Our Privacy Policy
About Us
The Floww Group is made up of different companies (as stated below). The Floww company providing the relevant product or service to you will be responsible for processing your personal data for that product or service and will be known as the ‘controller’ of your personal data.
There are instances where different Floww companies will act as both the ‘controller’ and the ‘processor’ in relation to your personal data. In these instances, the relevant Floww Company will process your personal data on behalf of the other Floww company.
For example, if you sign up to ‘Floww Markets’ they will act as your ‘controller’, as they determine the purposes and means of processing your personal data. Fomtech (Floww) are the owners of the platform (websites), therefore when you submit your personal data on the platform, they (Floww) will act as the ‘processor’ as they will process your data on behalf of Floww Markets.
We’ll let you know which company you have a relationship with when you provide us with your information or when we get in touch.
- Fomtech Limited trading as Floww, registered at 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN
- Floww Markets Limited registered at 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN
- Floww Pool Limited registered at 2nd Floor, 4 Matthew Parker Street, London — SW1H 9NP.
How this Privacy Policy applies to you?
This privacy policy applies to:
- Your use of our website and platform,
- Your use of our mobile application, and;
- All services available through our website, platform, and mobile application.
This privacy policy does not affect or override any privacy policy that you have in place with your firm, wealth manager(s), venture capital firm, investor, family office and / or broker (in this privacy policy, all are referred to as “firms”) or any investee company (“companies”) and therefore does not replace any privacy policy that it/they have issued to you.
Any notices or statements relating to data, data protection, fair processing and/or privacy that we may issue at the time of collecting personal data about you will supplement this privacy policy. They are not intended to override it.
We review our use of your personal data regularly. In doing so, we can change what personal data we collect, how we keep it and what we do with it. As a result, we can change this Privacy Notice from time to time to keep it relevant and up to date with legal and regulatory requirements.
We will endeavour to alert you to these changes, however we encourage you to check this privacy policy for changes whenever you visit our website or the Floww platform.
How to contact us
If you have any data related queries or questions about this privacy notice, including any requests to exercise your legal rights relating to your personal data or to make a complaint about how your personal data is being handled, please contact us here.
Our offices are located at;
2nd Floor, 4 Matthew Parker Street, London — SW1H 9NP, and;
4th Floor, Tower Point, North Rd, Brighton, Brighton and Hove, Brighton BN1 1YR.
How your personal data is collected, handled and used
How is your data collected:
We use different methods to collect personal data from and about you, such as:
Direct interactions:
1. We will collect a certain amount of your personal data from your navigation and use of our website, platform and mobile application. This includes personal data you provide, or which is generated about you, when you:
- Complete our web forms;
- Request a demonstration;
- Subscribe to our publications;
- Request marketing to be sent to you;
- Enter a competition, promotion or survey;
- Give us some feedback
2. Automated technologies or interactions: as you interact with our website and the Floww platform, we will automatically collect your Technical Data about your equipment, browsing actions and patterns and your Usage Data. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our Cookies Policy for further details.
Indirect interactions:
We may receive information about you from other Floww platform users, for example, representatives from firms or companies. In most cases, this will be where the Floww platform user has input information about you onto the Floww platform on your behalf and with your approval. If you do not wish to be contacted please let us know using by clicking this link.
Third party service providers:
We may instruct third parties to assist us to collect, handle and use your personal data on our behalf. Those third parties will carry out those activities in accordance with this privacy policy.
A description of the type of third-party service providers that we currently use and what we use them for is set out in Appendix 1. We will update this from time to time. If you would like to receive a list of the third-party providers that we use in relation to your personal data, please contact us.
Third party hyperlinks & connectors:
Our website and/or services may include links to third-party websites, plug-ins and applications. Clicking on those links, or enabling those connections, may allow third parties to collect or share data about you. We do not control these third parties and are not responsible for their data protection compliance. When you leave our website or connect to a third party from us, we encourage you to read their privacy policy or notice.
What personal data do we collect?
Personal data means any information about an individual from which that person can be identified. It does not include data where the person is no longer identifiable (anonymous data).
We will collect, use, store, share and transfer the different kinds of personal data and associated information about you which we have grouped together below.
We refer generically to that personal data and associated information in this privacy policy as “personal data”:
- Identity Data, which includes your title, first name, maiden name, last name, date of birth, gender, nationality, and job information;
- Contact Data, which includes your billing address, delivery address, email address and telephone numbers and contact details history;
- Opinions, which includes where a user of the Floww platform may have uploaded comments about potential or actual investments within the Floww platform
- Technical Data, which includes your internet protocol (IP) address, MAC address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, mobile phone location data and other technology on the devices you use to access our website and the Floww platform;
- Usage Data, which includes information about: how you use and navigate around our website and the Floww platform; answers to questions; clicks; keypress events; motion sensor events; mouse movements; scroll position; touch events; the types of, and specific ventures, assets, transactions and investments within the Floww platform that you have shown an interest in; those that you have invested in and when you have sold those investments. We will also keep records of your contact with us and any feedback and survey responses that you have submitted; and
- Marketing Data, which includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Aggregated Data, such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy; and
- Anonymised Data is data created from your personal data where your identity has been removed so that you are no longer identifiable.
What personal data we do not collect
Special category data:
We do not collect any Special Categories of Personal Data about you, which includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
Children’s data:
We do not intentionally collect personal data relating to children.
The services we offer are not directed towards Children, and we do not purposely collect personal information from or about individuals under the age of thirteen (13). In the event that we become aware or discovers that it has collected such personal information, the company shall ensure that the processing of such personal information is for a lawful and legitimate purpose. Upon the expiration or termination of the lawful and legitimate purpose, the company shall make reasonable efforts to delete and remove such personal information from its systems.
Do you have to provide the information that we have requested from you?
We require certain personal data from you if you wish to be registered on the Floww Platform. However, you do not have to provide us with this information if do not want to be registered as user.
We collect the same types of personal data from all users of our website and the Floww platform and so cannot filter what we collect from individual users.
What we do with your personal data?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests;
- Where you have provided us with your consent;
- Where it is necessary for the performance of the contract; and
- Where we need to comply with a legal or regulatory obligation.
We set out below the personal data handling activities that we carry out in respect of your personal data. We have set out our data protection personality in Section 1 (i.e. data controller or data processor) in respect of such activities and our legal justification for doing so:
- Marketing purposes – you may receive marketing communications from us via post, telephone, email or other electronic means such as via social media, paid media and other digital channels.
We will provide you with information, products or services that you request from us or which we feel may interest you. We may use your Usage Data to help ensure that this messaging is personalised and relevant to you.
- Cookies – we may also use your Technical Data to allow us to show you adverts while you are on-line that are relevant to you. Sometimes, we will use cookies to do this and you can find out more about this and how to turn off cookies by reading our Cookies Policy.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
- Promotional/Marketing communication – we may use your Identity, Contact, Technical and Usage Data to form a view on what information we think may be of interest to you.
You will receive promotional/marketing communications from us if:
- You have requested information from us;
- you are a registered user of the Floww platform;
- there is legitimate interest.
and, in each case, you have not opted out of receiving that promotion.
- Tracking activities – where you are a client of a firm, we will track, for and on behalf of that firm, when you are navigating around or using our website and the Floww platform and what you are looking at. We will provide this information (together with your Identity and Usage Data) to this firm in order for them to service their clients better.
Using Anonymised Data and in order to optimise distribution channels, we will keep track of what types of users are interested in the different ventures, investments, transactions and assets on the Floww platform; and
- Monitoring purposes – this activity refers to listening, recording, viewing, intercepting or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications between us. We may use all types of your personal data in this case.
We’ll do this where the law requires it, to comply with regulation, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information will be shared only for the purposes described above.
- Data sharing purposes – information uploaded to the Floww platform by you or on your behalf may be shared with other Floww platform users, including firms and companies (eg. to inform investment decisions).
Other use related information
- Preferences – we strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising;
- Opting out/withdrawing consent – you can ask us or the third parties with whom we (as a data controller) share your personal data to stop sending you promotional or marketing messages at any time by contacting us at any time;
- Change of purpose – we will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. However, if we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. If you would like us to explain how the handling and processing for the new purpose is compatible with the original purpose, please contact us.
We may share your personal data with the following entities for the purposes set out in Section 1 and as set out in Appendix 1:
- Firms, where we act as a data processor for and on their behalf
- Other Floww platform users, including firms and companies, in accordance with our terms of business;
- Market research organisations who help us to develop and improve our products and services;
- Third party marketing companies, we will obtain your consent before we share your personal data with any company outside our organisation or group of companies for marketing purposes;
- Governmental and regulatory bodies such as the Financial Conduct Authority, the Prudential Regulation Authority, the Financial Ombudsman Service and the Information Commissioner’s Office;
- The entities listed in Appendix 1; and
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions, which includes this privacy policy.
What are the legal grounds for our collection, handling, use and sharing of your personal data
Section 1
Collection, handling and usage
Purpose/Activity | Type of personal data | Data controller/data processor | Legal basis for collection, handling and usage – Controller Only |
Marketing purposes/Promotional offers | Identity Data Contact Data Usage Data Marketing Data |
Data controller | Legitimate interest/Your consent |
Cookies | Technical Data | Data controller | Your consent |
Tracking activities | Identity Data Usage Data |
Data processor | Legitimate interests/consent |
Monitoring purposes | Identity Data Contact Data Technical Data Usage Data Marketing Data |
Compliance with a legal obligation of us | |
Data sharing purposes | Identity Data Contact Data |
Data controller | Legitimate interests |
Data Sharing
Entity with whom personal data is shared | What personal data is shared | Purpose of sharing | Legal basis for sharing |
Third-party firms | Identity Data Usage Data |
To fulfil data processor duties | For and on behalf of the firm as the data controller |
Floww Platform users | Identity Data Contact Data |
To inform investment decisions | Legitimate interests |
Where do we send your personal data for storage or other specific purposes?
We’re based in the UK and will not transfer your personal data outside the EEA other than in accordance with the law. We will send your personal data for processing to our third party services providers who may be based outside the EEA, including in the Philippines, South Africa and Jersey. If we do so we’ll make sure that suitable safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply.
We will provide you with details of the safeguards that we have implemented, if you would like to know what they are.
In addition, we cannot control where other Floww platform users may access the Floww platform from, but any such access will be in accordance with the applicable terms of service.
How we look after your personal data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an authorised way, altered or disclosed.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority where we are legal required to do so.
Keeping your personal data up to date
It is important to us that the personal data we hold about you remains accurate and up to date at all times, but we need your help in doing this. Please let us know as soon as anything needs updating or correcting.
How long do we keep your personal data for?
We will not retain your personal data for as longer than necessary for us to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We carry out a review of all the personal data that we hold on a regular basis and make the determination, as detailed below, to either securely delete it or anonymise it so that it cannot be linked back to you.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we handle your personal data and whether we can achieve those purposes through other means, the applicable legal requirements and existence of any relevant proceedings.
In some circumstances, you can ask us to delete your personal data. Please see the Right of erasure below for further information.
We will keep and use Anonymised Data indefinitely without further notice to you.
Subject right request
We set out below a list of the legal rights that all individuals have under data protection laws in relation to our handling of your personal data. They don’t apply in all circumstances:
- Right to be informed – about your personal data and details of the handling and processing of that personal data and information, including the safeguards used to protect any of your personal data in the event that we transfer it outside the EEA;
- Right of access – to your personal data and to obtain information about how we handle and process it;
- Right to rectification – this is a right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed;
- Right of erasure – of your personal data, which is also known as the “right to be forgotten”;
- Right to restrict handling and processing – of your personal data, which includes requesting us to suppress your personal data file;
- Right to move, copy or transfer – your personal data to another organisation, also known as “data portability”;
- Right to object – to the handling and processing of your personal data for certain purposes, in particular to personal data processed for direct marketing purposes and to personal data that is handled and processed for certain reasons based on our legitimate interests;
- Right to withdraw consent – you may withdraw any consent or permission that you have previously provided to us in relation to our handling and processing of your personal data, such as for the purposes of marketing by electronic means;
- Rights in relation to automated decision making – where such automated decision making has a legal effect on you or otherwise significantly affects you; and
- Right to complain – in all circumstances, you may complain to: – Us in relation to the handling of your personal data, and; – The Information Commissioner’s Office which enforces data protection laws, whose contact details are set out on www.ico.org.uk.
In response to a request, it may be necessary for us to ask you to verify your identity and to provide information that would facilitate a better understanding of the request. Should the request not be granted in its entirety or in part, the reasons for such non-compliance shall be fully explained.
Procedure to exercise your legal rights
- Contact us – if you wish to exercise any of your legal rights please fill out our request form, which is found here and send it back to us via our email or our postal address, 2nd Floor, 4 Matthew Parker Street, London — SW1H 9NP.
In this instance, we’ll explain first whether or not the right you wish to exercise applies and whether we are the data controller in that respect.
If we are not the data controller, we will direct you to the appropriate entity that is.
If we are the data controller and the right you wish to exercise applies, we will facilitate your request in accordance with the procedure below.
- Fees – you will not have to pay a fee to access your personal data or to exercise any other rights that apply. We may, however, charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
- Our request for further information – we may need to request certain information from you to help us confirm your identity and ensure that your right to access your personal data (or to exercise any of your other rights that apply. This is a security measure to ensure that any personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
- Response time – we will respond to all legitimate requests as soon as we can. It should not take longer than a month to do so. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Spam Protection
We use Google reCAPTCHA v3, a SPAM protection service provided by Google. This service analyses the traffic of our signup website only potentially containing your Personal Data, with the purpose of filtering it from parts of traffic, messages and content that are recognized as SPAM.
Failure to implement this can cause our systems to be spammed by bots which could enable the malicious actor(s) to carry out phishing campaigns on our staff and potential customers. We ca
relay to spam and phish other non-suspecting individuals by using our trusted domains to bypass their spam filters.
The use of reCAPTCHA is subject to the Google privacy policy and terms of use.
Your FAQs Answered
Who can I ask about this policy?
To ask us anything in relation to this privacy policy or any personal data that we may hold, please contact us.
Can I see what data you hold about me?
If you want to be informed about your personal data that we hold, to have access to it or wish for it to be changed in any way, moved or deleted, please follow the Procedure to exercise your legal rights above.
What should you do if your personal data changes?
You should tell us by contacting us, so that we can update our records.
Do you have to provide your personal data to us?
We’re unable to provide you with our products or services if you do not provide certain information to us. In cases where providing some personal information is optional, we’ll make this clear.
Do we do any monitoring of your personal data?
Monitoring refers to: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.
We may monitor where permitted by law and we’ll do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.
Appendix 1. Third-Party service providers
- Data storage providers – we store all of our data with at least one data storage provider.
- Visitors to our websites – when someone visits floww.io we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be upfront about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
- Company data processing – when we have outsourced data processing to a third party for purposes such as for due diligence checks
- Third party payment providers – when someone makes an online payment to us, in particular, as part of a subscription to access the Floww platform, we use a third party payment provider to facilitate this transaction.
- Cloud platform providers – the Floww platform is hosted in the cloud using a third party platform provider.
- Integrated authentication and authorisation providers – to ensure that access to the Floww platform is kept secure, we use a third party integrated authentication and authorisation provider to ensure that only authorised users are able to access the Floww platform.