Privacy Policy

Last updated: 22 July 2025

This Privacy Policy explains how Frosted Expanse Ltd collects, uses, and protects your personal information in accordance with UK GDPR and the Data Protection Act 2018.

1. Who We Are

Frosted Expanse Ltd is a financial services company specialising in sustainable energy investments. We are registered in England and Wales (Company number: 12345678) and authorised and regulated by the Financial Conduct Authority (FCA Registration: 123456789).

Data Controller:
Frosted Expanse Ltd
15 Bishopsgate
London EC2N 3AR
Email: [email protected]
Phone: +442094360428

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Contact Information: Name, email address, postal address, telephone number
  • Professional Information: Company name, job title, business address
  • Financial Information: Investment preferences, risk tolerance, financial objectives
  • Communication Records: Records of our correspondence and interactions
  • Website Usage Data: IP address, browser type, pages visited, time spent on site

2.2 How We Collect Information

  • Directly from you when you contact us or use our services
  • Through our website using cookies and analytics tools
  • From third parties such as credit reference agencies (with your consent)
  • From publicly available sources

3. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: To provide investment services and execute agreements
  • Legal Obligation: To comply with FCA regulations and anti-money laundering requirements
  • Legitimate Interest: To improve our services, conduct marketing, and manage business operations
  • Consent: For newsletter subscriptions and optional marketing communications

4. How We Use Your Information

We use your personal information for:

  • Providing investment advisory services and managing your investments
  • Conducting due diligence and compliance checks
  • Communicating with you about our services and market updates
  • Processing newsletter subscriptions and marketing communications
  • Improving our website and services through analytics
  • Meeting legal and regulatory requirements
  • Preventing fraud and ensuring security

5. Information Sharing

We may share your information with:

  • Regulatory Bodies: FCA, HMRC, and other authorities as required by law
  • Service Providers: IT support, legal advisors, auditors (under strict confidentiality agreements)
  • Investment Partners: Fund managers and investment platforms (with your consent)
  • Credit Agencies: For identity verification and fraud prevention

We do not sell your personal information to third parties for marketing purposes.

6. Data Retention

We retain your personal data for:

  • Client Records: 7 years after the end of our business relationship (regulatory requirement)
  • Marketing Communications: Until you unsubscribe or request deletion
  • Website Analytics: 26 months maximum
  • Legal Claims: Until the limitation period expires

7. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (subject to legal obligations)
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at [email protected].

8. Cookies and Website Analytics

Our website uses cookies to:

  • Ensure the website functions properly (necessary cookies)
  • Analyse website usage and improve user experience (analytics cookies)
  • Personalise content and advertisements (marketing cookies)

You can manage cookie preferences through our cookie banner or browser settings. For detailed information, see our Cookie Policy.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Staff training on data protection and security
  • Access controls and monitoring systems
  • Secure data centres and backup procedures

10. International Transfers

We primarily process data within the UK. If we transfer data internationally, we ensure adequate protection through:

  • Adequacy decisions by the UK government
  • Standard contractual clauses approved by the ICO
  • Binding corporate rules or certification schemes

11. Marketing Communications

We may send you marketing communications about our services if:

  • You have consented to receive them
  • You are an existing client and the communications relate to similar services

You can unsubscribe at any time using the link in our emails or by contacting us directly.

12. Children's Privacy

Our services are not intended for individuals under 18. We do not knowingly collect personal information from children.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes by email or through our website.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact:

Data Protection Officer
Frosted Expanse Ltd
15 Bishopsgate
London EC2N 3AR
Email: [email protected]
Phone: +442094360428

15. Complaints

If you are not satisfied with our response to your data protection concerns, you can lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
Helpline: 0303 123 1113

Return to Homepage