Privacy Notice

Chasquis Limited (trading as Chasq, “we”, “us”, “our” and “ours”) is a financial technology company providing managed finance platform services. We are registered in England and Wales as a limited company under number: 17027569 and our registered office is at 71-75 Shelton Street, London, United Kingdom, WC2H 9JQ.

This notice will tell you how we look after your personal data, about your privacy rights, and about our compliance with and your protections under Data Protection Legislation.

In this notice “Data Protection Legislation” means any applicable law relating to the processing, privacy, and use of Personal Data, including the Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended by The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2020.

For the purpose of the Data Protection Legislation and this notice, we are the ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you.

We have appointed a Data Protection Officer. Our Data Protection Officer is our Data Protection Point of Contact. Should you wish to contact our Data Protection Point of Contact you can do so using the contact details noted at the section, Contact Us, below.

The information we hold about you may include the following:

• your personal details (such as your name, job title, and/or address);
• your account credentials and authentication information;
• details of contact we have had with you in relation to the provision, or the proposed provision, of our services;
• details of any services you have received from us, including platform usage data and activity logs;
• our correspondence and communications with you;
• information about any complaints, enquiries, and support requests you make to us;
• technical information such as IP addresses, browser type, device identifiers, and access timestamps;
• information from research, surveys, and marketing activities.

Important note regarding customer financial data: In the course of providing our platform services, we may process financial data belonging to or provided by our customers. Where we process such data on behalf of our customers, we act as a ‘data processor’ and process that data only in accordance with our customers’ instructions and the terms of our service agreement.

We obtain your personal data directly from you when:

• you register for an account on our platform or request a demonstration;
• you request a proposal from us in respect of the services we provide;
• you engage us to provide our services and also during the provision of those services;
• you use our platform, including through automated data collection technologies such as cookies, server logs, and analytics tools;
• you contact us by email, telephone, post, or social media.

We may also obtain your personal data indirectly:

• from our client or your employer when they engage us to provide services;
• from third-party integrations and connected financial systems where authorised by our clients;
• from third parties and/or publicly available resources (for example, from Companies House or LinkedIn).

We may process your personal data for purposes necessary for the performance of our contract with you or your employer, our clients, and to comply with our legal obligations.

We may also process your personal data for the purposes of our own legitimate interests provided that those interests do not override any of your own interests, rights, and freedoms.

Situations in which we will use your personal data:

• provide, maintain, and improve our platform and services;
• carry out our obligations arising from any agreements entered into between you (or your employer) and us;
• carry out our obligations arising from any agreements entered into between our clients and us;
• provide technical support and respond to your enquiries;
• provide you with information related to our services, product updates, and our events;
• notify you about any changes to our services, terms, or policies;
• monitor platform usage, performance, and security;
• analyse usage patterns and trends to improve our platform and develop new features.

Data retention: We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.

Change of purpose: Where we need to use your personal data for a reason other than the purpose for which we originally collected it, we will only use your personal data where that reason is compatible with the original purpose.

Our platform and website use cookies and similar technologies. We use:

• Strictly necessary cookies: Required for the operation of our platform.
• Analytical/performance cookies: Allow us to recognise and count visitors and see how they move around our platform.
• Functionality cookies: Used to recognise you when you return to our platform.

You can set your browser to refuse all or some cookies.

We will share your personal data with third parties where we are required by law or where we have a legitimate interest in doing so. Third-party service providers include: cloud hosting and infrastructure services, IT and security services, professional advisory services, analytics services, marketing services, payment processing services, and banking services.

Sub-processors: Where we act as a data processor on behalf of our clients, we may engage sub-processors to assist in providing our platform services.

We may transfer limited personal data outside of the UK. The UK has adequacy regulations in place for the EU and certain other jurisdictions.

Where data is transferred to a country that does not benefit from an adequacy decision, we will ensure that appropriate safeguards are implemented, such as standard contractual clauses approved by the ICO.

Further details at ico.org.uk.

We have put in place commercially reasonable and appropriate security measures including encryption of data in transit and at rest, access controls, regular security assessments, and monitoring.

We limit access to your personal data to those with a business need to know.

We have procedures to deal with any suspected data security breach.

Your rights include: Request access, Request correction, Request erasure, Object to processing, Request restriction, Request transfer.

Contact the Data Protection Point of Contact at info@chasq.com to exercise your rights.

No fee required to access your personal data.

You may withdraw your consent for specific processing at any time by emailing info@chasq.com.

Any changes will be provided via an updated privacy policy on our website.

This privacy notice was last updated on 2 March 2026.

Email: info@chasq.com

ICO contact details: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113 (local rate) or 01625 545 745

Website: ico.org.uk/concerns