GONRTH LTD · Last updated: 4 November 2025
At GONRTH LTD, we are committed to protecting your personal data and respecting your privacy. This Privacy Notice is intended to inform you about how we collect, use, store, and share your personal data when you apply for and use our products and services.
The purpose of this Privacy Notice is to provide you with clear and transparent information about:
GONRTH LTD acts as a Data Controller in relation to the personal data we collect. This means that we are responsible for determining the purposes and means of processing your personal data. As a Data Controller, we are legally obligated to handle your data fairly, lawfully, and securely, and to ensure that your rights under applicable data protection laws are upheld.
We encourage you to read this Privacy Notice carefully to understand how your personal data is used and protected. If you have any questions or require further information, you can contact us using the details provided at the end of this notice.
For the purposes of this Privacy Policy, the following definitions apply:
Personal Information/Personal Data means any information that can be used to identify an individual. This can include, but is not limited to, names, addresses, email addresses, phone numbers, identification numbers, location data, or online identifiers.
Data Controller means the organisation or individual that determines the purposes and means of processing Personal Data.
Data Processor means a third party that processes Personal Data on behalf of the Data Controller.
Data Subject means the individual to whom the Personal Data relates.
Consent means any freely given, specific, informed and unambiguous indication of the Data Subject's wishes by which they, by a statement or clear affirmative action, signify agreement to the processing of their Personal Data.
Data Retention means the period during which the company stores Personal Data. Once this period ends or the data is no longer necessary, the company will securely delete or anonymise the data.
Cookies and Tracking Technologies means small data files or scripts that are placed on a user's device when they visit a website.
Data Subject Rights means the legal rights individuals have under data protection law (including the UK GDPR and Data Protection Act 2018). For further details, please see Section 14.
We collect, use, store and transfer different types of personal data to enable the delivery of our products and services, to fulfil our legal obligations, and to support the ongoing improvement of our operations.
We may collect, use, store and transfer the following types of personal data:
Full name, date of birth, nationality and country of residence, gender, national identification number (e.g. passport number, driving licence number, national insurance number), and photographic ID for verification purposes.
Residential and mailing address, email address(es), phone number(s), and emergency contact details where required.
Bank account and sort code, cardholder details, salary or income data (if applicable), and credit status or affordability data where required for regulatory compliance.
Payment and transaction history, details of purchases made with your card or wallet, date, time and location of transactions, merchant names and payment channels used, and currency and exchange rate if applicable.
IP address, device ID and hardware model, operating system and browser type, login activity, access times, device settings, error logs and diagnostic data.
Username and password (encrypted), security questions and answers, language and communication preferences, service and product preferences, and account activity and history.
Features used within our app or website, clickstream and navigation patterns, time spent on specific pages or sections, and interaction with customer service features.
Marketing preferences (e.g. email, SMS, phone), subscription status to newsletters or campaigns, open rates and click throughs on marketing emails, and communication history with our marketing or customer service teams.
Generally, we do not collect "special category" personal data (such as health information, biometric data, political or religious beliefs). If we ever need to collect such data, we will only do so where strictly necessary and with your explicit consent or as required by law.
We collect your personal data through a variety of methods. Much of the data is provided directly by you when you apply for a service, register an account, or complete forms during our onboarding or identity verification processes. You may also provide information when you communicate with us, such as through emails, phone calls, online chat, or when submitting feedback or complaints.
We also collect data automatically when you interact with our digital platforms. This includes technical and usage data gathered through cookies, analytics tools, log files, and other tracking technologies used to enhance your experience and improve our services.
In some cases, we may obtain personal data from third party sources. These may include identity verification providers, payment processors, credit reference agencies, fraud prevention services, and public databases. We only use such sources where appropriate and lawful, and in accordance with this Privacy Policy.
By collecting this data, we aim to provide you with secure, compliant, and user friendly services. If you choose not to provide certain types of personal data, we may be unable to offer you access to some of our products or services.
We use your personal data only where it is lawful to do so and for specific, clear purposes. The ways in which we use your data depend on your relationship with us and how you interact with our products and services.
Primarily, we use your personal data to provide you with access to our services and to perform our contract with you. This includes verifying your identity and processing applications securely. We also use your data to communicate with you about your account, including providing service updates, responding to your enquiries, and delivering important notifications.
Your data is used to help us comply with legal and regulatory obligations, such as anti money laundering (AML), counter terrorist financing (CTF), fraud prevention, tax reporting, and other statutory requirements.
We may use technical, usage, and profile data to monitor, analyse, and improve the functionality, security, and performance of our services.
Where you have given your consent or where we have a legitimate interest, we may use your personal data to send you marketing communications about our products, services, promotions, or updates. You have the right to opt out of receiving marketing at any time.
In certain cases, we may process your data for internal business and operational purposes, such as auditing, reporting, staff training, research, or system testing.
We will not use your personal data for any purpose that is incompatible with the reasons for which it was originally collected, unless we are required or permitted to do so by law.
We may share your personal data with carefully selected third parties, only where necessary to deliver our services, comply with legal obligations, or where we have a legitimate business interest. We ensure that any sharing is done in a secure, controlled, and lawful manner.
We work with trusted third party service providers who perform functions on our behalf, such as payment processors, cloud storage providers, and IT support. These providers are contractually obligated to keep your data secure and confidential.
In the course of processing transactions, we may share relevant data with banks and other financial institutions involved in authorising or settling payments.
We may disclose your personal data when required to do so by law or regulatory obligations.
We may share your data with legal, tax, audit, or other professional advisors where necessary.
If we are involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be shared with prospective buyers or business partners, subject to appropriate data protection obligations.
We do not sell your personal data to third parties. In cases where we need to transfer personal data to countries outside the UK or the European Economic Area (EEA), we ensure that appropriate safeguards are in place.
We process your personal data for a variety of legitimate and lawful purposes:
We process your data to assess and manage your application, verify your identity, set up your account, process transactions, and provide ongoing customer support.
This includes compliance with anti money laundering (AML) and counter terrorist financing (CTF) regulations, fraud detection and prevention, sanctions screening, and tax reporting.
We use your data to contact you regarding important updates to our services, your account status, changes to our terms or policies, or to respond to your enquiries.
We process technical and usage data to analyse how our services are accessed and used, helping us improve design, performance, security, and functionality.
We may process data to detect, prevent and investigate fraudulent or suspicious activity, account misuse, or unauthorised access to our systems.
If you have opted in or where we have a legitimate interest, we may use your data to inform you about products, services, or promotions. You can opt out at any time.
We may use your data to support internal business functions such as audits, record keeping, staff training, research, or data analytics.
We only process your personal data where we have a lawful basis to do so.
We collect personal information from a variety of sources:
Directly from you when you:
Automatically when you interact with our digital platforms, including device and browser information, IP address, usage patterns, activity logs, and cookies.
From external sources including identity verification providers, credit reference agencies, financial institutions, regulatory or public databases, and marketing partners where you have consented to share your information.
We only collect data from third parties where it is necessary, relevant, and lawful to do so.
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse website traffic, and support the functionality and security of our services.
Cookies are small text files placed on your device when you visit a website. They allow us to recognise your device, remember your preferences, and understand how you interact with our content.
We may use the following types of cookies:
When you first visit our website, you will be presented with a cookie banner giving you the option to accept or reject non essential cookies. You may update your preferences at any time. Disabling some types of cookies may impact the functionality and user experience of our website.
In some cases, we may transfer your personal data to countries outside the United Kingdom (UK) or the European Economic Area (EEA). Whenever your personal data is transferred internationally, we ensure that an adequate level of protection is maintained in accordance with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.
We will only transfer your personal data to countries that have been formally recognised as providing an adequate level of data protection, or where we have put in place appropriate safeguards. We also require all third parties involved in such transfers to process your data securely and only in accordance with our instructions.
We take the security of your personal data seriously and implement appropriate technical and organisational measures to safeguard the confidentiality, integrity, and availability of your data. These measures include:
We also require our third party service providers to implement appropriate security measures. While we take all reasonable steps to protect your data, no system is entirely secure and we cannot guarantee absolute security. If you believe your personal data may have been compromised, please contact us immediately.
We may use your personal data to send you direct marketing communications about our services, offers, or promotions that we believe may be of interest to you.
We will only send marketing communications if we have your consent or a lawful basis to do so. You have the right to opt out at any time by:
Even if you opt out of marketing, we may still contact you with important service related or account related information. We do not sell or share your personal data with third parties for their own marketing purposes.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to provide you with our services, to meet legal, regulatory, tax, accounting, or reporting obligations, and to resolve disputes or enforce our agreements.
Where we are required by law to retain certain types of information (such as financial transaction data or identity verification records), we will do so for the duration required by relevant legislation. For example, anti money laundering laws may require us to retain certain records for five years or more after the end of the customer relationship.
When your personal data is no longer needed, we will ensure that it is either securely deleted, anonymised, or archived in a way that restricts access and prevents further processing. We regularly review our data retention practices.
If you have any questions, concerns, or complaints regarding how we collect, use, store, or share your personal information, please contact us:
Email: hello@gonrth.co
We will acknowledge and investigate all queries and complaints without undue delay.
If you are not satisfied with our response, you have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO).
Under data protection law, you have several important rights regarding the personal data we hold about you:
To exercise any of these rights, please contact us using the details above. We may need to verify your identity before processing your request.
We aim to respond to all legitimate requests within one month, though complex requests may take longer. If we are unable to comply, we will explain the reasons and inform you of your right to lodge a complaint with the ICO.
GONRTH LTD is a company registered in England and Wales (Company No. 16286129).
Registered office: 3rd Floor, 86 to 90 Paul Street, London EC2A 4NE.
© 2026 NRTH
© 2026 NRTH. All rights reserved.
NRTH is a trading name of GONRTH Ltd, registered in England and Wales under company number 16286129. Registered office: 3rd Floor, 86–90 Paul Street, London, EC2A 4NE, United Kingdom. Payment services available through the NRTH platform are delivered by authorised third-party providers. See our Regulatory Information page for further details.
