Holly Mckay
Holly MackayFounder and CEO
Avatar

Subscribe Now

Free of Charge

Avatar
    • Home

    Privacy policy

    23 Apr 2025

    Who we are and what we do

    We are Boring Money Ltd (“Boring Money”, “us”, “we”, “our”). We are a limited company registered in England and Wales under registration number 09459832 and we have our registered office at 10 Lower Thames Street, London, England, EC3R 6AF.

    We are registered with the UK supervisory authority, Information Commissioner’s Office (“ICO”) in relation to our processing of Personal Data under registration number ZA192588.

    Unless we notify you otherwise, we are the controller of the Personal Data we process about you. This means that we decide what Personal Data to collect and how to process it.

    The purpose of this privacy notice is to explain what Personal Data we collect about you and how we process it. This privacy notice also explains your rights, so please read it carefully. If you have any questions, you can contact us using the information provided below.

    Who this privacy notice applies to

    This privacy notice applies to you if:

    1. You visit our website

    2. You create an account on our website

    3. You purchase/contract our services (directly or through a third party)

    4. You enquire about our product and/or services

    5. You give us feedback, enter a competition, complete a quiz or contact us

    6. You take part in specific research projects

    7. You sign up to receive newsletters and/or other promotional communications from us

    What Personal Data is

    ‘Personal Data’ means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier.

    ‘Special Category Data’ is more sensitive Personal Data and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purposes of uniquely identifying someone, data concerning physical or mental health or data concerning someone’s sex life or sexual orientation.Personal Data’ means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier.

    Personal Data we collect

    The type of Personal Data we collect about you will depend on our relationship with you. However, some examples of the kind of Personal Data we process whilst providing our services are listed below:

    • Your personal contact details

    • Date of birth, gender, marital status and number of dependents

    • Financial data

    • Profile data (username and password)

    • Membership details,feedback and/or survey responses

    • Technical data (including internet protocol (“IP”) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website)

    • Usage data (including information about how you use our website, products and service)

    • Marketing and communications data (includes your preferences in receiving marketing

    To understand why we use this data, please see the table below in the section entitled ‘Purposes for which we use Personal Data and the legal bases’.

    How we collect your Personal Data

    We collect most of the Personal Data directly from you in person, by telephone, text or email and/or via our website.

    However, we may also collect your Personal Data from third parties such as:

    • others to whom you have provided consent

    • publicly available sources such as social media platforms; and

    • analytics providers

    Purposes for which we use personal data and the legal bases

    We will only use your Personal Data when the law allows. Most commonly, we will use your Personal Data in the following circumstances:

    Purpose

    Lawful Basis for Processing

    Responding to correspondence from you.

    It is in our legitimate interest to respond to enquiries made via our website, telephone, by email, through our social channels or any other means.

    Sending you information such as product information which may be of interest.

    If you are an existing customer or have expressed an interest in our products or services, we will rely on legitimate interests to contact you for marketing purposes.

    Provision of our services.

    Processing is necessary for the performance of the contract between us.

    Setup and manage account/profile.

    It is our legitimate interest to manage and maintain our customer database.

    Business management, forecasting and statistical purposes.

    It is our legitimate interest to identify areas for managing current business relationships, develop new products and services, and for managing our business.

    Improving our websites and the overall website visitor and user experience.

    It is our legitimate interest to allow analytics and search engine providers to help improve and optimise our websites.

    Improving our websites and the overall website visitor and user experience.

    We use cookies on our websites with your consent.

    To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

    It is our legitimate interest to run our business which includes the provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise.

    To carry out customer satisfaction surveys and/or *market research studies

    It is our legitimate interest to carry out customer satisfaction surveys and/or market research studies (e.g. interviews) to help improve and optimise our products and services for ourselves and our clients.

    To enable you to partake in a prize draw, quiz or competition that you have specifically opted in to.

    It is our legitimate interest to administer and manage our prize draws, quiz or competitions.

    * In relation to our market research studies, consent is an important ethical standard that ensures and protects the autonomy and privacy of our research participants. Although we will always ask for your consent prior to carrying out our research, the lawful basis we will rely on is legitimate interests. This means you may object to us processing your data for research purposes at any time (as described in the rights section below).

    Where Personal Data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.

    Sharing your Personal Data

    We may also disclose your information to third parties in connection with other purposes set out in this privacy notice. These third parties may include:

    • business partners, suppliers and sub-contractors who may process information on our behalf

    • analytics and search engine providers

    • IT service providers

    This site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our site, we encourage you to read the privacy policy of every website you visit.

    Where we are under a legal or regulatory duty to do so, we may disclose your details to the police, regulatory bodies or legal advisors, and/or, where we consider necessary to protect the rights, property or safety of Boring Money, its personnel, users or others.

    International Transfers

    Depending on the organisation(s) we use to provide our services to you, your Personal Data may be processed outside of the UK and/or European Economic Area (“EEA”).

    Therefore, we have taken appropriate steps to ensure that the Personal Data processed by such organisations has an essentially equivalent level of protection to that guaranteed in the UK/EEA. We do this by ensuring that:

    • Your Personal Data is only processed in a country which the Secretary of State or European Commission has confirmed has an adequate level of protection (an adequacy decision) or

    • We enter into an International Data Transfer Agreement (“IDTA”) or use the International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (“SCCs) for international data transfers with the receiving organisation and adopt supplementary measures, where necessary.

    How long we keep your data

    We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.

    At the end of the retention period, your personal data will be securely deleted or anonymised. For example, this could be by aggregation with other data so that it can be used in a non-identifiable way, for statistical analysis and business planning.

    How we protect your data

    We implement appropriate technical and organisational measures to protect data against unauthorised or unlawful processing and against accidental loss, destruction or damage.

    In addition to the technical and organisational measures we have put in place, there are simple things you can do to in order to further protect your personal information, such as:

    1. Never share One Time Passcodes (OTPs).

    2. Never enter your details after clicking on a link in an email or text message.

    3. Always send confidential information by encrypted email to reduce risk of interception.

    4. If you’re logged into any online service do not leave your computer unattended.

    5. Close down your internet browser once you’ve logged off.

    6. Never download software or let anyone log on to your computer or devices remotely, during or after a cold call.

    7. You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.

    Your data protection rights

    You have certain rights in relation to the processing of your Personal Data, including to:

    Rights

    Description

    Right to be informed

    Individuals have the right to be informed about the collection and use of their personal data.

    Right of access

    Individuals have the right to receive a copy of their personal data, and other supplementary information.

    Right to rectification

    Individuals have the right to have inaccurate personal data rectified or completed if it is incomplete.

    Right to erasure (the ‘right to be forgotten’)

    Individuals have the right to request their personal information to be erased, in certain circumstances.

    Right to restrict processing

    Individuals have the right to request the restriction or suppression of their personal data, in certain circumstances, in particular:
    • if your data is not accurate;
    • if your data has been used unlawfully but you do not want us to delete it;
    • if your data is no longer needed, but you want us to keep it for use in legal claims; or
    • if you have already asked us to stop using your data but you are waiting to receive confirmation from us as to whether we can comply with your request.

    Right to data portability

    Individuals have the right to obtain and reuse their personal data, in a machine-readable format, for their own purposes across different services, in certain circumstances.

    Right to object

    Individuals have the right to object to the processing of their personal data, in certain circumstances.

    Rights with respect to automated decision-making and profiling.

    Individuals have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.

    In addition to the above, an individual also has the following rights:

    Rights

    Description

    Right to withdraw consent (if applicable)

    Where we are using your personal data based on your consent, you can withdraw your consent at any time.

    Right to lodge a complaint with a supervisory authority

    You have the right to raise a complaint about how we handle your personal information with the Information Commissioner’s Office by calling 0303 123 1113 or visiting https://ico.org.uk/make-a-complaint/.

    Exercising your data protection rights

    You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

    Children’s Privacy

    We do not offer our products and services to children, and we do not knowingly collect Personal Data of children without parental consent, unless permitted by law. If you are under 18 years of age, you must not use our services. If we learn that a child has provided us with their Personal Data we will securely and permanently delete it, in accordance with applicable law.

    How to contact us

    If you would like to exercise your statutory data protection rights, or if you have any concerns or questions about how we handle personal data, please contact us using the details below:

    Boring Money Ltd, 10 Lower Thames Street, London, England, EC3R 6AF.

    Alternatively, you can email us at community@boringmoney.co.uk

    We have also appointed a Data protection Officer (“DPO) who can be contacted by using the above email or postal address. Please send your communication clearly indicating ‘FAO the ‘Data Protection Officer’ and your message will be passed directly to Evalian Limited for attention.

    Changes to this privacy notice

    We may update this notice (and any supplemental privacy notice), from time to time and will notify you of any changes when required to do so.

    Important stuffHolly and the team have worked in the finance industry for many years but we are not regulated to give you personal financial advice. For every story on this website about a good investment, or something which went up by 10% or made someone £200, we could also share a story about a bad investment, something which fell in value or lost someone £200. We aim to provide general information and pointers – and btw we are totally agnostic about which providers you might pick – but if you have complex affairs, want personalised advice or need specific recommendations, please look at advice pages and see if regulated digital or traditional financial advice would be the best solution for your needs. Boring Money Ltd is a limited company registered in England and Wales under registration number 09459832 and we have our registered office at 10 Lower Thames Street, London, England, EC3R 6AF.
    Risk warningAs is always the case with investing, your capital is at risk. The value of your portfolio can go down as well as up and you may get back less than you invest. Tax treatment depends on your individual circumstances and may change in the future.
    Boring Money Ltd is a limited company registered in England and Wales under registration number 09459832 and we have our registered office at 10 Lower Thames Street, London, England, EC3R 6AF.
    |

    We use cookies

    You will see cookie information on different websites and regulation means that we need to ask your permission to use them. We use cookies to improve our website, for analysis of our visitor data, to show personalised content and to give you a great website experience. For more information about the cookies we use open the settings.