Terraspect Ltd (“Terraspect”, “we”, “us” and “our”), which is registered in the United Kingdom (“UK”) with our registered address at 124-128 City Road, London, United Kingdom, EC1V 2NX and our company registration number is 15600483, is committed to respecting the privacy of individuals who use our websites (such as terraspect.earth) or services that link to this Privacy Policy.
About this privacy notice
For the purposes of data protection law, if you use Terraspect’s Cloud Services we are a data controller in respect of your personal data. We are responsible for ensuring that we use your personal data in compliance with data protection laws.
This privacy notice applies if you are a representative, director or shareholder of one of our institutional clients. The privacy notice sets out the basis on which any personal data about you that you provide to us, that we create, or that we obtain about you from other sources, will be processed by us. Please take the time to read and understand this privacy notice.
For the purposes of data protection law, Terraspect may also act as a data processor if you are an end user of our services. This privacy notice will apply if you are a payment beneficiary and it sets out the basis on which any personal data about you that we obtain, or that we create about you from other sources, will be processed by us. Please take the time to read and understand this privacy notice.
Personal data that we collect about you if you REGISTER FOR A DEMO and/or sandbox access
We will collect and process the following personal data about you:
- Information we collect or generate about you. This includes:
- business name of the organisation which you represent and the industry in which you operate;
- contact details, including postal address, email address and phone number; and
- full name.
Personal data that we collect about you if you are a Terraspect customer
We will collect and process the following personal data about you:
- Information that you provide to us or one of our affiliates. This includes information about you that you give us by filling in forms or by communicating with us, whether website, social media, face-to-face, by phone, e-mail or otherwise. This information may include:
- business name of the organisation which you represent and the industry in which you operate;
- contact details, including postal address, email address and phone number;
- country of residence;
- country and city of birth;
- date of birth;
- full name;
- incorporation certificate and incorporation documents reflecting the directors and shareholders;
- identification document of the directors and shareholders; and
- proof of address of directors and shareholders. - Information we collect or generate about you. This includes:
- business name of the organisation which you represent and the industry in which you operate;
- contact details, including postal address, email address and phone number;
- country of residence;
- country and city of birth;
- date of birth;
- full name;
- incorporation certificate and incorporation documents reflecting the directors and shareholders;
- identification document of the directors and shareholders; and
- proof of address of directors and shareholders. - Information we obtain from other sources.
- information provided by KYC/KYB third parties to carry out background screening checks (e.g. for sanctions etc).
Personal data that we collect about you if you are an end user
We will process the following personal data about you:
- Information that you provide to us or one of our affiliates. This includes information about you that you give to our affiliates. This information may include:
- contact details, including postal address, billing address, email address and phone number;
- country of residence;
- country and city of birth;
- date of birth;
- full name;
- ID;
- banking details; - Information we collect when you use our services. This includes:
- location information (for example your IP address may indicate general geographic region);
- device information (we may collect IP address, login data, browser type and version, time zone, location, browser plug-ins, operating system, platform, and other relevant technology); and
- usage information (to help us understand how you use our services and to improve them, we may collect interaction information such as but not limited to the pages or content you view, searches you conduct, and the dates and times of your visits);
Uses of your personal data
Your personal data may be stored and processed by us in the following ways and for the following purposes:
- to communicate with you;
- to understand and analyse how you use our services and to develop new products, features, and functionalities; and
- to ensure that our clients are eligible to use our services, which includes:
- verifying that the client and directors/UBOs/authorised users/contact persons are who they say they are;
- ensuring client has the sufficient funds to be able to make the transaction; and
- conducting background checks (e.g. in relation to fraud, sanctions, crime, etc.)
We are entitled to use your personal data in these ways because:
- we have legal and regulatory obligations that we have to discharge;
- we may need to in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings; or
- the use of your personal data as described is necessary for our legitimate business interests (or the legitimate interests of one or more of our affiliates).
Disclosure of your information to third parties
We will take steps to ensure that the personal data is accessed only by our employees that have a need to do so for the purposes described in this notice.
We may also share your personal data outside of Terraspect and our affiliates:
- if we sell any of our business or assets, in which case we may disclose your personal data to the prospective buyer for due diligence purposes;
- if we are acquired by a third party, in which case personal data held by us about you will be disclosed to the third party buyer;
- to third party agents or contractors (for example, the providers of our electronic data storage services) for the purposes of providing services to us. These third parties will be subject to confidentiality requirements and they will only use your personal data as described in this privacy notice; and
- to the extent required by law, for example if we are under a duty to disclose your personal data in order to comply with any legal obligation, establish, exercise or defend our legal rights.
Transfers of personal data outside the European Economic Area (“EEA”) and UK
The personal data that we collect from you may be transferred to, and stored at, a destination outside the EEA/UK. It may also be processed by staff operating outside of the EEA/UK who work for our affiliates or for one of our suppliers.
Where we transfer your personal data outside the EEA/UK, we will ensure that it is protected in a manner that is consistent with how your personal data will be protected by us in the EEA/UK. This can be done in a number of ways, for instance:
- the country to which we send the data is approved by the European Commission/UK Government (as applicable);
- the recipient may have adhered to binding corporate rules (only for intragroup transfers); or
- the recipient has signed a contract based on “model contractual clauses” approved by the UK Government / European Commission (as applicable), obliging them to protect your personal data.
In other circumstances, the law may permit us to otherwise transfer your personal data outside the EEA/UK. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law.
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA/UK (including a copy of the standard data protection clauses which we have entered into with recipients of your personal data) by contacting us in accordance with the “Contacting us” section below.
Retention of personal data
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
- the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
- legal obligations – laws or regulations may set a minimum period for which we have to keep your personal data.
In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to improve the way we work and our services.
Your rights
You have a number of legal rights in relation to the personal data that we hold about you. These rights include:
- the right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you;
- the right to withdraw your consent to our processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so;
- in some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;the right to request that we rectify your personal data if it is inaccurate or incomplete;
- the right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain it;
- the right to object to, and the right to request that we restrict, our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal data but we are legally entitled to continue processing your personal data and/or to refuse that request; and
- the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.
You can exercise your rights by contacting us using the details set out in the “Contacting us” section below.
Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction:
- In the UK, the supervisory data protection authority is the Information Commissioner’s Office (“ICO”) - https://ico.org.uk/.
- A list of National Data Protection Authorities in the EU can be found here.
Security
We make reasonable efforts to protect your personal information through physical and electronic safeguards. However, no electronic transmission or storage of information is completely secure, so we cannot guarantee absolute security or privacy of your data.
We rely on third-party service providers to secure or store your information and require them to follow commercially reasonable security practices and measures.
Updates to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on our website, and significant changes will be communicated to you directly.
Contacting us
If you would like further information on the collection, use, disclosure, transfer or processing of your personal data or the exercise of any of the rights listed above, please address questions, comments and requests to us at:
This Privacy Policy was last updated on September 30th 2024.