Privacy Policy
1. Introduction
This privacy policy explains how Arca Compliance (“we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you visit our website at arca-compliance.com or otherwise interact with us. We are committed to respecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our website, you acknowledge that you have read and understood this policy. If you do not agree with any part of it, please discontinue use of the website.
2. Who We Are
Arca Compliance is a company registered in England & Wales. We act as the data controller for personal data collected through this website.
For any questions about this privacy policy or how we handle your data, please contact us via the enquiry form on our website or write to us at our registered address in London.
3. What Data We Collect
We may collect the following categories of personal data:
- Contact information: name, email address, firm or organisation name, and telephone number when you submit an enquiry or request an introduction.
- Professional information: your role, regulatory interests, and the nature of your matter or query.
- Message content: any information you provide in free-text fields when contacting us.
- Usage data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform; information about your visit, including the full URL clickstream to, through, and from our site; pages viewed or searched for; page response times; download errors; length of visits to certain pages; and page interaction information.
- Newsletter data: email address and preferences when you subscribe to regulatory briefings.
We do not intentionally collect special category data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health data, or data concerning sex life or sexual orientation) through this website.
4. How We Use Your Data
We use your personal data for the following purposes:
- To respond to enquiries and provide the advisory services you request.
- To send regulatory briefings, updates, and insights where you have subscribed to receive them.
- To improve our website, services, and user experience through analytics and feedback.
- To comply with legal and regulatory obligations applicable to our business.
- To protect our rights, property, or safety, and that of our users or others.
5. Legal Basis for Processing
Under UK data protection law, we process your personal data on one or more of the following legal bases:
- Consent: where you have given clear consent for us to process your personal data for a specific purpose, such as subscribing to regulatory briefings.
- Contract: where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
- Legal obligation: where processing is necessary for compliance with a legal obligation to which we are subject.
- Legitimate interests: where processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. This includes operating and improving our website and services, and maintaining records of communications.
6. Data Sharing and Third Parties
We do not sell your personal data. We may share your data with trusted third parties who provide services on our behalf, including:
- Cloud hosting and data storage providers.
- Email delivery and newsletter management services.
- Analytics providers to help us understand website usage.
- Professional advisers, such as lawyers and auditors, where necessary.
All third-party service providers are contractually bound to process your data only in accordance with our instructions and to maintain appropriate security measures. We may also disclose your personal data where required by law, regulatory obligation, or court order.
7. International Transfers
Your personal data is primarily processed within the United Kingdom and the European Economic Area (EEA). If we transfer your data outside the UK or EEA, we ensure that appropriate safeguards are in place, such as standard contractual clauses approved by the UK Information Commissioner’s Office, to protect your data in accordance with UK GDPR requirements.
8. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Contact enquiry data is typically retained for up to six years from the date of last interaction, in line with professional and legal obligations. Newsletter subscription data is retained until you unsubscribe or we discontinue the service, after which it is securely deleted or anonymised.
9. Your Rights
Under UK data protection law, you have the following rights in relation to your personal data:
- Right of access: to request a copy of the personal data we hold about you.
- Right to rectification: to request correction of any inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”): to request deletion of your personal data in certain circumstances.
- Right to restrict processing: to request that we limit the processing of your data.
- Right to object: to object to processing based on legitimate interests or for direct marketing purposes.
- Right to data portability: to receive your personal data in a structured, commonly used, and machine-readable format, and to have it transmitted to another controller.
- Right to withdraw consent: where processing is based on consent, to withdraw that consent at any time.
To exercise any of these rights, please contact us using the details provided on our website. We will respond to your request within one month, or inform you if we need additional time. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe we have not handled your data properly.
10. Cookies and Similar Technologies
Our website uses cookies and similar tracking technologies to distinguish you from other users, analyse traffic patterns, and improve functionality. Cookies are small text files placed on your device that allow us to recognise your browser and capture certain information.
The types of cookies we use include:
- Essential cookies: necessary for the website to function and cannot be switched off.
- Analytics cookies: help us understand how visitors interact with the website by collecting and reporting information anonymously.
- Preference cookies: enable the website to remember choices you make, such as your preferred theme (light or dark mode).
You can control cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the website.
11. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption in transit, access controls, and regular review of our security practices.
However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
12. Third-Party Links
Our website may contain links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to review the privacy policy of every website you visit.
13. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or the functionality of our website. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.
14. Contact Us
If you have any questions about this privacy policy or how we handle your personal data, please contact us through the enquiry form on our website or write to:
Arca Compliance
London, United Kingdom
Legal and Regulatory Disclaimer
This website is operated by Arca Compliance. The content on this website is provided for general informational purposes only and does not constitute legal, financial, or regulatory advice.
Arca Compliance is not authorised by the Financial Conduct Authority (FCA). Nothing on this site creates a client relationship or should be relied upon as a substitute for professional advice tailored to your specific circumstances.
Any guidance, toolkits, or assessments made available through this website are intended as reference materials to assist firms in understanding regulatory expectations. They are not a guarantee of authorisation, licensing, or compliance outcomes. You should consult a qualified professional before making any decisions based on the information contained on this website.
We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability of the information on this website. Your use of this website and reliance on any information is strictly at your own risk.