November 4, 2025
At Shard Capital, we take your privacy seriously. This privacy notice explains the personal information (referred to as “personal data” in this notice) we collect about you, how we use it, who we share it with and your rights.
“Shard Capital” is a collective name we use for our businesses listed below. Each business is a separate legal entity and is responsible for the data it processes. When we say “we”, “us” or “our”, we mean the Shard Capital business you deal with. This notice covers:
If you are applying for a role at Shard Capital, please see our Candidate Privacy Notice.
We collect different types of personal information depending on the services we provide you. This can include:
Much of this information is collected in compliance with our duties under FCA rules. If you choose not to provide the information required, we may not be able to provide the requested product or service.
If you provide us with personal data relating to a third party (e.g., spouse, children, parents, employees) or ask us to share their personal data with third parties, you confirm they understand the information in this notice.
We obtain personal data through your use of our services or other dealings with us including through the account opening process, enquiry forms, and ongoing correspondence. We may also collect personal data from:
We may record communications with you including email, telephone, in-person or otherwise, in line with FCA record-keeping obligations. Telephone conversations may be recorded without a warning tone. Office visits may be captured by CCTV.
| What we do | Why we do it | Legal basis |
|---|---|---|
| Provide and manage your account and services | To deliver the products and services you have asked for | Contract; legitimate interests (to ensure well-managed client accounts and protect our business and clients) |
| Check your identity, run AML, sanctions and PEP checks and confirm source of wealth/funds | To comply with the law and protect against financial crime | Legal obligation; public interest |
| Assess your suitability and categorise you as a client (e.g., retail, professional) | To meet our obligations under FCA rules | Legal obligation |
| Keep records and report to regulators and tax authorities (including CRS/FATCA) | Because we are required to do so by law | Legal obligation |
| Respond to enquiries or complaints | To provide a high standard of client service | Contract; legitimate interests |
| Monitor calls, emails and meetings | For training, recordkeeping, and to meet FCA requirements | Legal obligation; legitimate interests |
| Prevent fraud and keep your money and information secure | To protect you, us, and the financial system | Legal obligation; legitimate interests |
| Improve our products and services | To develop our business responsibly | Legitimate interests |
| Send you marketing about our services | To keep you informed of relevant opportunities | Consent (for individuals, unless soft opt-in applies); legitimate interests (for corporates) |
| Use health or other sensitive information | To support you or manage complaints | Consent; substantial public interest |
| Use information about criminal offences | To meet AML and fraud prevention duties | Legal obligation; substantial public interest |
We may ask for permission to collect and use certain types of personal data when required by law (for example, when we process sensitive personal data or place cookies). If we ask for permission to process your personal data, you may refuse or withdraw your permission at any time using the contact details at the end of this notice or, for cookies, via the consent tool on our website.
We will never sell your personal data. Depending on the service you use, we may share your information with:
We would usually supply aggregated data to tax authorities. We may be required by law or regulation to share information about your accounts with relevant tax authorities, either directly or through the local tax authority, which may in turn share that information with other appropriate authorities. If we need extra documents or information from you, you must provide them; otherwise, we may need to close your account or withhold parts of certain payments and pass them to the relevant authorities.
Where you (or an authorised third party acting for you) ask us to share personal data with other providers (for example, payment initiation or account information services), we will have no control over how they use it. You should check their privacy information before proceeding. In the UK, you can verify authorisation on the FCA register.
We do not make decisions solely by automated means that have legal or similarly significant effects. Some checks (e.g., sanctions screening, fraud alerts, credit scoring) use automated tools. Where this could affect you, a staff member will review the result and you may request human intervention.
We hold personal data in secure electronic and physical systems and take steps to protect it from misuse, loss, unauthorised access, modification or disclosure. When personal data is no longer needed, we remove identifiers or securely destroy records. However, we may need to retain records to meet regulatory obligations. For example:
Where you have opted out of marketing, we will hold your email address on a suppression list.
Our services are designed for adults. We do not knowingly provide services directly to children. If we process data about children or vulnerable persons (for example in trusts), we take additional steps to safeguard it.
Different Shard Capital businesses may act for clients with competing interests. We maintain information barriers and strict policies to prevent inappropriate sharing of information across business areas, in line with FCA rules.
To keep your data safe, we use a combination of technical, physical and organisational measures. These include:
| Right | What it means |
|---|---|
| Access | Get a copy of the data we hold about you |
| Rectification | Correct inaccurate or incomplete data |
| Erasure | Ask us to delete data when it is no longer needed |
| Restriction | Limit how we use your data in certain cases |
| Objection | Object to processing, particularly for marketing |
| Portability | Ask us to send your data to you or another provider (where applicable) |
| Withdraw consent | Stop processing where consent is the basis |
Your ability to exercise these rights will depend on a number of factors and in some instances we will not be able to comply with your request. For more information, contact compliance@shardcapital.com.
Your personal data may be stored in and transferred to countries outside the United Kingdom (UK) or European Economic Area (EEA), for example where our data centres and third‑party service providers are located. Where we make such transfers, we ensure your personal data has an appropriate level of protection and that the transfer complies with applicable legal requirements, including through adequacy decisions and standard contractual clauses.
Our sites may contain links to and from the websites of our partner networks, advertisers and affiliates. These websites have their own privacy notices and we are not responsible for their content or practices. Please check their notices before submitting personal data.
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant, be transferred along with that part and the new owner or controlling party may use that data only for the purposes for which it was originally collected.
If you have a concern about any aspect of our privacy practices, please contact us via compliance@shardcapital.com. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). See ico.org.uk/concerns or call 0303 123 1113.
We reserve the right to update this Notice to reflect any legal changes or changes to the way in which we process your personal data. The updated Notice will be published on our website and comes into effect at the time of publication.