Public launch expected Early 2026Read more
Login

Last updated: December 2025

1. Introduction

Merrin Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance automation platform and related services.

We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

Merrin Ltd is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us at [email protected].

3. Information We Collect

Information you provide to us:

  • Account information (name, email address, password)
  • Company information (company name, FCA reference numbers, business details)
  • Staff information (names, roles, qualifications, training records)
  • Compliance documentation and records you upload
  • Communications with us (support requests, feedback)

Information collected automatically:

  • Device and browser information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • Cookies and similar technologies (see our Cookie Policy)

We process your personal data on the following legal bases:

  • Contract: Processing necessary for the performance of our contract with you
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services and preventing fraud
  • Legal obligation: Processing necessary to comply with our legal obligations
  • Consent: Where you have given consent for specific processing activities

5. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send you technical notices, updates, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyse trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities
  • Comply with legal and regulatory requirements

6. Data Sharing and Disclosure

We may share your information with:

  • Service providers: Third parties who perform services on our behalf (hosting, analytics, customer support)
  • Professional advisers: Lawyers, accountants, and auditors where necessary
  • Regulators and authorities: The FCA, ICO, or other authorities when required by law
  • Business transfers: In connection with any merger, acquisition, or sale of assets

We do not sell your personal data to third parties.

7. International Transfers

Your information may be transferred to, and processed in, countries other than the United Kingdom. Where we transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO.

8. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, regulatory, accounting, or reporting requirements. Compliance records may be retained for a minimum of six years in accordance with FCA requirements.

9. Your Rights

Under UK data protection law, you have the following rights:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data in certain circumstances
  • Right to restrict processing: Request limitation of processing in certain circumstances
  • Right to data portability: Request transfer of your data in a machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Rights related to automated decision-making: Not be subject to solely automated decisions with legal effects

To exercise any of these rights, please contact us at [email protected].

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption, access controls, and regular security assessments. However, no method of transmission over the internet is 100% secure.

11. Cookies

We use cookies and similar tracking technologies to collect and use personal information about you. For more information about the types of cookies we use and how to manage them, please see our Cookie Policy.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

13. Complaints

If you have concerns about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: [email protected]
Merrin Ltd
United Kingdom