Privacy Policy

---

Last Updated — 4 October 2025

This Privacy Policy (the “Policy”) constitutes a binding statement of principles, obligations and undertakings by Longshanks Trading Limited (“Longshanks Trading,” “we,” “us,” or “our”), a private company incorporated under the laws of England and Wales with company number 16752120, whose registered office and principal place of business are stated on our official website (the “Site”). This Policy governs the manner in which Longshanks Trading collects, uses, discloses, retains, protects, and otherwise processes personal data in connection with the operation of our websites, digital platforms, and the provision of our related business and professional services (collectively, the “Services”).

By accessing or using the Site, by engaging with us in any commercial or professional capacity, or by voluntarily providing us with personal data, you acknowledge that you have read and understood the terms of this Policy and that you consent—where such consent is the lawful basis—to our processing of your personal data in accordance with it. Should you disagree with any aspect of this Policy, you must immediately cease all use of the Site and refrain from providing personal data to us.

1 — Scope and Application

This Policy extends to all personal data collected, received, or otherwise processed by Longshanks Trading in the ordinary course of our business operations, whether such data is collected directly through our Site, through digital or telephonic correspondence, through client onboarding, transaction processing, professional engagements, or through any other channel whereby personal data is provided or made available to us. It applies equally to data processed by our officers, directors, employees, contractors, agents, consultants, and authorised service providers acting on our behalf. This Policy applies to data concerning clients, prospective clients, suppliers, contractors, counterparties, visitors, job applicants, and any other individual whose data is collected or processed by us in the course of our lawful business activities. It does not apply to information processed by third parties independently of our control; such third parties remain responsible for their own privacy practices and must be consulted directly through their respective privacy statements.

2 — Data Controller and Contact

For all purposes relating to the processing of personal data described herein, Longshanks Trading Limited acts as the data controller within the meaning of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. All enquiries, complaints, or requests to exercise legal rights in connection with this Policy should be directed to our designated Data Protection Officer (DPO), whose contact details are provided on the Site. We may, at our discretion, designate an alternate privacy contact for specific matters, and in such cases, any reference to the DPO in this Policy shall be construed accordingly.

3 — Nature and Categories of Personal Data Collected

In the course of conducting our legitimate business operations, we may collect, process, store, and use various categories of personal data. Such data may include, but is not limited to, the following: identity information such as full name, title, date of birth and government-issued identification; contact details including residential or business addresses, email addresses, and telephone numbers; professional and employment-related information including job title, employer name, credentials, qualifications and regulatory registrations; financial and transactional data including account details, payment methods, trading records, credit assessments, and other financial particulars necessary for the performance of a contract or the fulfilment of legal obligations; technical data automatically collected through your interaction with the Site including Internet Protocol (IP) addresses, device identifiers, browser type, system configuration, time zone, and user behaviour metrics; communications data including correspondence, call recordings, meeting notes and internal memoranda; and, in limited circumstances, special category data such as nationality, citizenship, or government-issued identity documentation where such data is necessary for compliance with anti-money-laundering (AML), counter-terrorist financing, or sanctions screening obligations. We shall at all times ensure that the collection and processing of personal data are necessary, proportionate, and justified in accordance with applicable law, and that no personal data is retained or processed beyond the scope of the legitimate purpose for which it was initially collected.

4 — Lawful Bases for Processing

All processing of personal data by Longshanks Trading is conducted strictly in accordance with the lawful bases set out in Article 6 of the UK GDPR. These bases may include processing necessary for the performance of a contract to which the data subject is party or to take pre-contractual steps at the request of the data subject; processing required for compliance with legal or regulatory obligations to which we are subject; processing necessary for the pursuit of our legitimate business interests, including but not limited to the administration and management of our affairs, fraud prevention, cybersecurity, marketing, business development and the enforcement of legal rights; and, in some instances processing undertaken based on the data subject’s explicit consent. Where consent constitutes the lawful basis, such consent will be requested clearly and recorded. It may be withdrawn by the data subject at any time without prejudice to the lawfulness of processing before withdrawal. Longshanks Trading does not rely on consent where another lawful basis is more appropriate or more consistent with the underlying purpose of processing.

5 — Purpose of Processing and Use of Data

Personal data collected by Longshanks Trading is processed for multiple legitimate business purposes. These purposes include, without limitation, the provision and administration of our Services; the execution of client mandates and transactions; client onboarding, KYC, and AML procedures; internal accounting, billing and reconciliation; management of our professional relationships with clients, suppliers and counterparties; compliance with statutory and regulatory obligations; internal governance, audit, and risk management; the detection, investigation and prevention of fraud, security incidents, and other unlawful activities; the maintenance and improvement of our Site, IT infrastructure and cybersecurity posture; the recruitment, evaluation and management of personnel; and the conduct of marketing, promotional and business development activities consistent with applicable data protection and e-privacy laws. We process personal data solely for the specific purposes for which it was collected, or for any compatible purpose permitted by law. Any further processing that is materially different, incompatible, or inconsistent with the original purpose shall be undertaken only where legally allowed and, where necessary, with appropriate notice to affected data subjects.

6  Cookies, Tracking Technologies, and Analytics

Longshanks Trading employs cookies and similar technologies, such as pixels, tags, web beacons, and local storage, for the dual purposes of enabling the functional operation of the Site and improving the overall quality, performance, and security of the user experience. Certain cookies are strictly necessary for the Site to operate correctly, while others serve analytical, functional, or marketing purposes. Users can exercise control over cookie usage through their browser settings or the consent management mechanisms available on the Site; however, turning off specific categories of cookies may impair functionality or restrict access to particular features. We may employ third-party analytics providers who collect anonymised or pseudonymised usage data to assist in understanding Site performance and user engagement. All such processing is undertaken under written agreements that restrict use of data to the purposes specified by Longshanks Trading and require appropriate safeguards in accordance with data protection law.

7 — Disclosure and Sharing of Personal Data

Longshanks Trading may disclose personal data to third parties in limited and controlled circumstances consistent with this Policy and applicable law. Such recipients may include third-party service providers engaged to deliver operational, technical, administrative or professional support services on our behalf; financial institutions, auditors, legal counsel, and professional advisors involved under confidentiality obligations; regulatory bodies, governmental authorities, courts and law enforcement agencies where disclosure is compelled or permitted by law; and counterparties or advisers in connection with mergers, acquisitions, restructurings, financing transactions or similar corporate events, subject always to appropriate confidentiality undertakings and data protection safeguards. We do not sell, lease, or otherwise monetise personal data. We require all third-party recipients to process personal data strictly in accordance with our instructions, to maintain appropriate technical and organisational security measures, and to refrain from using personal data for their own purposes unless expressly authorised by law or by the data subject’s consent.

8 — International Transfers of Personal Data

In some instances, the processing or storage of personal data may involve transfer to countries outside the United Kingdom. Where such transfers occur, and where the destination jurisdiction has not been deemed to provide an adequate level of data protection by the UK Government, Longshanks Trading will implement appropriate safeguards consistent with Chapter V of the UK GDPR. These safeguards may include the execution of Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO), the adoption of binding corporate rules, or reliance on another lawful transfer mechanism recognised under UK law. We maintain internal procedures to ensure that all cross-border data transfers are assessed for legal adequacy and that the rights of data subjects are preserved irrespective of the jurisdiction to which their data is transferred.

9 — Data Retention and Destruction

Longshanks Trading retains personal data only for such period as is necessary to fulfil the purposes for which it was collected, to comply with statutory or regulatory retention requirements, to preserve legal rights and defences, or to pursue our legitimate business interests. Retention periods vary according to the category of data, the nature of our relationship with the data subject, and the applicable legal or regulatory framework. Upon expiry of the relevant retention period, or once the data is no longer necessary for the purpose for which it was initially collected, we will take reasonable steps to securely delete, destroy, or anonymize the data in accordance with industry best practices and our internal retention policies. Data destruction is conducted under controlled conditions to prevent unauthorised recovery or misuse.

10 — Security and Integrity of Data

We maintain and continually update a comprehensive framework of technical, organisational, and physical safeguards designed to protect personal data from unauthorised access, accidental loss, unlawful destruction, alteration, or disclosure. These measures include encryption, access controls, intrusion detection, network monitoring, employee training, and periodic security audits.

While Longshanks Trading employs commercially reasonable measures to secure personal data, you acknowledge that no system of transmission over the internet or method of electronic storage can be guaranteed to be entirely secure. Accordingly, to the maximum extent permitted by law, we disclaim any guarantee of security, and you assume the inherent risks associated with transmitting personal data electronically.

11 — Data Subject Rights

Subject to applicable law and certain lawful exemptions, individuals whose personal data we process may be entitled to exercise various rights, including the right of access, rectification, erasure (also known as the “right to be forgotten”), restriction of processing, data portability, and objection to processing on legitimate grounds. Individuals also have the right to lodge complaints with the Information Commissioner’s Office (ICO) or another competent supervisory authority. Requests to exercise these rights must be submitted in writing to the DPO. We may require verification of identity before acting upon any request, and we reserve the right to charge a reasonable administrative fee or to refuse requests that are manifestly unfounded, excessive, or repetitive, as permitted by law.

12 — Marketing and Communications

Longshanks Trading may, from time to time, communicate with individuals about our products, services, research, or events which we believe may be of interest. Where required by law, we shall obtain prior consent before sending direct marketing communications, and we will always provide an easy and effective mechanism for opting out. Opting out of marketing communications will not affect receipt of non-promotional messages, including transactional or legally required notices.

13 — Automated Processing and Profiling

We may utilise automated systems or decision-making processes, including profiling, for purposes such as risk assessment, fraud detection, and compliance screening. Where such processing has legal or similarly significant effects on individuals, we will implement procedures to safeguard the individual’s rights, including the right to obtain human intervention, express a point of view, and contest the decision. Automated processing is conducted within a framework of accountability and oversight consistent with the UK GDPR.

14 — Children and Minors

The Site and Services are not directed toward minors under the age of eighteen. We do not knowingly collect personal data from individuals of this nature. Should we become aware that data has been inadvertently collected from a minor without appropriate consent, we shall promptly take steps to delete such data and, where applicable, notify relevant authorities.

15 — Third-Party Sites and Links

The Site may include hyperlinks, plugins, widgets, or other connections to external websites or resources operated by third parties. Such inclusion does not constitute endorsement or recommendation of those third parties or their policies. Longshanks Trading disclaims any responsibility for the privacy practices, content, or security of third-party sites. Users are strongly advised to review the privacy policies of such third parties before submitting personal data or engaging their services.

16 — Amendments and Updates to this Policy

We reserve the unfettered right, subject always to applicable law, to amend, modify, or update this Policy at any time and without prior notice, save where the modification is material or legally required to be communicated. Updated versions will be published on the Site, bearing the date of last revision. Continued use of the Site following publication of an updated Policy constitutes acceptance of the revised terms.

17 — Limitation of Liability and Indemnification

To the fullest extent permitted by applicable law, neither Longshanks Trading, nor any of its officers, directors, employees, agents, affiliates or representatives, shall be liable for any indirect, consequential, incidental, exemplary, special or punitive damages arising out of or relating to the collection, processing, use or disclosure of personal data, the operation or malfunction of the Site, or any reliance placed thereon. Nothing herein shall limit or exclude liability for death or personal injury caused by negligence, fraud, or any liability which cannot be lawfully limited. You agree to indemnify, defend, and hold harmless Longshanks Trading and its affiliates from and against any claims, losses, damages, liabilities, costs, or expenses, including reasonable legal fees, arising out of or relating to your breach of this Policy, your misuse of the Site, or your violation of applicable law.

18 — Regulatory Cooperation and Law Enforcement

Longshanks Trading cooperates fully with regulatory authorities, law enforcement agencies, and courts of competent jurisdiction, as required or permitted by law. We may disclose personal data where such disclosure is necessary to comply with legal obligations, to respond to lawful requests, or to protect our rights, property, or safety, or that of our clients, employees, or the public. All such disclosures are carefully assessed to ensure they are legitimate, proportionate, and compliant with data protection obligations.

19 — Governing Law and Jurisdiction

This Policy, and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter, shall be governed by and construed in accordance with the laws of England and Wales. Subject to any mandatory statutory provisions to the contrary, the courts of England and Wales shall have exclusive jurisdiction over all disputes arising in connection with this Policy or the processing of personal data by Longshanks Trading.

20 — Contact and Complaints

Questions, concerns, or complaints regarding this Policy or our data protection practices should be directed to our Data Protection Officer via the contact details provided on the Site. We take all complaints seriously and will investigate any reported issue diligently and in accordance with applicable law. Should you remain dissatisfied following our internal review, you retain the right to complain to the Information Commissioner’s Office (ICO), the supervisory authority responsible for data protection oversight in the United Kingdom.

21 — Severability and Interpretation

Suppose any provision or part of this Policy is held to be invalid, illegal, or unenforceable by a court or regulator of competent jurisdiction. In that case, such provision shall be severed to the extent of its invalidity without affecting the remaining provisions, which shall continue in full force and effect. Headings, titles, and numbering are for convenience only and shall not affect interpretation. In construing this Policy, no presumption shall arise against the drafter.

22 — Acknowledgement and Acceptance

By continuing to access the Site, engage our Services, or otherwise communicate with Longshanks Trading, you confirm that you have read this Policy in its entirety, that you understand its terms, and that you consent to the collection and processing of your personal data as described herein, where such consent is the lawful basis for processing. This Policy is intended to articulate the principles underpinning Longshanks Trading’s steadfast commitment to data protection, transparency, and accountability in compliance with applicable UK and international law. Should you require further information, including details of specific contractual safeguards used in connection with international transfers, or clarification of any provision contained herein, you are invited to contact our Data Protection Officer at the address published on our Site.