Privacy & Cookie Policy

This Privacy & Cookie Policy explains how Apex Risk & KYC Limited (“we”, “us”, “our”) collects, uses, stores and protects personal data when you visit our website, engage with our services or communicate with us.

We are committed to protecting personal data and complying with applicable data protection laws, including the UK General Data Protection Regulation (“UK GDPR”), the EU General Data Protection Regulation (“GDPR”) and other applicable privacy legislation.

1. Who We Are

Apex Risk & KYC Limited (Apex) is a provider of due diligence and compliance intelligence services. For the purposes of data protection law, Sponsio acts as a data controller in relation to personal data processed through this website and certain business interactions.

Contact details:
Apex Risk & KYC Limited
71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
customer.service@apexrisk.org

2. Personal Data We Collect

We may collect and process the following categories of personal data:

Website and Enquiry Data

  • Name, company name and job title

  • Business email address and phone number

  • Information submitted via contact or enquiry forms

  • IP address and technical usage data

Business and Client Data

  • Contact details of client representatives

  • Information provided in the course of service enquiries

  • Contractual and communications data

Due Diligence–Related Data

Where permitted by law and contract, Apex may process personal data contained within due diligence reports, including information obtained from public or licensed sources.

3. How We Use Personal Data

We process personal data for the following purposes:

  • Responding to enquiries and requests

  • Providing and administering our services

  • Conducting due diligence and compliance intelligence activities

  • Managing contractual and business relationships

  • Improving website performance and security

  • Meeting legal, regulatory and compliance obligations

We do not sell personal data.

4. Legal Bases for Processing

We process personal data under one or more of the following lawful bases:

  • Legitimate interests (e.g. responding to enquiries, providing services, ensuring security)

  • Contractual necessity (where processing is required to perform a contract)

  • Legal obligation (where required by law or regulation)

  • Consent (where required, including certain cookies or marketing communications)

5. Due Diligence and Compliance Intelligence Processing

Apex processes personal data as part of compliance intelligence and due diligence activities in accordance with applicable laws and regulatory expectations.

Such processing may rely on:

  • Legal obligations

  • Legitimate interests in preventing financial crime and supporting compliance

  • Applicable exemptions under data protection law for regulatory and risk prevention purposes

All due diligence processing is conducted proportionately and with appropriate safeguards.

6. Data Sharing

We may share personal data with:

  • Trusted service providers and technology partners

  • Data providers used for screening and research

  • Professional advisers (legal, compliance, audit)

  • Regulatory or law enforcement authorities where required by law

All third parties are required to implement appropriate security and confidentiality measures.

7. International Data Transfers

Personal data may be transferred outside the UK or European Economic Area where necessary. Where this occurs, Apex ensures appropriate safeguards are in place, such as standard contractual clauses or equivalent protections.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, regulatory and contractual requirements.

Retention periods vary depending on the nature of the data and the service provided.

9. Data Security

Apex implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or disclosure.

Access to personal data is restricted to authorised personnel only.

10. Your Rights

Subject to applicable law, individuals may have the right to:

  • Access their personal data

  • Request rectification or erasure

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent (where applicable)

  • Lodge a complaint with a supervisory authority

Requests can be made using the contact details below.

11. Cookies

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites function properly and improve user experience.

Cookies We Use

Sponsio uses:

  • Strictly necessary cookies – required for website functionality

  • Performance and analytics cookies – to understand website usage and improve performance

We do not use cookies for intrusive profiling or advertising without consent.

Managing Cookies

You can control or disable cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

12. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites.

13. Changes to This Policy

We may update this Privacy & Cookie Policy from time to time.