Money Exchange Money Transfer Branches Contact Us

Currency Exchange

Services

About Us

Others

PRIVACY AND GDPR POLICY

Version: June-2026    |    Effective Date: 01 June 2026

Last Review Date: 31 May 2026    |    Next Review Date: 31 May 2027

1. Data Controller Details

RAK Money Exchange is the “data controller” responsible for your personal data.

Entity Details

  • Legal Entity Name: Rak Traders Limited
  • Trading Name: RAK Money Exchange
  • Registered Address: 40 High Street North, East Ham, London E6 2HJ
  • Company Registration Number: 07729114
  • ICO Registration Number: Z3178901

Data Protection Contact

  • Data Protection Officer (DPO): Muhammad Rakeem Aslam
  • Email: info@rakmoneyexchange.com
  • Telephone: 0208 503 5222
  • Postal Address: 40 High Street North, East Ham, London E6 2HJ

2. Purpose of This Policy

This Privacy and GDPR Policy explains how we collect, use, store, share, and protect your personal data when you:

  • Use our currency exchange services
  • Send or receive money transfers
  • Interact with our branch or staff
  • Visit our premises (including CCTV areas)

We process your personal data in accordance with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Money Laundering Regulations 2017
  • Proceeds of Crime Act 2002
  • Terrorism Act 2000
  • Other applicable UK laws and regulatory guidance

3. Personal Data We Collect

We collect the following categories of personal data:

3.1 Identification Data

  • Full name
  • Date of birth
  • Nationality
  • Residential address
  • Telephone number
  • Email address
  • Passport details
  • Driving licence details
  • National identity card details

3.2 Verification & Compliance Data

  • Proof of address documents
  • Source of funds (SOF)
  • Source of wealth (SOW)
  • Occupation and employer details
  • Beneficial ownership information
  • Politically Exposed Person (PEP) status
  • Sanctions screening results

3.3 Transaction Data

  • Currency exchange transactions
  • Money transfer details
  • Payment records
  • Transaction history

3.4 Technical & Monitoring Data

  • CCTV footage
  • Call recordings where required
  • IP address (if applicable)
  • Device or system logs (if applicable)

3.5 Fraud & Security Data

  • Fraud prevention alerts
  • Suspicious activity reports
  • Risk scoring results

4. How We Collect Your Data

We collect data when:

  • You complete customer onboarding forms
  • You submit identity documents
  • You carry out transactions
  • You communicate with us in branch, phone, or email
  • You are recorded by CCTV in our premises
  • We perform regulatory screening checks

We may also receive data from:

  • Fraud prevention agencies
  • Sanctions and PEP screening providers
  • Law enforcement or regulatory bodies

5. Why We Use Your Personal Data

We use your data for the following purposes:

5.1 Providing Services

  • Processing currency exchange transactions
  • Processing money transfers
  • Managing customer accounts
  • Customer support

5.2 Legal & Regulatory Compliance (AML/CTF)

  • Customer Due Diligence (CDD)
  • Enhanced Due Diligence (EDD)
  • Identity verification
  • Sanctions screening
  • PEP screening
  • Fraud prevention and detection
  • Regulatory reporting to authorities
  • Record keeping obligations
  • Responding to law enforcement requests

5.3 Business Operations

  • Internal audits
  • Risk management
  • Staff training and quality monitoring
  • Complaint handling
  • Service improvement

5.4 Security & Crime Prevention

  • CCTV monitoring
  • Call recording if required
  • Fraud detection systems
  • Prevention of financial crime

6. Legal Basis for Processing (UK GDPR)

We only process your personal data when we have a lawful basis:

6.1 Legal Obligation (Primary Basis for AML)

We process data where required under:

  • Money Laundering Regulations 2017
  • Proceeds of Crime Act 2002
  • Terrorism Act 2000
  • HMRC requirements
  • Financial sanctions regulations

Note: This includes identity verification, monitoring, and reporting.

6.2 Contractual Necessity

We process your data to:

  • Provide requested financial services
  • Complete transactions
  • Manage your customer relationship

6.3 Legitimate Interests

We may process data to:

  • Prevent fraud and financial crime
  • Secure our premises and systems
  • Improve operational efficiency and reduce risks
  • Investigate disputes or complaints

We balance these interests against your rights.

6.4 Consent

We rely on consent only for:

  • Marketing communications
  • Promotional messages
  • Optional surveys

You may withdraw consent at any time.

7. AML & Identity Verification Requirements

As a regulated Money Service Business, we are legally required to:

  • Verify your identity before providing services
  • Collect and retain identification documents
  • Screen customers against sanctions and PEP lists
  • Monitor transactions for suspicious activity

If you do not provide required information:

We may be unable to provide services and may decline or terminate the transaction.

Collection of Identification Documents Is a Legal Requirement, Not a Matter of Consent

When you provide identification documents to open an account or carry out a transaction, this is not done on the basis of your consent. It is processed under our legal obligation as a regulated Money Service Business under the Money Laundering Regulations 2017, the Proceeds of Crime Act 2002, and the Terrorism Act 2000. The right to withdraw consent does not apply to this processing, and we are required to collect, verify, and retain these documents regardless of any objection. This is consistent with Section 6.1 of this Policy (Legal Obligation as the primary basis for AML processing).

8. Automated Decision-Making

We may use automated systems for:

  • Sanctions screening
  • Fraud detection
  • Risk scoring
  • AML monitoring alerts

Some outcomes may be reviewed manually where required.

We do not make final adverse decisions affecting customers solely based on automated processing without human review where legally required.

9. Who We Share Your Data With

We may share your personal data with:

  • HM Revenue & Customs (HMRC)
  • National Crime Agency (NCA)
  • UK law enforcement agencies
  • Financial institutions and payment providers
  • Fraud prevention agencies
  • Sanctions and screening providers
  • Regulators and supervisory authorities
  • External auditors and professional advisers

We may also share data where legally required or permitted.

We do not sell your personal data.

10. International Data Transfers (Money Transfer Services Only)

Your data may be transferred outside the UK where necessary.

When this occurs, we ensure safeguards such as:

  • UK International Data Transfer Agreement (IDTA)
  • UK Addendum to EU Standard Contractual Clauses
  • Appropriate technical and organisational security measures
  • Transfer risk assessments where required

11. Data Retention

We retain personal data only as long as necessary.

AML Retention Requirements

  • Customer due diligence records: minimum 5 years after relationship ends
  • Transaction records: minimum 5 years
  • Regulatory records: as required by law

Other Retention Periods

  • CCTV footage: 30 days
  • Complaint records: 5 years

After retention periods, data is securely deleted or anonymised.

12. Data Security

We implement appropriate security measures including:

  • Access controls and staff permissions
  • Secure IT systems
  • Encryption where appropriate
  • Secure storage of physical documents
  • Staff training and confidentiality obligations
  • CCTV-controlled premises

Despite safeguards, no system is completely secure.

13. CCTV & Call Recording

We use CCTV for:

  • Crime prevention
  • Customer and staff safety
  • Regulatory compliance

We may record telephone calls for:

  • Training and quality assurance
  • Fraud prevention
  • Regulatory compliance

14. Your Rights Under UK GDPR

You have the following rights:

  • Right of access to your data
  • Right to rectification of inaccurate data
  • Right to erasure (where legally permitted)
  • Right to restrict processing
  • Right to object to processing
  • Right to data portability
  • Right to withdraw consent (where applicable)

Important AML Limitation

Some rights may be restricted where we must comply with AML/CTF legal obligations or regulatory investigations.

15. How to Exercise Your Rights

You may contact us using:

  • Email: info@rakmoneyexchange.com
  • Telephone: 0208 503 5222
  • Address: 40 High Street North, East Ham, London E6 2HJ

We will respond within one calendar month, as required by UK GDPR.

16. Marketing Communications

We will only send marketing communications where permitted by law.

You may opt out at any time via:

  • Email unsubscribe link
  • Contacting us directly
  • In-branch request

17. Complaints

If you are unhappy with how we handle your data:

Contact Us First

  • Email: info@rakmoneyexchange.com
  • Telephone: 0208 503 5222
  • Address: 40 High Street North, East Ham, London E6 2HJ

ICO Complaint

You may also contact:

Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113

Website: https://ico.org.uk/

18. Updates to This Policy

We may update this Privacy and GDPR Policy from time to time. The latest version will always be available at:

Our Branch Premises

  • 40 High Street North, East Ham, London E6 2HJ
  • 8 Station Parade, High Street North, East Ham E6 1JD
  • 414 Cranbrook Road, Gants Hill, Ilford IG2 6HW

Our Website

www.rakmoneyexchange.com

en English
X
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu

Copyright © 2022 RAK TRADERS LTD

Terms & Conditions

Privacy Policy

Cookies Policy