Privacy and Policy
1. Introduction
This Privacy Policy describes how Bancorro Capital Ltd (“Bancorro”, “we”, “our”, “us”), a company incorporated in British Columbia, Canada (Registration No. BC1335108) with its registered address at 13353 COMMERCE PARKWAY, UNIT 2353 RICHMOND BC V6V 3A1 CANADA, collects, uses, discloses, and safeguards personal data when individuals interact with our website www.bancorro.com, client portals, communication channels, or other services (collectively, the “Services”).
This Policy is designed to ensure compliance with the General Data Protection Regulation (GDPR), UK GDPR, the Swiss Data Protection Act (FADP), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and other applicable privacy frameworks. It applies to clients, corporate representatives, beneficial owners, business partners, and website visitors worldwide.
2. Data Controller
Bancorro Capital Ltd is the data controller for personal data collected through its Services. In limited circumstances where Bancorro acts solely on a client’s documented instructions, it may act as a data processor under a written Data Processing Agreement (DPA). Both Bancorro and its clients are independent controllers for their respective data processing activities under applicable laws.
3. Scope and Definitions
4. Data We Collect
We may collect the following categories of personal data:
5. Sources of Data
We obtain personal data:
6. Purpose and Legal Basis
We process personal data for the following purposes:
7. Data Sharing and Disclosure
We share personal data only as necessary:
8. International Data Transfers
Bancorro operates globally. Personal data may be transferred to and processed in countries outside your residence. Transfers are safeguarded by mechanisms such as Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA), or equivalent safeguards.
9. Data Retention
We retain personal data for as long as necessary to meet the purposes described above and to satisfy regulatory retention periods. Records related to AML/CTF compliance are retained for 5–10 years following the end of the business relationship.
10. Security and Organizational Measures
Bancorro applies technical and organizational safeguards including:
11. Rights of Individuals
Depending on your jurisdiction, you may have rights to:
Requests may be sent to privacy@bancorro.com.
12. Cookies and Tracking
Our website uses essential and analytics cookies. You can disable non‑essential cookies through your browser. Details are available in our Cookie Notice.
13. Automated Processing
Bancorro may use automated systems for AML screening, fraud detection, or transaction monitoring. Such processing is lawful under obligations to prevent financial crime.
14. Accountability and Governance
Bancorro maintains internal privacy governance programs, conducts regular data protection impact assessments (DPIAs), and reviews vendor compliance to ensure ongoing adherence to privacy obligations.
15. Complaints and Supervisory Authorities
If you believe your personal data rights have been violated, you may contact Bancorro’s Data Protection Contact at privacy@bancorro.com or your competent supervisory authority. For EEA/UK/CH residents, this may include your local data protection authority. For Canadian clients, the Office of the Privacy Commissioner of Canada.
16. Updates
We may update this Policy periodically. Updates will be posted on www.bancorro.com with the effective date indicated below.
Effective Date: 15 October 2025
17. Contacts
For questions about this Policy, please contact:
Bancorro Capital Ltd
1095 McKenzie Avenue, Suite 300, Victoria, British Columbia
V8P 2L5, Canada
Email: privacy@bancorro.com
Website: www.bancorro.com
This Privacy Policy describes how Bancorro Capital Ltd (“Bancorro”, “we”, “our”, “us”), a company incorporated in British Columbia, Canada (Registration No. BC1335108) with its registered address at 13353 COMMERCE PARKWAY, UNIT 2353 RICHMOND BC V6V 3A1 CANADA, collects, uses, discloses, and safeguards personal data when individuals interact with our website www.bancorro.com, client portals, communication channels, or other services (collectively, the “Services”).
This Policy is designed to ensure compliance with the General Data Protection Regulation (GDPR), UK GDPR, the Swiss Data Protection Act (FADP), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and other applicable privacy frameworks. It applies to clients, corporate representatives, beneficial owners, business partners, and website visitors worldwide.
2. Data Controller
Bancorro Capital Ltd is the data controller for personal data collected through its Services. In limited circumstances where Bancorro acts solely on a client’s documented instructions, it may act as a data processor under a written Data Processing Agreement (DPA). Both Bancorro and its clients are independent controllers for their respective data processing activities under applicable laws.
3. Scope and Definitions
- “Personal Data” means any information relating to an identified or identifiable natural person.
- “Processing” means any operation performed on personal data such as collection, storage, use, disclosure, or deletion.
- “Data Subject” refers to an individual whose personal data is processed.
- “Controller” and “Processor” have meanings under GDPR and PIPEDA as applicable.
4. Data We Collect
We may collect the following categories of personal data:
- Identification data (name, date/place of birth, nationality, gender, ID/passport details, signatures, photographs, video KYC);
- Contact information (email, phone, address, messenger IDs);
- Financial and transactional information (bank details, payments, invoices, transaction history);
- KYC/AML compliance data (source of funds, occupation, corporate structure, beneficial ownership, sanctions screening results);
- Technical and usage data (IP address, device identifiers, cookies, browser, logs);
- Communication records (emails, chats, recorded calls where permitted).
5. Sources of Data
We obtain personal data:
- Directly from you during onboarding and service use;
- From corporate clients providing data of their representatives;
- From public registers, sanctions lists, and government databases;
6. Purpose and Legal Basis
We process personal data for the following purposes:
- To perform contractual obligations and provide services;
- To comply with legal and regulatory requirements (AML/CTF, tax, accounting);
- To prevent fraud, abuse, or unlawful activities;
- To manage communications and improve user experience;
- To pursue legitimate business interests such as service improvement, risk management, and security compliance.
7. Data Sharing and Disclosure
We share personal data only as necessary:
- With payment processors and banking partners;
- With regulatory authorities and law enforcement when legally required;
- With service providers assisting in compliance, fraud prevention, hosting, and analytics;
- With professional advisors (lawyers, auditors, consultants).
8. International Data Transfers
Bancorro operates globally. Personal data may be transferred to and processed in countries outside your residence. Transfers are safeguarded by mechanisms such as Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA), or equivalent safeguards.
9. Data Retention
We retain personal data for as long as necessary to meet the purposes described above and to satisfy regulatory retention periods. Records related to AML/CTF compliance are retained for 5–10 years following the end of the business relationship.
10. Security and Organizational Measures
Bancorro applies technical and organizational safeguards including:
- Encryption of data in transit and at rest;
- Role‑based access control and employee confidentiality agreements;
- Regular audits, vendor due diligence, and penetration testing;
- Business continuity and incident response procedures.
11. Rights of Individuals
Depending on your jurisdiction, you may have rights to:
- Access and obtain a copy of your personal data;
- Request correction or deletion;
- Restrict or object to processing;
- Withdraw consent where processing is based on consent;
- Lodge a complaint with your local data protection authority.
Requests may be sent to privacy@bancorro.com.
12. Cookies and Tracking
Our website uses essential and analytics cookies. You can disable non‑essential cookies through your browser. Details are available in our Cookie Notice.
13. Automated Processing
Bancorro may use automated systems for AML screening, fraud detection, or transaction monitoring. Such processing is lawful under obligations to prevent financial crime.
14. Accountability and Governance
Bancorro maintains internal privacy governance programs, conducts regular data protection impact assessments (DPIAs), and reviews vendor compliance to ensure ongoing adherence to privacy obligations.
15. Complaints and Supervisory Authorities
If you believe your personal data rights have been violated, you may contact Bancorro’s Data Protection Contact at privacy@bancorro.com or your competent supervisory authority. For EEA/UK/CH residents, this may include your local data protection authority. For Canadian clients, the Office of the Privacy Commissioner of Canada.
16. Updates
We may update this Policy periodically. Updates will be posted on www.bancorro.com with the effective date indicated below.
Effective Date: 15 October 2025
17. Contacts
For questions about this Policy, please contact:
Bancorro Capital Ltd
1095 McKenzie Avenue, Suite 300, Victoria, British Columbia
V8P 2L5, Canada
Email: privacy@bancorro.com
Website: www.bancorro.com