Privacy Policy
Effective Date: 01/08/2025
LAUNCHESE LTD Company Details (The "Agent"):
* Company Number: 11878200
* Registered Office Address: 24-26 Arcadia Avenue Fin009, London, United Kingdom, N3 2JU
* Regulatory Status: Trust or Company Service Provider (TCSP) supervised by HM Revenue and Customs (HMRC) for Anti-Money Laundering (AML) purposes.
1. Introduction and Scope
This Privacy Policy explains how LAUNCHESE LTD collects, uses, shares, and protects Your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018).
We act as the Data Controller in respect of the personal data we process during the provision of Services.
2. The Data We Collect
We collect and process various categories of personal data, primarily to facilitate company formation and fulfil our legal obligations as a TCSP.
| Category of Data | Examples of Data Collected | Purpose of Collection |
| Identity Data | Full name, date of birth, nationality, job title, passport details, National ID card details, full names of Persons with Significant Control (PSCs). | Mandatory Customer Due Diligence (CDD) and statutory filing requirements with Companies House. |
| Contact Data | Residential address, email address, telephone numbers. | Communication and verification of residence for AML compliance. |
| Financial Data | Payment details (processed securely via third-party gateways), data on Source of Funds (SOF) and Source of Wealth (SOW). | Processing payments and conducting Enhanced Due Diligence (EDD) for high-risk clients. |
| Technical & Usage Data | IP addresses, browser type, operating system, usage patterns (collected via cookies and analytics). | System maintenance, security, and improving service delivery. |
| Public Data | Information from public registers (Companies House), sanctions lists, Politically Exposed Persons (PEP) registers, and adverse media screenings. | Mandatory screening for financial crime prevention. |
3. The Legal Basis for Processing
We rely on the following legal bases under Article 6 of the UK GDPR to process your personal data:
| Legal Basis | Description | Application to Services |
| Legal Obligation | Processing is necessary for compliance with a legal obligation to which the Agent is subject. | Mandatory CDD/KYC checks, PEP and Sanctions screening under the AML Regulations 2017. Statutory filing and record-keeping requirements under the Companies Act 2006. |
| Contractual Necessity | Processing is necessary for the performance of a contract to which the Client is party. | Registering the Company with Companies House, providing the Registered Office Address, and fulfilling mail handling services. |
| Legitimate Interest | Processing is necessary for our legitimate interests (or those of a third party) where Your interests and fundamental rights do not override those interests. | Administering and protecting our business (fraud prevention, security, troubleshooting, data analysis, defending legal claims). |
| Consent | Where You have given us consent for a specific purpose. | Used only in limited circumstances, such as sending non-essential marketing communications, or for sharing data with third-party partners outside the scope of the core contract. |
4. How We Share Your Data
We will not share Your personal data with third parties except in the following circumstances:
4.1. Statutory and Regulatory Disclosures
We will disclose Your Identity and Contact Data when legally required to do so:
a. Companies House and HMRC: For the statutory filing of company incorporation details, director and PSC information, and tax registration.
b. AML Supervision and Reporting: To HM Revenue & Customs (HMRC) as our supervisory body, or to the National Crime Agency (NCA) if we file a Suspicious Activity Report (SAR) regarding money laundering or terrorist financing activity.
c. Law Enforcement and Fraud Prevention: In response to lawful requests, court orders, or where we believe disclosure is necessary to investigate, prevent, or take action regarding potential fraud (e.g., in cooperation with Trading Standards or the police).
4.2. Service Providers (Processors)
We share data with trusted third parties who act as processors to help us deliver the Services, including:
a. Third-party providers for biometric and electronic identity verification (IDV) checks.
b. Payment processors for handling transaction data.
c. Cloud hosting and IT service providers.
4.3. International Transfers
Your personal data may be transferred and stored outside the UK and the European Economic Area (EEA) if Your Company is associated with non-UK jurisdictions. Where we transfer Your data outside the UK, we ensure a similar degree of protection is afforded by ensuring at least one of the following safeguards is implemented:
a. The transfer is to a country deemed to provide an adequate level of protection for personal data by the UK Government.
b. The transfer is covered by specific contracts approved by the Information Commissioner's Office (ICO) which give personal data the same protection it has in the UK (International Data Transfer Agreements).
5. Data Security and Retention
5.1. Data Security
We have implemented appropriate security measures, policies, and internal controls proportionate to the high-risk nature of our business (TCSP) to prevent Your personal data from being accidentally lost, used, or accessed in an unauthorised way.
5.2. Retention Periods
We retain Your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purpose of satisfying any legal, accounting, or reporting requirements.
* AML Statutory Obligation: As a TCSP, we are statutorily obliged to retain copies of all Customer Due Diligence (CDD) records and supporting evidence relating to transactions for a minimum period of five (5) years after the business relationship has ended.
* General Records: Other records are retained for the duration of the service contract plus six years to cover legal claims, in line with statutory limitation periods.
6. Your Legal Rights (Data Subject Rights)
Under the UK GDPR, you have several rights regarding your personal data:
a. The Right to Access: You have the right to request a copy of the personal data we hold about You.
b. The Right to Rectification: You have the right to request that we correct any information You believe is inaccurate or incomplete.
c. The Right to Erasure (Right to be Forgotten): You have the right to request the deletion of Your personal data. Note: This right is heavily restricted where processing is required for our compliance with a Legal Obligation (e.g., AML and Companies Act record-keeping duties).
d. The Right to Data Portability: This applies to data provided to us electronically and processed based on consent or performance of a contract.
e. The Right to Restrict Processing: You have the right to request that we limit the way we use your data.
f. The Right to Object: You have the right to object to processing based on legitimate interest.
7. Complaints and Contact
If You have any questions about this Privacy Policy or wish to exercise any of Your rights, please contact:
Data Protection Point of Contact:
You have the right to make a complaint at any time to the supervisory authority for data protection in the UK:
The Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline number: 0303 123 1113
Website: ico.org.uk