Legal
Privacy Policy
Issued by Entity Engine UK Ltd · Company No. 17010306 · 85 Lothrop Street, London, W10 4JD, United Kingdom
On this page▾
- 1.Who we are & how to contact us
- 2.Personal data we collect
- 3.How we use your data
- 4.Legal bases for processing
- 5.Sharing your data
- 6.International transfers
- 7.Data retention
- 8.Your rights
- 9.Cookies & tracking technologies
- 10.Marketing communications
- 11.Data security
- 12.Third-party links
- 13.Children
- 14.Updates to this policy
- 15.Contact details
Who we are & how to contact us
EntityEngine operates a digital platform that connects users with independent third-party corporate-service providers (“CSPs”). For data-protection purposes, EntityEngine acts as the data controller in relation to personal data you provide directly to us. You can contact us at:
- Post
- Data Protection Officer, Entity Engine UK Ltd, 85 Lothrop Street, London, W10 4JD, United Kingdom
Personal data we collect
We may collect and process the following categories of information:
| Category | Examples |
|---|---|
| Identification Data | Full name, date of birth, nationality, photo ID (passport, driving licence), proof of address documents. |
| Contact Data | Email address, telephone number, postal address. |
| Account Data | Login credentials, user ID, preferences, communication history. |
| Transactional Data | Billing details, payment records (processed via third-party processors), order history. |
| KYC / Due-Diligence Data | Information collected to verify identity or beneficial ownership under AML regulations. |
| Technical Data | IP address, browser type, operating system, cookies and usage logs. |
| Marketing Preferences | Your consent choices for newsletters or updates. |
We collect this data directly from you, from CSPs you engage through our platform, and (where required) via third-party identity-verification providers.
How we use your data
We use your personal data to:
- Provide and improve our platform — to register you, authenticate logins, and maintain account functionality.
- Facilitate introductions to third-party CSPs — to transmit KYC data and contact details where required to deliver the requested service.
- Comply with legal obligations — including anti-money-laundering, sanctions, and tax-reporting requirements.
- Process payments and issue invoices.
- Communicate with you — regarding enquiries, updates, security alerts, or policy changes.
- Send marketing communications — only if you have opted in (you can opt out at any time).
- Protect our platform — for fraud prevention, security monitoring, and dispute resolution.
We will not use your personal data for purposes incompatible with those listed above.
Legal bases for processing
We rely on the following lawful bases under the UK GDPR:
| Purpose | Legal Basis |
|---|---|
| Account creation, service provision | Performance of a contract (Article 6(1)(b)) |
| KYC / AML compliance | Legal obligation (Article 6(1)(c)) |
| Communications, marketing (optional) | Consent (Article 6(1)(a)) |
| Platform security and analytics | Legitimate interests (Article 6(1)(f)) |
International transfers
Your data may be processed or stored outside the UK (for example, by CSPs or cloud providers located overseas). Where such transfers occur, we ensure they are protected by:
- UK Adequacy Regulations (for EEA countries etc.), or
- The UK International Data Transfer Addendum to the EU Standard Contractual Clauses.
Data retention
We retain personal data only for as long as necessary to deliver the contracted services, satisfy legal, accounting, and AML record-keeping obligations (normally 5 years from last transaction), and resolve disputes. When data is no longer required, it is securely deleted or anonymised.
Your rights
Under the UK GDPR you have the following rights:
- Access — to obtain a copy of your personal data.
- Rectification — to correct inaccurate or incomplete data.
- Erasure — to request deletion when data is no longer needed (subject to legal retention).
- Restriction — to limit processing in certain circumstances.
- Data Portability — to receive your data in a structured, machine-readable format.
- Objection — to processing based on legitimate interests.
- Withdraw Consent — where processing relies on consent (e.g. marketing).
To exercise these rights, contact legal@entityengine.io. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
Marketing communications
Where you consent, we may send you news and updates about new jurisdictions, features, or products. You may opt out at any time using the “unsubscribe” link in our emails or by contacting legal@entityengine.io.
Data security
We use appropriate technical and organisational measures to protect your data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These include encryption in transit and at rest, access controls, regular security audits, and staff training.
Third-party links
Our website may contain links to third-party sites. We are not responsible for the content or privacy practices of those sites. You should review their privacy notices before submitting any personal data.
Children
Our Services are not directed to individuals under 18 years of age, and we do not knowingly collect personal data from minors.
Updates to this policy
We may update this Privacy Policy from time to time to reflect changes in law or our practices. The latest version will always be available at llc.entityengine.io/privacy. Material changes will be notified by email or site banner.
Contact details
- Data Controller
- Entity Engine UK Ltd
- Company No.
- 17010306
- Registered Address
- 85 Lothrop Street, London, W10 4JD, United Kingdom