← Back to home

Privacy Policy

PrizeBNK Ltd · Last updated: 24 June 2026

1. Who We Are

PrizeBNK Ltd ("PrizeBNK", "we", "us", "our") is the data controller for personal data collected through our website and business communications.

  • Company Name: PrizeBNK Ltd
  • Companies House Number: NI740985
  • Registered Office: Ormeau Baths, 18 Ormeau Avenue, Belfast, Northern Ireland, BT2 8HS
  • Incorporated: 28 May 2026
  • Director: Sanil Xavier
  • Website: https://prizebnk.com
  • Email: sanil@prizebnk.com
  • ICO Data Protection Registration: ZC179617 (registered 22 June 2026; expires 21 June 2027)

We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Pre-launch notice: PrizeBNK is currently in pre-launch. We do not yet operate a live employee-facing app or employer dashboard. We do not currently collect open banking data, financial account information, or any sensitive personal data. This Privacy Policy reflects our current, pre-launch data practices. It will be updated when our app launches and open banking features are introduced.

2. What Data We Collect

As a pre-launch B2B business, we only collect information that you voluntarily provide to us through our website lead form and business communications.

2.1 Lead Form Data

When you submit the lead form on prizebnk.com, we collect:

  • Full name
  • Work email address
  • Company size band (e.g. 51–250)
  • Source page (which page on prizebnk.com you submitted from)
  • Browser user-agent string (collected once at submission, used only to help us spot spam)

2.2 Communication Data

  • Emails you send us, and notes from calls or demos
  • LinkedIn messages exchanged with our team

We do not currently collect:

  • Employee personal data
  • Financial account data or open banking data
  • Sensitive personal data (health, religion, ethnicity, etc.)
  • Payment card data
  • Website analytics, tracking pixels, or behavioural data — we do not run any analytics tools on prizebnk.com
  • IP addresses (we do not log or store visitor IPs)

3. How We Collect Your Data

We collect personal data:

  • Directly from you when you submit our lead form, reply to an email, or attend a demo
  • Via LinkedIn when you engage with our team's content or direct messages

We do not collect any personal data automatically through the website — prizebnk.com does not set cookies, run analytics, or fingerprint visitors.

4. How We Use Your Data

We process your personal data on the following legal bases:

PurposeData UsedLegal Basis
Responding to your enquiry or demo requestContact dataLegitimate interests
Managing our business contact pipelineContact, company dataLegitimate interests
Sending product updates and pre-launch communicationsContact dataLegitimate interests / Consent where required
Improving our website experienceUsage, cookie dataLegitimate interests
Complying with legal obligationsRelevant dataLegal obligation

We do not use your data for automated decision-making or profiling.

We do not sell your personal data to any third party.

5. Who We Share Your Data With

We share data only where necessary and with appropriate safeguards in place. All service providers we use are bound by data processing agreements and may only process your data on our documented instructions.

5.1 Service Providers

We use trusted third-party providers to host our website, deliver emails, and manage business communications. These providers process data on our behalf and are contractually bound to protect it. Where any provider is based outside the UK/EEA, we ensure appropriate transfer safeguards (such as standard contractual clauses) are in place.

5.2 Legal and Regulatory Bodies

We may disclose data to regulators or law enforcement where required by law.

5.3 Technology Partners (Future)

When we integrate open banking technology (planned for app launch), we will engage an FCA-authorised open banking API provider. At that time, this Privacy Policy will be updated to describe how employee financial data will be processed. No such data sharing currently takes place.

6. Data Storage and Residency

We do not currently persist lead enquiries in any database. Submissions from prizebnk.com are sent directly to our business email inbox, which is the sole system of record for lead data. Our email and document systems are configured to keep data within the UK and EEA.

The prizebnk.com website is hosted on a global edge network. UK visitors are served from UK points of presence, and the hosting layer does not store personal data at rest.

7. Data Retention

We retain your data for the following periods:

Data TypeRetention Period
Lead enquiriesDuration of relationship + 2 years after last contact, then deleted from the inbox
Email correspondenceDuration of relationship + 2 years after last contact
Legal and compliance records6 years (UK statutory minimum)

When we no longer need your data, we will securely delete or anonymise it.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right to access — request a copy of the data we hold about you (Subject Access Request)
  • Right to rectification — ask us to correct inaccurate or incomplete data
  • Right to erasure — request deletion of your data where we have no legal basis to retain it
  • Right to restrict processing — ask us to limit how we use your data
  • Right to data portability — receive your data in a portable, machine-readable format
  • Right to object — object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent — where processing is based on consent, you may withdraw at any time

To exercise any of these rights, please email: sanil@prizebnk.com

We will respond within one month of receiving your request, as required by UK GDPR. This period may be extended by up to two further months where the request is complex or where we have received a number of requests from you; we will tell you within one month if an extension applies and why. There is no charge for most requests.

9. Cookies and Tracking

prizebnk.com does not set any cookies and does not run any analytics, tracking pixels, or visitor-fingerprinting tools. No consent banner is required because no non-essential cookies are used (PECR regulation 6).

Our hosting provider (Cloudflare) may log basic request metadata (request time, response status, requested URL) for the purpose of security and abuse prevention. These logs are not used to build profiles of visitors and are retained only for short operational periods by the hosting provider.

If we introduce analytics or any non-essential cookies in future, we will add a compliant cookie consent banner that blocks those cookies until you give explicit opt-in consent, and update this Privacy Policy.

10. Data Security

We take appropriate technical and organisational measures to protect your personal data, including:

  • HTTPS / TLS encryption for all data in transit
  • 2-step verification on company email accounts
  • Access controls limiting who can read the lead inbox
  • Data processing agreements with all third-party processors
  • Server-side input validation on the lead form to prevent injection

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay, as required by UK GDPR.

11. International Data Transfers

Your personal data is stored in the UK and EEA (Google Workspace tenant pinned to "Europe" data region). The EEA benefits from a UK adequacy decision, so transfers between the UK and EEA do not require additional safeguards.

The only transfer of personal data outside the UK/EEA is the transient passing of the lead-form notification email through Resend (USA) for delivery. This transfer is covered by the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses in line with UK GDPR.

12. Third-Party Links

Our website may contain links to third-party sites (e.g. LinkedIn). We are not responsible for their privacy practices. Please review their policies independently.

13. Children's Privacy

Our website and Services are directed at UK employers and HR professionals only. We do not knowingly collect data from individuals under 18. If you believe we have inadvertently done so, please contact us immediately.

14. Changes to This Privacy Policy

We will update this Privacy Policy as our business and product develop — particularly when our app launches and open banking features are introduced. We will notify registered business contacts of material changes via email. The "Last updated" date at the top of this page will always reflect the most recent version.

15. How to Complain

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

We would always appreciate the chance to address your concerns first — please email us at sanil@prizebnk.com before escalating to the ICO.

16. Contact Us

PrizeBNK Ltd — Data Controller
Ormeau Baths, 18 Ormeau Avenue, Belfast, Northern Ireland, BT2 8HS
Companies House No: NI740985
Email: sanil@prizebnk.com
Website: https://prizebnk.com

This Privacy Policy was last updated on 24 June 2026 and applies to all visitors to prizebnk.com and business contacts of PrizeBNK Ltd.