Baronial Business Bureau Ltd

Privacy Policy

Last updated: 29 May 2026 · UK Company No. 16814877

1. Who We Are

Baronial Business Bureau Ltd ("the Company", "we", "us") is a private limited company incorporated in England and Wales (Company No. 16814877). We are the data controller for information collected through this website and shareholder portal. Contact: chief@baronialbureau.com

2. What Data We Collect

  • Identity data: Full name, date of birth, nationality (collected during KYC/AML verification).
  • Contact data: Email address, telephone number, postal address.
  • Financial data: Share class, number of shares, dividend payment records, cryptocurrency wallet addresses.
  • Technical data: IP address, browser type, device type, login timestamps, session data.
  • Communications: Content of enquiries submitted via the contact form or email.
  • Cookie data: Cookie preferences and analytics (where consented).

3. How We Use Your Data

We process personal data under the following lawful bases (UK GDPR Article 6):
  • Contract performance: Managing your shareholding, processing dividend distributions, and operating the shareholder portal.
  • Legal obligation: KYC/AML compliance under the Proceeds of Crime Act 2002, Money Laundering Regulations 2017, and Companies Act 2006.
  • Legitimate interests: Securing and maintaining our systems, fraud prevention, and internal analytics.
  • Consent: Analytics cookies (only where you have given explicit consent).

4. Data Sharing

We do not sell your personal data. We may share data with:
  • Regulated KYC/AML verification providers (acting as processors).
  • HMRC and Companies House where required by law.
  • Our hosting and infrastructure providers (Vercel, Supabase) under data processing agreements.
  • Professional advisors (solicitors, accountants) bound by confidentiality.

5. Data Retention

We retain shareholder records for a minimum of 7 years following the end of the shareholder relationship, as required by UK company law and HMRC regulations. Contact enquiries are retained for 2 years. You may request earlier deletion where legally permissible.

6. Your Rights (UK GDPR)

You have the right to: access your personal data; correct inaccurate data; request erasure (where no legal obligation to retain exists); restrict or object to processing; data portability; and withdraw consent at any time. To exercise any right, email chief@baronialbureau.com. You also have the right to lodge a complaint with the ICO at ico.org.uk.

7. Cookies

We use the following types of cookies:
  • Strictly necessary: Authentication tokens, CSRF protection, session management. These cannot be disabled.
  • Functional: Remembering your preferences and settings.
  • Analytics (optional): Anonymous usage data. Only set with your consent. No personal data is included.
You can manage cookie preferences at any time via the cookie banner or by clearing your browser storage.

8. International Transfers

Some of our processors (Vercel, Supabase) operate infrastructure in the United States. All transfers are governed by Standard Contractual Clauses approved by the UK ICO, ensuring equivalent protection to UK GDPR.

9. Security

We implement appropriate technical and organisational measures including TLS encryption, access controls, JWT-secured authentication, and regular security reviews. However, no transmission over the internet is 100% secure.

10. Changes to This Policy

We may update this policy from time to time. We will notify registered shareholders of material changes by email. The "last updated" date at the top of this page will always reflect the most recent version.
← Back to HomeTerms & Conditions →