Privacy Policy

Last updated 15 Dec 2025

1. Introduction

This Privacy Policy explains how Gaulbridge Limited (“Gaulbridge”, “we”, “us”, “our”) collects, uses, stores, and protects the personal data of individuals (“you”, “your”) who access our website (“Website”) or use any of our products and services (“Services”). This Policy applies to all interactions with Gaulbridge, regardless of how you access or use our Services.Gaulbridge Limited is a company incorporated in Canada and operates internationally through approved financial, banking, and compliance partners. Gaulbridge acts as the data controller for all personal data provided to us directly or through the use of our Website and Services. As the controller, we are responsible for determining how your data is processed and ensuring it is handled in accordance with applicable privacy laws, including GDPR, UK GDPR, PIPEDA, and relevant financial regulations.By accessing our Website or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of it, you must not provide your personal data or use our Services.MinorsIndividuals under 18 years old are not permitted to provide personal data or use our Services. We do not knowingly process data belonging to minors.

2. Contact Information

If you have questions about how we handle your personal data, or if you wish to exercise your rights, you may contact our Data Protection Officer:Email: support@gaulbridge.com
(Replace with your preferred compliance inbox if needed.)

3. Data Protection Principles

Gaulbridge is committed to protecting your personal data. We ensure that all personal information is:Processed lawfully, fairly, and transparentlyCollected only for specified, legitimate purposesAdequate, relevant, and limited to what is necessaryAccurate and kept up to dateRetained only as long as necessarySecured with appropriate technical and organisational measuresPersonal data includes any information that can directly or indirectly identify you, such as your name, ID information, contact details, identification numbers, device information, or transaction data.

4. What Personal Data We Collect

We collect only the data necessary to provide our Services, comply with legal requirements, and maintain security.

A. Identity & Contact Information
Full name, date of birth, nationalityRegistered and correspondence addressIdentification documents (passport, ID card, driving licence)Tax identification number and tax residencyFacial images / selfies used for verificationEmployment details and company informationPEP (Politically Exposed Person) status

B. Account & Profile Information
Username, password, preferencesFeedback, support requests, survey responses
‍
C. Payment & Transaction Data
Bank account detailsTransaction historyE-wallet identifiers and payment flows
‍
D. Technical & Device Data
IP address, browser information, device identifiersOperating system and device parametersTime zone, geolocation (if enabled)Log files and usage analytics
‍
E. Information from Third Parties
We may receive data from:Identity verification partnersPayment partners and financial institutionsPublic sources (social media profiles such as LinkedIn, Facebook, Instagram, etc.)Marketing partnersCompliance and fraud prevention databases

5. How We Collect Your DataA. Data you provide directly
When you:Register or create an accountSubmit verification documentsContact usComplete formsUse our services or enter into agreements
‍
B. Data collected automatically
Through cookies, analytics tools, and system logs, when you:Browse our WebsiteAccess the platformUse our mobile or web applications
‍
C. Data from third parties
As permitted by law, from:Financial institutionsVerification service providersBusiness partnersPublic records

6. How We Use Your Personal Data (Purposes & Legal Grounds)

We process your data under one or more legal bases:
‍
Contract: to deliver Services you have requested
‍
Legal obligation: AML/KYC requirements, regulatory compliance
‍
Legitimate interest: fraud prevention, service improvement
‍
Consent: marketing communications or optional features
‍
Key purposes include:Registering and managing your accountPerforming identity verification (KYC/KYB)Processing and securing transactionsComplying with financial and anti-money laundering lawsProviding customer support and responding to inquiriesMonitoring usage to improve performance and user experienceDeveloping new features and servicesProtecting Gaulbridge against fraud, misuse, and legal claimsIf we need to use your data for a purpose not listed, we will inform you before doing so

7. How Long We Keep Your Data

We retain personal data only for as long as required to:Provide ServicesMeet regulatory retention obligations (including AML and financial laws)Resolve disputesMaintain accurate business and financial recordsFor example:Data related to financial transactions and KYC may be stored for 5–10 years depending on jurisdiction.Marketing data is kept until you opt out.

8. Who We Share Your Personal Data With
We may share data with:
‍
A. Internal recipients
Employees and authorised personnel with a need-to-know role
‍
B. Third-party service providers
Including:Identity verification partnersAML/KYC and fraud prevention servicesCloud service providers and IT infrastructurePayment processors, banks, EMIs, and card issuersCustomer support platformsAnalytics and security partners
‍
C. Professional advisors
Lawyers, auditors, consultants
‍
D. Regulators and authorities
Where required by law, investigations, or regulatory reporting.We ensure all third parties respect data protection laws and process your data only under our instructions.

9. How We Protect Your Data

We implement a combination of technical and organisational measures, including:Encrypted data storageSecure servers and firewallsRestricted internal accessStrong authentication controlsOngoing security auditsCompliance with financial industry security standardsAll Gaulbridge staff and contractors handling personal data are bound by confidentiality obligations.

10. International Data Transfers

To operate globally, we may transfer your data outside your country of residence.Where data is transferred outside the EEA or UK GDPR jurisdictions, we ensure adequate protection through:Countries recognised as having adequate protectionStandard Contractual Clauses (SCCs)Binding corporate rulesAdditional technical measures where required

11. Direct Marketing

We may send marketing communications only when:You have given explicit consent, orYou are an existing client and communications relate to similar servicesYou can opt out at any time by:Clicking “unsubscribe” in any emailAdjusting preferences in your accountContacting us at support@gaulbridge.comService-related communications (e.g., security alerts, transaction notices) will still be sent.

12. Cookies

Our Website uses cookies to improve performance, security, and user experience.
You may disable cookies via your browser, but some features may not function correctly.

See our Cookie Policy for details.

13. Automated Decision-Making & Profiling

Gaulbridge does not perform automated decision-making that has a legal or significant impact without human review.
If this changes, we will notify you and ensure your rights are protected.

14. Your Rights

Depending on your jurisdiction, you may have the right to:Access your personal dataCorrect inaccurate informationRequest deletion (in certain circumstances)Restrict processingObject to processingTransfer your data to another provider (data portability)Withdraw consentSubmit a complaint to your data protection authorityTo exercise your rights, contact: support@gaulbridge.comWe may require proof of identity for security purposes.

15. Third-Party Links

Our Website may include links to external sites and services.
These third parties operate independently of us, and we are not responsible for their privacy practices.
We encourage you to review their privacy policies.

16. Changes to This Policy

We may update this Privacy Policy periodically to reflect:Changes in lawNew regulatory requirementsImprovements to our ServicesWhere appropriate, we will notify you by email or via the Website.
We encourage you to review this Policy regularly.