Last updated — May 25, 2026
This Privacy Policy explains how we collect, use, store, disclose, transfer, and protect your personal information (“Personal Data”) when you access or use our website, products, services (“Services”), solutions, features, technologies, and applications available through https://www.qore.finance (“Website”).
This Privacy Policy applies to individuals who use our Website or Services, individuals associated with our business customers (such as directors, shareholders and authorised users), payers and payees in connection with payments we process, and other individuals who interact with us (for example, when you contact us). When writing “you”, we refer to you as a potential, existing, former client of the Company, our client’s employee or other related party such as beneficial owner, authorised representatives, business partners, other associated parties or a user of our Website.
Our Website and Services are not intended for individuals under 18 years of age.
The Services are provided by Brit FX Limited, trading as QORE Finance, a company registered in England and Wales under company number 12309386 (“Company”, “we”, “us”, or “our”).
We are committed to protecting the privacy and security of individuals who access or use our Website and Services.
If you do not agree with this Privacy Policy, you should discontinue access to and use of the Website and Services.
References in this Privacy Policy to the “GDPR” mean the General Data Protection Regulation (EU) 2016/679 and the UK GDPR as incorporated into UK law by the Data Protection Act 2018, as applicable. References to applicable data protection laws include the GDPR, UK GDPR, Data Protection Act 2018, and any equivalent local privacy laws, as applicable. References to “supervisory authority” include the UK Information Commissioner’s Office (ICO) and, where relevant, any competent data protection supervisory authority in the European Economic Area or other jurisdictions.
For the purposes of applicable data protection legislation, Brit FX Limited, trading as QORE Finance, acts as the data controller in relation to your Personal Data processed through our Website and Services.
Where required by applicable law, regulatory obligations, internal compliance procedures, or risk management policies, we may refuse, restrict, suspend, or terminate access to the Services where sufficient verification information cannot be obtained or where AML/CFT, sanctions, fraud, or security concerns arise.
We may collect, use, store, and transfer different categories of Personal Data about you, including:
| Category | Description |
|---|---|
| Identity Data | Full name, date of birth, nationality, passport details, government-issued identification documents, biometric verification data. |
| Contact Data | Residential address, email address, telephone number. |
| Financial Data | Bank account details, payment card information, source of funds information. |
| Transaction Data | Transaction history, payment details, transfers; information relating to payments, transfers, transaction history, and related payment activity. This may include payer and payee names, account details (such as IBAN, sort code, account number, card details), transaction dates, amounts, currencies, payment references, remittance information, and any free-text descriptions that may contain Personal Data. |
| Technical Data | IP address, browser type, operating system, device identifiers, login data. |
| Usage Data | Information about how you use our Website and Services. |
| Profile Data | Preferences, feedback, survey responses, account settings. |
| Marketing & Communications Data | Your communication preferences and marketing opt-in/opt-out records. |
Personal Data may include information obtained from sanctions and PEP lists, fraud prevention databases and adverse media sources, where legally permitted.
We use different methods to collect data from and about you including through:
You may provide us with your Personal Data by:
As you interact with our Website, we may automatically collect Technical and Usage Data using:
We may receive Personal Data from:
As part of our legal and regulatory obligations, we may verify your identity and screen your Personal Data against third-party databases and public or private sources. This may include identity verification providers, sanctions and PEP lists, fraud prevention databases, adverse media sources, law enforcement and regulatory lists, and other publicly available registers or compliance data sources.
If we are unable to complete these checks to our satisfaction, we may be unable to open or maintain an account for you, process a transaction, or provide some or all of the Services. In some cases, we may also be required by law to retain certain information and/or make disclosures to competent authorities, even where an account is not opened or a transaction is not completed.
We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract. In order to access our Website and Services you will first have to enter into a contract with us governing our relationship.
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best Services and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us. Certain processing activities may also be carried out on the basis of recognised legitimate interests under applicable data protection legislation. These may include processing undertaken for the purposes of preventing or detecting fraud, money laundering, terrorist financing, or sanctions breaches, safeguarding individuals from harm, and improving, maintaining, and securing our Services.
Comply with a legal obligation means processing your Personal Data where it is necessary for compliance with a legal obligation that we are subject to.
Generally, we do not rely on consent as a legal basis for processing your Personal Data, with the exception of our marketing, advertising, and non-essential cookie and tracking activities. Where we use cookies and similar technologies that are not strictly necessary for the operation of our Website (for example, for analytics or advertising), we will seek your consent through our Cookie Preference Center before setting such technologies on your device. Where consent is relied upon, we ensure it is freely given, specific, informed, and unambiguous, and you may withdraw your consent at any time through your account settings, the Cookie Preference Center, or by contacting us. We will ensure to provide you with clear and concise information regarding what you consent to and make it easy for you to withdraw consent at any time.
We have set out below, in a table format, a description of all the ways we plan to use your Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your Personal Data where more than one ground has been set out in the table below.
| Purpose / Activity | Type of Data | Lawful Basis for Processing |
|---|---|---|
| To register you as a customer, verify your identity and provide you with a live account on the Website. | Identity Data; Contact Data; Financial Data. | (a) Performance of a contract with you. (b) Necessary to comply with a legal obligation. (c) Necessary for our legitimate interests, such as verifying customer information, maintaining accurate account records, preventing misuse of the Services, and ensuring that only eligible users are able to access the Services. |
| To perform ongoing due diligence and monitoring of your activity under KYC/AML/CFT requirements. | Identity Data; Contact Data; Financial Data; Transaction Data; Technical Data; Profile Data. | Necessary to comply with a legal obligation. |
| To protect the rights, property, security, and integrity of the Company, users, and third parties, including detecting, preventing, and investigating fraud, misuse of the Services, security incidents, and other unlawful or harmful activity. | Identity Data; Contact Data; Financial Data; Transaction Data; Technical Data; Profile Data; Usage Data. | (a) Necessary to comply with a legal obligation. (b) Performance of a contract with you. (c) Necessary for our legitimate interests, such as protecting the Company, our Website, Services, users and third parties against fraud, misuse, security threats, unauthorised access, unlawful activity and other harmful activity. |
| To provide you with the Services: (a) Manage payments, fees and charges; (b) Collect and recover money owed to us. | Identity Data; Contact Data; Financial Data; Transaction Data; Marketing & Communications Data. | (a) Performance of a contract with you. (b) Necessary for our legitimate interests, such as managing payments, collecting and recovering amounts owed to us, maintaining accurate financial records, and protecting our business interests. |
| To manage our relationship with you, including notifying you about changes to our Terms of Use, privacy and other policies, and asking you to leave a review or take a survey. | Identity Data; Contact Data; Profile Data; Marketing & Communications Data. | (a) Performance of a contract with you. (b) Necessary to comply with a legal obligation. (c) Necessary for our legitimate interests, such as keeping our records updated, managing customer relationships, understanding how customers use our Services, improving our Services, and obtaining feedback. |
| To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). | Identity Data; Contact Data; Technical Data. | (a) Necessary for our legitimate interests, such as running our business, providing administration and IT services, maintaining network and information security, preventing fraud and misuse, troubleshooting, testing, system maintenance, support, reporting, hosting data, and maintaining service availability. (b) Necessary to comply with a legal obligation. |
| To deliver relevant content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you. | Identity Data; Contact Data; Profile Data; Usage Data; Marketing & Communications Data; Technical Data. | (a) Necessary for our legitimate interests, such as measuring advertising effectiveness, understanding customer engagement, improving our marketing strategy, and developing our business. (b) Consent where required by applicable law. |
| To use data analytics to improve our Website, Services, marketing, customer relationships and experiences. | Technical Data; Usage Data. | (a) Necessary for our legitimate interests, such as analysing how users use our Website and Services, keeping our Website and Services updated and relevant, improving customer experience, developing our Services, and informing our business and marketing strategy. (b) Consent where required by applicable law. |
| To make suggestions and recommendations to you about Services that may be of interest to you, and provide you with exclusive offers. | Identity Data; Contact Data; Technical Data; Usage Data; Profile Data; Marketing & Communications Data. | (a) Necessary for our legitimate interests, such as understanding which Services may be relevant to customers, developing our Services, improving customer engagement, promoting our Services, and growing our business. (b) Consent where required by applicable law. |
| To investigate disputes, claims, suspicious activity, or legal proceedings. | Identity Data; Contact Data; Financial Data; Transaction Data; Technical Data; Usage Data. | (a) Necessary to comply with a legal obligation. (b) Necessary for our legitimate interests, such as protecting our legal rights and business interests, resolving disputes, investigating suspicious or unlawful activity, responding to complaints, and establishing, exercising or defending legal claims. |
We may share your Personal Data with certain parties as set out below:
We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
In some cases, these providers process Personal Data as our processors, acting on our written instructions. In other cases, they may process Personal Data as independent controllers where they determine their own purposes and means of processing, including to comply with their own legal, regulatory, risk management, or anti-money laundering obligations.
Where a third-party provider acts as an independent controller, its processing of Personal Data will be governed by its own privacy notice, and individuals should review that notice where relevant.
We use third-party and internal compliance tools to support our KYC, AML/CFT, sanctions screening, fraud prevention, transaction monitoring, and risk assessment processes. These tools may use automated checks, screening databases, rules-based alerts, profiling, and risk-scoring mechanisms to assess information such as identity information, transaction history and patterns, device and technical data, sanctions and politically exposed person screening results, geolocation data, and device-risk indicators.
These tools may generate alerts, risk indicators, match results, or recommended actions for our review. We use these outputs to help identify potential compliance, fraud, security, or financial-crime risks.
We do not make decisions that produce legal effects or similarly significant effects for you based solely on automated processing. Decisions to refuse, restrict, suspend, or terminate access to the Services, or to block or decline a transaction on risk or compliance grounds, involve human review and judgement.
Your Personal Data may be transferred to, stored, or processed in countries outside the United Kingdom or European Economic Area (“EEA”), including where our service providers, infrastructure providers, affiliates, or business partners operate.
Where required under applicable data protection laws, we implement appropriate safeguards to ensure that your Personal Data remains protected when transferred internationally. Such safeguards may include:
We may use third-party cloud hosting, analytics, compliance, payment, communication, and infrastructure providers that process Personal Data in multiple jurisdictions.
Where required, we take reasonable steps to ensure that recipients of Personal Data are subject to confidentiality obligations and implement appropriate technical and organisational security measures designed to protect your Personal Data.
Further information about these safeguards, including a copy of the relevant contractual protections or a description of where they can be accessed, is available from us on request using the contact details set out below.
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will not keep your Personal Data for longer than is necessary for the purposes for which it was collected, including to meet our legal, regulatory, tax, accounting, or reporting obligations. We may retain your Personal Data for a longer period where this is required in connection with a complaint or where we reasonably believe there is a prospect of a dispute or legal claim in relation to our relationship with you.
When determining how long to retain your Personal Data, we take into account factors such as the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it and whether those purposes can be achieved through other means, as well as applicable legal, regulatory, tax, accounting and other requirements.
By law, we are required to keep certain basic information about our customers (including Contact, Identity, Financial and Transaction Data) for a minimum of five (5) years after they cease being customers, for compliance and record-keeping purposes. We may be required to retain Personal Data for longer periods where this is necessary to comply with other applicable laws, regulatory obligations, statutory limitation periods, or accounting and tax rules.
In some circumstances, you may ask us to delete your Personal Data — see the “Your Legal Rights” section for further information about this. In other circumstances, we may anonymise your Personal Data (so that it can no longer be associated with you) for research, statistical or analytical purposes; in such cases, we may use this information indefinitely without further notice to you.
Where legally permitted, we may also retain Personal Data for longer periods where this is necessary for the establishment, exercise, or defence of legal claims, or to comply with ongoing regulatory or law-enforcement requirements.
Your principal rights under the GDPR are:
Please note that data protection rights are not absolute and may be subject to statutory exemptions and restrictions. In particular, our obligations relating to anti-money laundering, counter-terrorist financing, sanctions compliance, fraud prevention, safeguarding, legal privilege, and regulatory reporting may limit the information we can provide or the extent to which we can comply with certain requests. Where we rely on such an exemption, we will explain this where we are legally permitted to do so.
We may disclose Personal Data to regulators, financial intelligence units, law enforcement authorities, tax authorities, courts, governmental bodies, and other competent authorities where required by applicable law, regulation, legal process, or regulatory obligations.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you have a complaint about how we process your Personal Data or how we have handled a privacy-related request, please contact us using the details set out in the “Contact Us” section and we will try to resolve your concern.
If you feel that we have not addressed your complaint in a satisfactory manner, you also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) in the United Kingdom or with your local data protection supervisory authority, as applicable. Details of how to contact the ICO are available at ico.org.uk/global/contact-us, and further information about your data protection rights can be found at ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/.
We may send you communications relating to your use of the Services, including service-related announcements, security alerts, transactional notifications, compliance-related communications, technical notices, updates to our Terms of Use or Privacy Policy, and other administrative messages where necessary to perform our contract with you or where we have a legitimate interest in providing such communications.
Where required by applicable law, we will obtain your consent before sending you marketing or promotional communications regarding products, services, features, offers, events, or updates that may be of interest to you.
You may opt out of receiving marketing communications at any time by:
Please note that opting out of marketing communications will not affect service-related, transactional, security, compliance, or legally required communications.
We and our service providers may use cookies, server logs, analytics tools and similar technologies (“Cookies”) to operate, secure, maintain and improve our Website and Services.
Cookies may collect information such as your IP address, device and browser information, operating system, session activity, pages visited, interactions with our Website and Services, preferences, and similar technical or usage information.
We use Cookies for purposes such as: (a) authenticating users and maintaining secure sessions; (b) operating, securing and providing the Website and Services; (c) preventing fraud, misuse, unauthorised access and other harmful activity; (d) remembering user preferences and settings; (e) performing analytics, diagnostics and performance monitoring; (f) improving functionality, user experience, service reliability and security; and (g) measuring the effectiveness of our communications, campaigns and marketing, where applicable.
Some Cookies are strictly necessary for the Website and Services to function and cannot be disabled through our Cookie Preference Center. These may include Cookies used for authentication, security, fraud prevention, session management and service availability.
Where required by applicable law, we will use non-essential Cookies only after obtaining your consent. Non-essential Cookies may include analytics, performance, functionality, advertising or targeting Cookies, depending on how they are used.
Our Cookie Preference Center is available through the cookie banner and, where available, in the footer of our Website. It allows you to manage your cookie settings at any time, including consenting to or rejecting different categories of non-essential Cookies and updating your choices whenever you wish.
We may use third-party analytics, infrastructure, security and service providers that collect information through Cookies integrated into our Website or Services. These providers process such information on our behalf or in accordance with their own terms and privacy notices, as applicable.
You may manage certain Cookies through: (a) your browser or device settings; (b) our Cookie Preference Center.
For further information on cookies generally, visit aboutcookies.org or allaboutcookies.org.
Please note that disabling or rejecting certain Cookies may affect the availability, security, functionality or performance of parts of the Website or Services.
Your preferences are generally browser- and device-specific, meaning you may need to configure settings separately across different devices and browsers.
Where applicable, you may withdraw or modify your consent preferences at any time through our Cookie Preference Center or by contacting us at info@qore.finance.
Our Website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of such third parties, and we encourage you to review their privacy policies before providing any Personal Data.
We reserve the right to amend this Privacy Policy from time to time to reflect changes in legal, regulatory, operational, or technical requirements.
Where required by law, we will notify users of material changes through the Website, email notifications, or other appropriate communication methods.
Brit FX Limited, trading as QORE Finance, acts as the Data Controller for the purposes of applicable data protection laws in relation to the processing of your Personal Data under this Privacy Policy.
Registered Office
Suite 30, 15a Market Street, Telford, England, TF2 6EL
Operating Address
Parallel House, 32 London Road, Guildford, Surrey, GU1 2AB
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at info@qore.finance.