Insignis

Privacy Notice

This website is operated by Insignis Asset Management Limited (“Insignis”, “we” or “us”). Insignis is the data controller of any Personal Information collected through this website and/or through our services. We are committed to protecting your Personal Information and ensuring that it is used fairly and responsibly. This privacy notice explains the Personal Information we collect about individuals visiting this website and/or using our services (“Data Subjects” or “you”) and how we use, secure and share that information.

This notice should be read in conjunction with our Website Terms of Use and our Client Terms & Conditions.

We may provide links to external websites on our website. This privacy notice applies only to this website so, if you follow a link to any linked websites, please make sure you read the privacy policies/notices published by the owners of those websites. We are not responsible for your access to, or use of, such linked websites, or for any Personal Information that may be collected about you (including via cookies) as a result of your accessing or using them. Further, we are not responsible for the content of any such linked websites.

If you have any questions about this privacy notice or about any information we hold about you, please contact us by emailing us at dpo@insigniscash.com or writing to us at: Data Protection Officer, Insignis, St John’s Innovation Centre, Cowley Road, Cambridge CB4 0WS.

Insignis Asset Management Limited is a registered Data Controller with the UK Information Commissioner’s office, registration number (ZA158030).

Personal Information that we collect

While visiting the website, applying for a role with us or using our services you may provide, or, where relevant to you relationship with us, we may otherwise receive from your professional adviser, certain Personal Information such as your name, contact details, age, biographical information, or other personal details, as described in the table below, (“Personal Information”):

Type of Personal Information	Personal Information Type Included
Identity Data	Information that either you voluntarily choose to provide by completing forms on this website (including role applications) or which we receive as a result of your use of our services, or of you subscribing to, or otherwise asking for, our marketing communications. This may include: Name Email address Address Phone number(s) Job function and employer details (past and/or present)/institutional affiliation, income details Gender and nationality ID Documentation NI Number Recruitment Information (e.g. CV, certificates, date of birth, performance assessments, reference letters etc.)
Website Usage Data	Information generated by your use of this website, including: Internet protocol (IP) address Browser type and version Time zone setting and location Browser plug-in types and versions Details of the web pages and other resources you access, number of visits, average time spent on the website, pages viewed Operating system and platform Information on the telecommunications services you accessed Other technology on the devices used to access the website
Marketing and Communications Data	Preferences in receiving marketing from us and our third parties Communication preferences

We do not knowingly collect information from children who are under the age of digital consent. Such minors are under the age of 13 (or such legally required higher age). This means that, if the law in a particular country or region sets a higher age limit than 13, then Insignis will apply that age limit as appropriate.

Insignis does not target its website to children under 13 (or such legally required higher age). If we learn that a child under the age of 13 (or such legally required higher age) has submitted Personal Information online without parental consent, we will take all reasonable steps to delete such information from our databases and not to use such information for any purpose (except where necessary to protect the safety of the child or others as required or as allowed by law).

If you become aware of any Personal Information we have collected from children under 13 (or such legally required higher age), please contact us via the details set out at the beginning of this privacy notice.

How we use your Personal Information

We may process your Personal Information, in our capacity as data controller, in the following ways:

Purpose	Type of Personal Information	Lawful basis for processing	Details
To provide our services to you.	Identity Data	Legitimate interest Consent Necessary for performance of a contract with you	To provide our cash management and other services to you, including managing events for which you have registered. To deliver any online content that you have subscribed to. To provide relevant communications based on your use of our website and /or services (e.g. to notify you of service down time). To ensure that we are aware of the need to make any reasonable adjustments in providing our services to you.
To comply with our legal and regulatory obligations.	Identity Data	Necessary to comply with a legal obligation	To comply with anti-money-laundering and other regulations.
To respond to your questions and comments.	Identity Data	Legitimate interest Necessary to comply with a legal obligation Necessary for performance of a contract with you	To provide you with requested information and to promote our services.
To use data analytics to improve and customize the website.	Website Usage Data	Legitimate interests Necessary for performance of a contract with you	To personalise the way our web content is presented to you and to keep the website updated and relevant.
To monitor the use of the website and enforce our terms of use.	Website Usage Data	Legitimate interest Necessary to comply with a legal obligation Necessary for performance of a contract with you	To improve the functionality and content of our website.
To manage and protect our business and the website.	Identity Data Website Usage Data	Legitimate interests Necessary to comply with a legal obligation	To manage our business and ensure the effective operation of the website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). To prevent fraud and if necessary to block disruptive use.
To send marketing and promotional materials to Data Subjects in a business context.	Identity Data Marketing and Communications Data	Legitimate interests	To provide you with information about our services, activities or our online content by offering you the opportunity to subscribe to newsletters, publications, event announcements, etc. To invite your voluntary participation in surveys about our services.
To manage and assess job applications	Identity Data Employment & Qualifications	Legitimate interests Necessary to comply with a legal obligation	To evaluate your suitability for the role, communicate with you, carry out necessary checks, and meet our legal or regulatory obligations.

Where we need to collect Personal Information by law, or under the terms of a contract we have with you, if you choose not to give us this Personal Information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to run your accounts and / or need to cancel a product or service you have with us; we will notify you if this is the case at the time. Any data collection that is optional will be made clear at the point of collection.

We do not sell your Personal Information to third parties.

Identity verification and the prevention of money laundering

If you decide to take advantage of our services, we will ask you to provide us with certain information to enable us to verify your identity and address. This information may additionally be used for the performance of prevention of money laundering checks as well as in the management of the services we provide you. We may check the data provided by you against corroborative sources of electronic data to validate its accuracy and completeness and to authenticate an individual’s geographic locale. We will also use the data provided to enable us to perform searches against a widely adopted source of structured intelligence which enables the identification of Politically Exposed Persons (PEPs), heightened risk individuals and organisations.

Marketing communications

Insignis may use your postal address, email address and telephone number to contact you about our services for as long as you are a client, or a potential client, of this company.

If you are a direct client of Insignis, we may also use your postal and email address for the purposes of sending direct marketing information to you on other products and services we offer. You may ask us to stop sending such direct marketing information to you at any time.

Information that we share

We will not share your Personal Information with third parties for any purpose other than those described in this privacy notice or as necessary to facilitate any other purpose for which you provided it.

Third parties to whom we may disclose your Personal Information include:

banking institutions in the provision of our services;

service providers processing your information on our behalf, (e.g., providers of pre-employment screening checks, providers of screening to support the completion of onboarding checks etc.) all of which are required to keep your information confidential;

our data archive provider;

your professional adviser and their technology providers;

third-party review sites who may invite your feedback on your experience of using our services, in such cases only your name and email address would be shared;

any successor owners or operators of the website; and

public authorities and bodies where required or permitted by law, such as law enforcement authorities for the purposes of the prevention, investigation or detection of crime or fraud.

Cookies

Cookies are small text files placed on your device when you visit a website. They allow the website to recognise your device and store certain information about your preferences or browsing activity.

We use a cookie consent tool to manage your cookie preferences. Strictly necessary cookies are placed on your device to enable the website to function. All other categories of cookie are only placed in accordance with the basis described below, and your preferences can be updated at any time through the cookie settings tool available on this website.

You may also manage cookies through your browser settings, though please note that doing so may affect the functionality of certain features.

Types of cookie

Session cookies are used to maintain the state of the connection between the web server and your computer enabling you, once you are logged in, to move between web pages on the same website without having to keep logging in. Session cookies are automatically deleted at the end of the browsing session.

Persistent cookies remain on your device after your browsing session ends, unless you delete them or they reach their expiry date. They are used to remember your preferences and settings on return visits.

Necessary cookies are essential for the website to function and cannot be switched off. They are set in response to actions you take such as logging-in or setting your privacy preferences. These cookies do not store any personally identifiable data.

Functional cookies enable enhanced functionality such as remembering your preferences or settings. Disabling these cookies may affect the performance of certain features. These cookies are only placed with your consent.

Analytical cookies are used to help us understand how visitors interact with the website by collecting information such as pages viewed, time spent on the site, and traffic sources. We use this information to improve the website and our services. These cookies are only placed with your consent. Details of the providers we use, and the purposes for which they use cookies, are set out in our cookie consent tool.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages a user visited previously and to analyse the effectiveness of the ad campaigns. These cookies are only placed with your consent.

Insignis may use the cookies gathered to support cross-domain tracking i.e. to better understand how visitors use our website.

Third-party cookie providers

Certain of the cookies on our website are set by third-parties. The names of those providers and the purposes of their cookies are set out in our cookie consent tool, which you can access at any time through the cookie settings on this website.

International data transfers

Our products and services may be provided using resources and servers located in various countries around the world. As a result, your Personal Information may be transferred to, and processed in, a jurisdiction outside the United Kingdom for the purposes described in this privacy notice, including in connection with cookies set by third-party providers on our website.

Where transfers outside the United Kingdom occur, we ensure that appropriate safeguards are in place so that the level of protection afforded to your data is not materially lower than that which applies in the United Kingdom. Those safeguards may include standard contractual clauses approved by the UK Information Commissioner's Office, or transfers to countries that benefit from a UK adequacy decision.

Data may also be transferred to further parties by our providers where required by law, or where those parties process data on a provider's behalf, subject to equivalent safeguard requirements.

For the purposes of the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.

If you would like further details of the specific providers that transfer data outside the United Kingdom, the countries involved, or the safeguards in place, please contact us using the details at the beginning of this notice.

How we protect your Personal Information

We maintain administrative, technical and physical safeguards to protect against unauthorized disclosure, use, alteration or destruction of the Personal Information you provide on this website. While we endeavour to protect your Personal Information, we cannot guarantee the security or integrity of any Personal Information and ultimately you provide your Personal Information to us at your own risk.

How long we keep your Personal Information

We will retain your Personal Information for no longer than the period necessary to fulfil the relevant purpose(s) for which it was collected, as set out above, unless a longer retention period is mandated or permitted by law.

Client Data

In general, we will delete redundant account information within 14 days of our relationship ending. However, we are obliged to keep certain records of our relationship to comply with the UK Financial Conduct Authority’s and other regulatory rules, in which case we will instead restrict access through our archiving processes. Subject to any actual or potential legal claim or regulatory investigation, the maximum time that we envisage retaining any of your information is 6 years, after which time it will be destroyed.

Subject to the above, information we use for marketing purposes will be kept by us until you notify us that you no longer wish to receive this information. If you do notify us that you no longer wish to receive marketing information, we will keep an encrypted version of your contact information to ensure we respect your wishes.

After you stop being a client, we may keep your data for up to 6 years for one of these reasons:

To respond to any questions or complaints.

To show that we treated you fairly.

To maintain records according to rules that apply to us.

We may keep your data for longer than 6 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes.

Applicant Data

If your application is successful, we will retain your data throughout your employment with the firm and for the six (6) years following your final day with us in accordance with the Limitation Act 1980.

If your application is unfortunately unsuccessful, we will retain your data for one (1) year from the date of your application; this period both enables us to meet our own legal obligations and supports your consideration as a potential candidate for future opportunities.

Your rights

Data Subjects in the United Kingdom and the European Economic Area have the following rights, under applicable data protection laws in relation to their Personal Information:

Data Subject Right	Description
To request access to the Personal Information that is held about them.	This enables you to receive a copy of the Personal Information that we hold about you and to check that we are lawfully processing it.
To request correction of the Personal Information is held about them.	The enables you to require us to correct mistakes in the Personal Information that we hold about you. You will need to provide us with enough information to identify you (e.g. full name, date of birth, account number etc.) and to let us know which information is incorrect and what it should be replaced with.
To request erasure of their Personal Information.	This enables you to ask us to delete or remove your Personal Information where there is no permitted reason for us continuing to process it.
To object to processing of their Personal Information.	You have the right to object where either (a) we are relying on a legitimate interest to process your data and you believe that the processing of your Personal Information impacts on your fundamental rights and freedoms; or (b) where we are processing your Personal Information for direct marketing purposes. Please be aware that, in some cases, we may demonstrate that we have compelling legitimate grounds to process your Personal Information which override your rights and freedoms. In such cases we will provide a clear rationale.
To request restriction of processing of their Personal Information.	This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: if you want us to establish the accuracy of your Personal Information; where our use of your Personal Information is unlawful but you do not want us to erase it; where you need us to hold the Personal Information even if we no longer require it as you need it to establish, exercise or defend legal claims; or you have objected to our use of your Personal Information but we need it in order to verify whether we have overriding legitimate grounds to use it.
To request the transfer of their Personal Information to themselves or to a third party.	You can require us to provide you, or a third party you have chosen, with your Personal Information in a structured, commonly used, machine-readable format. This right only applies to automated Personal Information that you initially provided consent for us to use or where we used the Personal Information to fulfil a contract with you.
To withdraw consent at any time where this is the basis on which their Personal Information Is being processed.	This will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide you with access to the Insignis Platform or certain functionalities. We will advise you if this is the case at the time that you withdraw your consent.

If you wish to make use of any of your rights as detailed above, you may, as appropriate and in accordance with applicable laws, exercise such rights by contacting us using the contact information listed at the beginning of this privacy notice.

Please note that we may need to identify you and to ask for additional information in order to be able to fulfil your requests. Please also note that applicable law may contain restrictions and other provisions that relate to your rights as described above. In some cases, especially if you wish us to delete or cease the processing of your Personal Information, this may also mean that we may not be able to continue to provide services to you.

We will respond to any request regarding a wish to exercise any of these rights within one month of receipt. Where we need you to clarify or provide further information in order to process your request, the one-month period will pause until we receive that clarification. If your request is complex, it may take longer than one month to respond; we will advise you if this is the case.

Subject Access Request

You have a right to a copy of and details of the Personal Information held about you. To obtain a copy of the Personal Information Insignis holds about you, please write to us at dpo@insigniscash.com. No charge will normally be made by Insignis for providing this information however, if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.

Complaints

If you have a concern about the way in which we have handled your Personal Information, we encourage you to raise it with us in the first instance.

You can make a complaint to us by any of the following means:

by email to: dpo@insigniscash.com

by post to: Data Protection Officer, Insignis, St John’s Innovation Centre, Cowley Road, Cambridge CB4 0WS

We will acknowledge your complaint within 30 days of receipt. We will then investigate and respond to you as promptly as possible, keeping you informed of progress in the meantime.

If you remain dissatisfied following our response, or if we have not resolved your complaint within a reasonable time, you have the right to refer the matter to the Information Commissioner's Office.

The ICO can be contacted using any of the following means:

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AFTelephone: 0303 123 1113

Email: Casework@ico.org.uk.

Changes to this privacy notice

We keep this privacy notice under regular review and will place any updates on this web page. We encourage you to frequently check this page for any changes to this privacy notice. Your continued use of the website and / or our services following any change in this privacy notice will constitute your acceptance of such changes. If you do not accept such changes, you must not use the website and we may be unable to continue to provide services to you.

This privacy notice was last updated on 19 June 2026.

‍