holdings Limited which includes the subsidiary companies Modulr Technology Limited, Modulr Finance Limited, Modulr ICB Limited, Modulr FS Limited (each incorporated in England and Wales) and Modulr Finance B.V. (incorporated in the Netherlands) (together, the “Modulr Subsidiary Companies”, and together with Modulr Holdings Limited the “Modulr Group” or “Modulr”).

For the purpose of the applicable data protection legislation (meaning, prior to 25 May 2018 the Data Protection Act 2018 and from 25 May 2018 the General Data Protection Regulation and any legislation which implements it) (the “Data Protection Legislation”), the data controller is Modulr Finance Limited of Scale Space, 58 Wood Lane, London, W12 7RZ. Our data controller registration number is ZA183068.

You can check our registration on the Data Protection Public Register by visiting https://www.ico.org.uk/esdwebpages/search.

From time to time we may change the way we use your information. When we do, we will communicate any changes to you and publish the updated Privacy Notice on our website. We would encourage you to visit our website regularly to stay informed of the purposes for which we process your information and your rights to control how we process it.

 

Introduction

Modulr understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers, potential customers, employees and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

 

The information we process

The type of personal information we collect

Personal data is, in simple terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

We collect and process various categories of personal and confidential information at the start of, and for the duration of, your relationship with us and beyond (subject to appropriate retention periods). We use different methods to collect data from and about you such as:

• Personal information such as your name, postal address, email address and phone numbers;
• Financial information, including account information and transactional information and history;
• Know Your Customer (KYC) records such as passport, proof of address, drivers licence social security/tax number, date and place of birth, utility bills and disclosures;
• Education and Employment information, such as your professional background, employer and role;
• Products and services provided by the Modulr Group; and
• online and social media information and activity, based on your interaction with us on our websites, applications and social media profiles, including for example, your Internet Protocol (IP) address, device information, location coordinates, your communications with us and any information or content you’ve visited or downloaded.

We may also process more sensitive categories of information for specific and limited purposes such as detecting and preventing fraud and financial crime or to make our services accessible to customers or for reporting of complaints for regulatory purposes. Modulr will only process special categories of information explicit consent has been obtained or are otherwise lawfully permitted to do so.

This may include information relating to:

• Information revealing racial or ethnic origin;
• Political opinions;
• Religious or philosophical beliefs;
• Biometric data used for fraud prevention and identification purposes including physical, physiological and behavioural identification;
• Information concerning health; and
• Data concerning a person’s sex life and sexual orientation.

 

How we obtain information

Your information is made up of all the financial and personal information we collect and hold about you/your business and the proprietors, officers and beneficial owners of that business and your transactions.

Data can be collected by us in the following ways:

• Information you give us while using our website – When you register with our website, participate in surveys or complete forms, we may collect information like your full name, address, email address, phone number, date of birth, identity document, job title and company information. If you also engage with us through social media then this may also include your social media contact details, such as your LinkedIn address or X username.
• Information you give us – We may collect data about you when you communicate with us by phone, email, post, in person or otherwise, and when you use our products and services. We collect engagement metric information such as information about how, when and how often you contacted us, and how, when and how often you responded to communications from us and about how and when you use our products and services.
• Information provided by our clients and partners –

  • Clients and Customers – We may collect data about you via our clients and customers when they make use of our services, or when they enable you to make use of our services.

  • Partners and Suppliers – We may collect data about you from our suppliers in the event they are carrying out services on behalf of the Modulr Group relating to the provision of our services.

• Information provided by third parties - We may receive further information about you from

  • Third parties who provide services to you and/or us (which may or may not include clients and partners);

  • Credit reference, fraud prevention, law enforcement or government agencies;

  • Industry and trade bodies; and

  • Other banks (where permitted by law).

• Information from Public Available Sources - This may include information available from social media (depending on your settings and the applicable privacy policies), including social media engagement metrics such as numbers of connections, followers and clicks, and information from resources such as Companies House.
• IP Information – We may collect information technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; (b) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
• Sandbox, API & Developer centre – This is our test centre to ensure our customers, clients and partners have the ability to gain an understanding and test drive our technology. Please do not use any personal identifiable data (including cardholder data) aside from your registered log in details when accessing our platform.
• Cookies - We and our service providers collect information about your use of our website from cookies. For information about our use of cookies and how to decline them please read our Cookies Policy.

 

What do we do with the information we collect?

We will process your personal data in the following circumstances:

• Where we need to perform the contract we are about to enter into or have entered into with you as our customer, client or partner;
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, such as mitigating financial loss or other harm to our partners, you and us;
• Where you have granted consent to such processing;
• Where we need to comply with legal or regulatory obligations, such as the detection and prevention of fraud; and
• Where we need to improve and analyse our products, website, systems and tools.
• Examples of how we may process your personal data include:
• To manage risk and protect the website, our services and you from fraud, abuse and other illegitimate activities, by monitoring, detecting and preventing such activities;
• To comply with our obligations and to enforce the terms of our website and Services, including to comply with all applicable laws and regulations;
• Administer your account and relationship with us and to communicate with you by telephone, mail, email, text (SMS) message, push notification, instant messaging or other electronic means;
• Verify your identity as part of our identity authentication process and to prevent, detect and prosecute fraud and crime and comply with legal or regulatory requirements;
• Provide you with information about the products and services that you request from us;
• Provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about;
• Provide you with information about products or services we feel may interest you or be best for you;
• Your data may be shared with product or service providers to validate if you are an existing customer (which may affect whether you can be accepted for one of their products) or for fraud prevention purposes. The product or service provider does not have permission to use these data for any other purpose including marketing;
• Notify you about changes to our services;
• Ensure that content from our website is presented in the most effective manner for you and your device;
• Aggregate it on an anonymous basis with other data for data analytical and reporting purposes;
• To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
• To build up a picture of your interests so that you don’t miss information relevant to you when you visit our website;
• To improve the service we offer you and to try and ensure that you get the best from our website in the short term, for example by providing you with relevant search results;
• To improve the service we offer you and to try and ensure that you get the best from our website over the longer term, for example by understanding how you and other users interact with our website;
• To allow you to participate in interactive features of our service, when you choose to do so;
• As part of our efforts to keep our website safe and secure;
• To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
• To make suggestions and recommendations (both through the website and other channels, such as email) to you and others about products or services that we think may interest you or them based on your and their usage patterns both on our website and in relation to our communications with you and them on other channels (such as email);
• For training and quality purposes;
• To check any instructions you give to us and for the purposes of investigating any complaint you may make, or as evidence in any dispute or anticipated disputes between you and us.

 

Do you share my data?

Modulr may share your personal data with selected third-party providers performing services (such as financial institutions) on behalf of the Modulr Group who will only use the information to provide a service that Modulr has asked them to provide.

All selected third-party providers may have access to personal information if needed to perform such tasks but will only be permitted by us to use personal information for the purpose of performing that task and not for any other purpose.

Those selected individuals will perform an instructed task for us, to enable us to deliver services such as issuing of cards, completion of identification and reference checks, provide technical assistance and many more. A list of approved companies that process data on our behalf is available upon request.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found at https://www.cifas.org.uk/fpn.

In the event that seek to we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to the prospective third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, subject to assurance, in accordance with your rights, our obligations and as specified in this Privacy Policy.

 

Storage and International Transfers

We may store or transfer some or all of your personal data in countries that are not part of the United Kingdom and/or European Economic Area (EEA). In the event that we are required to transfer this data, we can only do this

• We have entered into a contract or an agreement with the organisation with which we are sharing your information to ensure your information is protected and;
• The transfer your personal data to third countries whose levels of data protection are deemed ‘adequate’ by the European Commission and/or ICO.

 

Retention of your data

Modulr will retain personal data supplied only for as long as necessary to achieve the purpose for which such data was collected, subject to legal or regulatory obligations and Modulr business purposes.

Modulr, in some instances, may store and process personal data for longer periods, when there is a specific legal requirement to do so. An example of this in the event of a complaint or to enable Modulr to establish, exercise or defend legal rights, and/or to comply and evidence compliance with any legal and regulatory obligations. This can be made available upon request.

 

Security

Modulr is committed to ensuring your personal data is secure. To prevent unauthorized access or disclosure, we have put in place suitable physical, technical and organizational policies to safeguard and secure the information we collect, process and store.

In addition to this, we limit access to your personal information to those employees and third parties on a “need-to-know” basis. They will only process your personal information on our given instructions and they are subject to a contractual obligation of confidentiality.

 

Your data protections rights

Under the Data Protection Legislation, you have the following rights

1. The right to access – You have a right to receive a copy of the personal data we hold about you.

2. The right to rectification – You have a right to request correction of the personal data that you think is inaccurate or incomplete held by us.

3. The right to be forgotten – You have a right to ask us to delete or otherwise dispose of any of your personal data that we hold in certain circumstances.

4. The right to restrict - You have a right to ask us to restrict the processing of your personal information in certain circumstances

5. The right to object – You have a right to object to the processing of your personal information in certain circumstances

6. The right to data portability - You have a right to ask us for a copy of your personal data and receive it in portable format.

 

You also have the right to;

1. The right to withdraw consent – You have a right to withdraw your consent where we are relying on your consent as the legal basis for using your personal data. Please note that if you withdraw your consent, in certain circumstances we may not be able to provide certain products or services to you.

2. Rights relating to automated decision-making and profiling but please note that we do not currently use your personal data in this way. 

If you wish to exercise any of these rights, if you have any queries about how we use your personal information that are not answered here, or and should you have any concerns on how we have handled your personal data please contact us via support@modulrfinance.com. Alternatively, you can write to us at:

Modulr Finance Limited

Scale Space

58 Wood Lane

London

W12 7RZ

You can also make a complaint to the data protection supervisory authority in the UK, the Information Commissioner’s Office (ICO). For further information, see the Information Commissioner's Office website at https://ico.org.uk/make-a-complaint.

We would appreciate to the chance to deal with your concerns before you approach the ICO so please contact us the first at the details above.