Privacy Policy

Last updated: May 28, 2026

1. Introduction

This Privacy Policy explains how FinTech Intelligence Ltd (“Address to ISO20022”, “we”, “our”, or “us”) collects, uses, and protects personal data when you use https://address-to-iso20022.com and related services.

2. Roles Under Data Protection Law

For account, billing, and website-related data, we act as a data controller.

When customers submit address-related data through the Service, customers act as data controllers and Address to ISO20022 acts as a data processor processing data solely on behalf of customers and in accordance with customer instructions.

3. Information We Collect

3.1 Information You Provide

We may collect:

  • Account information such as name and email address
  • Billing and subscription information
  • Support communications
  • Address-related data submitted through the API

3.2 Automatically Collected Information

We may collect:

  • IP addresses
  • Request metadata
  • Usage statistics
  • Device and browser information
  • Authentication and security logs
  • Cookie and session data

We use Vercel Web Analytics, a cookieless, privacy-friendly service, to collect aggregate page-view metrics on our public pages.

4. How We Use Information

We use personal data to:

  • Provide and operate the Service
  • Authenticate users and secure accounts
  • Process payments and subscriptions
  • Prevent fraud and abuse
  • Monitor performance and reliability
  • Respond to support requests
  • Comply with legal obligations

We do not sell personal data.

We do not use customer-submitted address data to build advertising profiles or unrelated commercial datasets.

Unless explicitly agreed in writing, customer-submitted personal data is not used to train general-purpose artificial intelligence or machine learning models.

5. Legal Bases for Processing

Where UK GDPR or EU GDPR applies, we process personal data under the following legal bases:

  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate interests, including security, fraud prevention, and service reliability
  • Consent, where required by law

6. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.

Address data submitted through the API is processed transiently and is not permanently stored except where reasonably necessary for:

  • Security monitoring
  • Fraud prevention
  • Service debugging and reliability
  • Billing disputes
  • Legal compliance

Security and application logs may be retained for up to 90 days.

Billing and accounting records may be retained for up to 7 years where required by law.

7. Data Sharing and Sub-processors

We may share personal data with trusted service providers that support operation of the Service, including:

  • Hosting and infrastructure providers
  • Content delivery and security providers
  • Payment processors
  • Monitoring and analytics providers
  • Customer support providers

Current sub-processors may include:

  • Cloudflare
  • Vercel
  • Stripe
  • Google
  • Hetzner

Sub-processors are contractually required to protect personal data appropriately.

8. International Data Transfers

Personal data may be transferred to countries outside the United Kingdom or European Economic Area.

Where required, we implement appropriate safeguards, including:

  • European Commission Standard Contractual Clauses (SCCs)
  • UK International Data Transfer Addendum (IDTA)
  • Adequacy decisions
  • Other lawful transfer mechanisms

9. Security Measures

We implement appropriate technical and organizational measures designed to protect personal data, including:

  • Encryption in transit using TLS/HTTPS
  • Access controls and authentication
  • Logging and monitoring
  • Role-based access restrictions
  • Vulnerability management processes

No method of transmission or storage is completely secure.

10. Your Rights

Depending on applicable law, you may have rights to:

  • Access personal data
  • Correct inaccurate information
  • Delete personal data
  • Restrict or object to processing
  • Request portability of personal data
  • Withdraw consent where processing is based on consent
  • Lodge complaints with a supervisory authority

To exercise these rights, contact us using the details below.

11. Cookies

We use cookies and similar technologies as described in our Cookie Notice.

12. Children’s Privacy

The Service is not directed to individuals under the age of 18.

13. Changes to This Policy

We may update this Privacy Policy from time to time.

Material changes will be posted on this page with an updated “Last updated” date.

14. Contact Information

Privacy Contact

Email: privacy@address-to-iso20022.com

Address: Level39, One Canada Square, London E14 5AB, United Kingdom

Privacy Policy - Address to ISO20022 | Address to ISO 20022 API