Our UK privacy policy can be found below.
If you are based in the EU or EEA please read this privacy policy.
Para leer nuestra EU Política de Privacidad en español pulse aquí.
TorFX takes data privacy very seriously and recognises the importance of protecting and respecting your
personal data. This Privacy Policy describes the information we collect, how we use that information, to
whom we pass the information, your rights and key contact information.
To provide you with our money transfer services (also known as “e-money services”) we need to collect information about you. Our aim is not to be intrusive, and we won’t ask you unnecessary questions. Any personal information we receive about you will be subject to strict controls to minimise the risk of misuse or unauthorised disclosure.
Please read this notice carefully, together with our Terms and Conditions. In this notice, we explain how and why we collect personal information about you in connection with services (‘’Redpin Services’’) provided by Currencies Direct Limited, Tor Currency Exchange Limited and other companies within the UK Redpin group of companies (together, “Redpin’’). Redpin (“our”, “us” and “we”) commits to using your information only in accordance with the terms of this Privacy Notice.
By visiting this website or providing your personal information to one of our employees, you consent to our use and disclosure of your personal information in the manner described in this Privacy Notice.
Please note that if you do not provide us with the information, we need to set up an account or make a payment for you, or to check your identity or source of funds, then we may be unable to do business with you.
A special note about children
Children are not eligible to use Redpin Services. We respectfully ask that minors (persons under the age of 18) do not submit any information to us or use Redpin Services.
Our primary purpose in collecting your information is to provide you with a smooth and efficient experience when using Redpin Services. However, the law requires us to have a legal basis for processing your personal information. One or more of the following legal bases will apply whenever we use or share your personal information:
- To allow us to take necessary actions to provide the service or product you have contracted for;
- To allow us to meet our legal obligations (for example, to carry out anti money laundering checks);
- To protect our legitimate interests (for example, to understand how our customers use our services or to prevent fraud);
- We have your permission (for example, where you have consented to marketing).
By submitting your information to Redpin and using Redpin Services, you agree that we may use and disclose your information for the following purposes:
Carrying out transactions, providing customer support and improving our services
We may use your information to:
Compliance and risk management
We will use your information to help us comply with our legal and regulatory obligations, to investigate suspicious transactions, to issue any appropriate fraud or risk warnings and to manage our risk as a business, including as described below:
- to carry out background checks, to verify your identity and status and that of any persons or payees connected with you, to monitor ongoing transactions and to check source of funds;
- to carry out checks to:(a) ensure we do not deal with countries, entities or individuals that are subject to sanctions or involved in evading sanctions, (b) comply with counter-terrorist financing, anti-money laundering and data protection laws and regulations and (c) to help identify, prevent and take action against fraud and other types of financial crime; and
- to conduct investigations into actual or suspected violations of our Terms and Conditions.
Marketing
Where you have consented to marketing or are already a customer (or have indicated that you are potentially interested in our services) we (or any member of the Redpin group of companies) may use your personal information to send you marketing (including newsletters, updates, customer surveys and promotions), to make suggestions as to services and products that may be of interest, to analyse which marketing and which services are most appropriate for you and to improve our understanding of the effectiveness of our advertising and promotional campaigns.
Unsubscribing from marketing
You can unsubscribe from our marketing communications (or change your marketing preferences) whenever you choose. You can do this at the time you register with us or by selecting the ‘’unsubscribe’’ tab featured on our marketing communications or by logging in to your account with us, visiting your profile page and accessing the preference centre. You can also call us on our Customer Services number and ask us to unsubscribe you or change your marketing preferences over the phone.
Our website (and the websites of other Redpin group companies) uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our site and to provide interest-based advertising. You may adjust the settings on your browser to refuse cookies but some of the services on our website(s) may not work if you do so. For detailed information on the cookies, we use and the purposes for which we use them, please see our Cookie Policy.
We have given some detail below about the suppliers, partners, regulators, and other organisations with whom we share customer personal information. By registering with us or using Redpin Services, you consent to us sharing your personal information with these third parties (provided, of course, that this is done securely and with all the necessary contractual protections in place).
Banks and payment providers
When you ask us to process a currency or payment transaction, we will provide your information to the banks, payment service providers, card issuers and other businesses we deal with to complete the transaction.
Payees
When you authorise a payment, or receive a payment, relating to your Redpin account we may share your personal details with the payee or person making payment in certain circumstances.
Service providers
We work with a range of third party suppliers and partners who provide us with services across a range of sectors ( for example, customer record-keeping, account management and technology services) and may share your personal information with those third parties and their sub-contractors.
Anti-fraud, anti-money laundering, sanctions screening and risk management
We will share your personal information with business partners who carry out checks for us as part of customer on-boarding and for on-going due diligence. For example, we use third party suppliers to run verification checks on passport and identity documents you provide to us and a facial imaging company to check that any photograph you provide to us matches the photo on your identity document. We share your information with providers of sanctions-screening and anti-money-laundering services.
Credit reference agencies and fraud prevention agencies
We may share your personal information with credit reference agencies and fraud prevention agencies, who may then share that information with other organisations. We may continue to disclose personal information to them after you have closed your account with us.
Joint account holders and your representatives
We may share your personal information with anyone else named on your account with us or with someone representing you, such as a solicitor, accountant, insurer, or someone acting under a power of attorney. We may also share your personal information with another bank or business where you have told us that you are happy for us to release information to them.
Regulators
We are sometimes obliged to report transactions to the relevant financial or data protection regulator in the UK or elsewhere. We will provide your personal information to the regulators to meet these legal obligations.
Credit card associations
We may disclose your personal information in response to the requirements of credit card associations.
Legal proceedings
We may share your personal information with other organisations and with professional advisers, courts and debt collection agencies in order to: enforce our Terms and Conditions and any other agreements entered into between you and us (or between you and any Redpin group company), to investigate potential breaches of those Terms and Conditions or other agreements, to investigate fraud or criminality, to carry out or defend legal proceedings, to take enforcement action and to protect the rights, property, reputation or security of Redpin, our customers, or others.
The police, law enforcement agencies and other authorities
We may disclose your personal information to the police and other law enforcement agencies, security forces, tax authorities, intelligence services, and other authorities and government agencies in the UK and elsewhere where we are legally compelled and/or permitted to do so.
The Financial Ombudsman
We may share your information with the Financial Ombudsman Service (or any successor organisation) and with any other ombudsman or consumer protection body in the UK or elsewhere investigating a complaint or other issue raised in connection with your use of Redpin Services.
Mergers and acquisitions
As with any business, it is possible that in the future any member of the Redpin group could buy, merge with, or be acquired by, another company. We may disclose your information to the prospective seller or buyer of such business or assets, along with its financiers, sponsors, and professional advisers. If a Redpin group company or a substantial proportion of its assets is acquired by a third party, information held by it about its customers and potential customers (and any consent they have given to marketing and any other right to market to them) will be one of the transferred assets, and such successor company would continue to be bound by this Privacy Notice unless and until it is amended.
Group companies
We may share your personal information with other members of the Redpin group of companies (and the parent companies of each Redpin group company and each company having direct or indirect control of those parent companies) where they provide, or may provide, services to you or where the sharing of that information otherwise supports Redpin’s business.
Analytics and search engine providers
We share your IP (internet protocol) address with analytics and search engine providers that assist us in the improvement and optimisation of our website, and also to permit certain third party advertising on third party websites. Please also see our Cookie Policy.
Analytics and search engine providers
We share your IP (internet protocol) address with analytics and search engine providers that assist us in the improvement and optimisation of our website, and also to permit certain third party advertising on third party websites. Please also see our Cookie Policy.
Affiliates and our referral network
If you are referred to us by a third party – either via our affiliate network or via the refer-a-friend promotion – we may notify them when you book a transaction and share your personal information and transaction history with them.
We have a select group of partners to whom we occasionally refer customers. If we think you may benefit from these services, we will ask you if you would like us to pass on your details. We will always name the partner and ask you for permission before we refer you, and we will pass on your details only where you give us permission to do so. If we refer you, we will typically pass on your name, email address and telephone number.
Third party websites
Redpin websites may, from time to time, contain links to the websites of our business partners, advertisers, and affiliates.
We offer certain Redpin Services through third parties (for example, through e-commerce platforms). If you request a quote via a website or platform operated independently by a third party, any information that you enter on that website or platform (and not directly through a Redpin group company website) will be shared with the owner of that website or platform. We may also share other information about you with the owners of these third-party websites and platforms, for example your account details and customer on-boarding details.
Please note that third party websites and platforms have their own privacy notices and we do not accept any responsibility or liability for those notices, or the way third party websites or platforms operate. Please check the relevant privacy notice before you submit any information to a third party website or platform.
The information that we collect from you may be transferred to, and stored in, a country outside the UK or European Economic Area (EEA). It may also be processed by staff operating outside the UK or EEA who work for Redpin or for our suppliers, partners or affiliates. These staff may be engaged in the fulfilment of your request, the processing of your payment details and the provision of support services.
The laws in some countries may not provide as much legal protection for your information as in the UK or EEA. In these circumstances, our policy to protect your personal data is to rely on findings of adequacy by the European Commission (for countries in scope of those findings) or standard contractual clauses or international data transfer agreements adopted by the European Commission or the UK Information Commissioner.
Each time you attempt to make a money transfer using a Redpin account, Redpin may transfer your relevant information to the recipient and any intermediate banks or payment service providers, who may be located outside the UK or EEA, and any other service providers as described above, in order to deal with and provide information about the payment.
By submitting your information and making use of Redpin Services, you agree to such transfers, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Notice.
We will keep your personal information on record for as long as you are a customer and for a period of time (typically, up to six or seven years) after the closure of your account. This period of six or seven years is linked to the period of time available to bring a claim. In some circumstances, such as an enquiry from a law enforcement agency or where there is a legal requirement, we may have to hold the information for longer. We may also retain information if required to protect our interests, for example in case of litigation or to manage a complaint or to help detect fraud. Where you have asked us not to contact you, we will retain that request on a ‘do not contact’ list to reduce the risk of us contacting you in the future.
We have security measures in place designed to prevent data loss, to preserve data integrity, and to control access to the data. All Redpin employees who have access to your personal data are required to comply with our privacy and data protection policies.
To ensure data privacy, confidentiality and integrity, all information disclosed, shared, stored, or used and any transactions performed by you through our website and app are encrypted.
Customer responsibilities
We keep our security technology up to date to protect your information, but we do not have control over the devices you use to access Redpin Services. It is vital that you work with us to help keep your personal data secure and to prevent fraud.
It is your responsibility to safeguard your online information and transactions by taking all reasonable measures, including the following:
You have the legal rights set out below:
To ask us for a copy of the personal information we hold about you as an individual.
To ask us to correct or complete any information we hold about you.
Whilst we endeavour at all times to keep your information accurate, we welcome your corrections. You can correct or complete your profile at any time by logging onto your account via the relevant Redpin group company website, or you can call your account manager to make any changes. We may ask you for additional verification information if you are changing certain details such as your name or your address.
To ask us to erase your personal information in certain circumstances.
We will delete your information in line with our data retention policy and the guidance of the Information Commissioner’s Office regarding alternatives to deletion. We will maintain a record that you made an erasure request to reduce the likelihood of us contacting you in the future, but we will use that information for no other purpose.
To ask us to send your personal information to another organisation or back to you, in certain circumstances.
To ask us to stop processing your personal information or to restrict the way in which we process your personal information in certain circumstances.
You may exercise any of the above rights by contacting us at [email protected] or by calling your Account Manager.
Contacting us with questions or requests
If you have any questions about this Privacy Notice or Redpin’s information practices, you can contact us by emailing: [email protected] or by writing to us at: Data Protection Officer, Redpin Holdings Limited, 1 Canada Square, Canary Wharf, London, United Kingdom, E14 5AA.
Complaints to the Data Protection Officer
If you have a complaint about how we handle data protection issues or how we have responded to a request, please email [email protected]. Our Compliance team and Data Protection Officer will investigate your complaint and respond to you. You may also email Redpin’s Data Protection Officer direct on: [email protected].
Complaints to the UK Information Commissioner
You have the right to complain to the UK Information Commissioner's Office if you believe we have not handled your request in an appropriate manner. For information on contacting the ICO, please see their website. The ICO helpline is: 0303 123 1113.
We may amend this Privacy Notice at any time. Any changes we may make will be posted on this website, so please check back frequently.
Your continued use of our website(s) after the posting of a new version of this Privacy Notice will constitute your acceptance of any changes.