Privacy Policy

How we collect, use, and protect your personal information

Last updated: 13 July 2025

1. Introduction

GroBnk Limited ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

This policy applies to all users of our platform, including those who join our waitlist, form GroGroups, or use our collective property ownership services.

Important: By using our services, you consent to the collection and use of your information as described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Identity Information: Full name, date of birth, nationality
  • Contact Information: Email address, phone number, postal address
  • Financial Information: Income details, employment status, credit history, bank account information
  • Identification Documents: Passport, driving licence, utility bills for verification
  • Property Preferences: Location preferences, budget, investment goals

2.2 Technical Information

  • IP address and browser type
  • Device information and operating system
  • Website usage data and analytics
  • Cookies and similar tracking technologies
  • Login information and session data

2.3 Communication Data

  • Messages sent through our platform
  • Customer support interactions
  • Survey responses and feedback
  • Marketing preferences

3. How We Use Your Information

3.1 Service Provision

  • Creating and managing your account
  • Facilitating GroGroup formation and management
  • Processing property transactions and investments
  • Providing customer support and assistance
  • Sending service-related communications

3.2 Legal and Regulatory Compliance

  • Know Your Customer (KYC) and Anti-Money Laundering (AML) checks
  • Identity verification and fraud prevention
  • Compliance with financial services regulations
  • Tax reporting and record keeping
  • Responding to legal requests and court orders

3.3 Business Operations

  • Improving our services and user experience
  • Conducting market research and analytics
  • Risk assessment and management
  • Marketing and promotional activities (with consent)
  • Business development and partnerships

4. Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

Contract Performance

Processing necessary to provide our services and fulfill our contractual obligations.

Legal Obligation

Compliance with financial regulations, KYC/AML requirements, and tax obligations.

Legitimate Interest

Fraud prevention, service improvement, and business development activities.

Consent

Marketing communications and optional features (which you can withdraw at any time).

5. How We Share Your Information

5.1 Within GroGroups

When you join a GroGroup, certain information (name, contribution amount, contact details) may be shared with other group members to facilitate collective ownership and communication.

5.2 Service Providers

We may share your information with trusted third parties who help us operate our business:

  • Payment processors and banking partners
  • Identity verification and credit checking services
  • Legal and professional advisors
  • IT service providers and cloud hosting
  • Customer support and communication platforms

5.3 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal obligations or court orders
  • Respond to requests from regulatory authorities
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activities
  • Enforce our terms of service

6. Data Security

We implement robust security measures to protect your personal information:

Encryption

All data is encrypted in transit and at rest using industry-standard protocols.

Access Control

Strict access controls ensure only authorized personnel can access your data.

Monitoring

Continuous monitoring and regular security audits protect against threats.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data (subject to legal obligations).

Right to Restrict Processing

Request limitation of how we process your data.

Right to Data Portability

Request transfer of your data to another service provider.

Right to Object

Object to processing based on legitimate interests or for marketing purposes.

To exercise your rights: Contact us at privacy@grobnk.com or use our contact form. We will respond within 30 days.

8. Data Retention

We retain your personal data for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal and regulatory requirements (typically 7 years for financial records)
  • Resolve disputes and enforce our agreements
  • Protect against fraud and abuse

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our website. These include:

Essential Cookies

Required for basic website functionality and security.

Analytics Cookies

Help us understand how visitors use our website.

Functional Cookies

Remember your preferences and settings.

Marketing Cookies

Used for targeted advertising (with your consent).

You can manage your cookie preferences through your browser settings or our cookie consent banner.

10. International Data Transfers

We primarily process data within the UK and EEA. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the UK Information Commissioner's Office
  • Standard Contractual Clauses approved by UK authorities
  • Binding Corporate Rules for multinational organizations
  • Certification schemes and codes of conduct

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices on our platform

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer

Email: adam@grobnk.com

Postal Address

GroBnk Limited
14 Alexandria Road
London, England, W13 0NR
United Kingdom

Company Information: GroBnk Limited is registered in England and Wales under company number 16330466. You have the right to lodge a complaint with the ICO at ico.org.uk.

Questions About Your Privacy?

Our team is here to help you understand how we protect your data.