JavaScript is disabled

For full functionality of this site it is necessary to enable JavaScript in your web browser. Click the button below for instructions on how to enable JavaScript, then refresh the page.

Instructions

Your browser is unsupported

You'll need to upgrade to a modern web browser to access this site. Click below to see some options.

View Browsers

Privacy Policy

Last Updated: 20/01/2025

At Hnry, we are committed to protecting and respecting your privacy.

1. OUR APPROACH TO PRIVACY

This privacy policy sets out how we collect, store, process, transfer, share and use data that identifies or is associated with you (“personal information”) when you use our websites (including hnry.co.uk, hnry.com, hnry.com.au, hnry.co.nz, and hnry.io, or any other website operated by Hnry), our app(s), and any services that we provide, including the promotion, administration, and operation of accounting and taxation automation services (together, the “Services”), and/or when you enter into a commercial relationship with us or otherwise interact with us.

2. ABOUT US

This privacy policy is issued on behalf of the Hnry group of companies, which includes the following companies:

Controller Name Country of registration (and no.) Registered address
Hnry (UK) Limited England and Wales (14307093) 35-41 Folgate Street, London, United Kingdom, E1 6BX
Hnry (Australia) Pty. Limited Australia (ABN 88 637 624 072) L 17, 477 Pitt St, Haymarket New South Wales 2000
Hnry Limited New Zealand (6251417) Level 2, 45 Johnston St, Wellington Central, Wellington 6011, New Zealand

(together “Hnry”, “we”, “our”, or “us”).

Hnry is the data controller of the personal information we hold about you. Hnry (UK) Limited is registered as a data controller with the Information Commissioner’s Office (“ICO”) under the data protection registration number ZB526140.

3. PERSONAL INFORMATION WE COLLECT ABOUT YOU AND HOW WE USE IT

The table at Annex 1 below sets out the categories of personal information we collect about you and how we use that information. The table also lists the legal bases on which we rely to process the personal information.

More generally, we:

  1. collect personal information that you voluntarily submit to us, such as your name, contact details, personal tax and/or government identifier and address, when you sign up to and use the Services, or otherwise interact with us;
  2. collect personal information that you are required to provide us as part of our, and our e-money issuer’s, client onboarding procedures and for us to comply with our and their regulatory responsibilities and/or policies and procedures (such as Know Your Client (“KYC”) and Know Your Business (“KYB”) and anti-money laundering requirements);
  3. collect your contact details and account preferences to deliver relevant marketing materials to you, invite you to events and other functions we believe may be of interest to you and measure or understand the effectiveness of the information we provide to you; and
  4. may also collect certain personal information automatically, including in relation to how you access and use our Services, technical information regarding the device you use to access our website(s) and app(s) and the way in which you interact with our marketing (such as whether you open these).

We use the information we collect about you to provide our Services to you, correspond with you, perform our agreements with you, comply with our and our e-money issuer’s regulatory responsibilities and/or policies and procedures (such as KYC, KYB and anti-money laundering requirements), carry out marketing activities and our day-to-day business activities and operations.

We may link or combine the personal information we collect about you and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.

You may also provide us with personal information, such as your contact details, when interacting with Hnry generally by email, over the phone, at online and physical events or in the course of your and/or your company’s business activities. We will indicate to you where the provision of certain personal information is required for us to provide you with certain services. If you choose not to provide such personal information, we may not be able to provide the services you have requested.

Special categories of personal information

We do not generally seek to collect sensitive (or “special category”) personal information (which are racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, or biometric data for the purpose of uniquely identifying a person, data concerning health or data concerning a natural person’s sex life or sexual orientation). However, we may process such special category personal data where you have voluntarily chosen to submit that information to us and/or our Services. We will not share this data with anyone other than in accordance with this privacy policy, and we will store such information in accordance with our data retention practices (see section 5 below).

Social media login

Please note that if you create an account using social media login details (e.g. Google or Apple), you give permission to that social media platform to share with us your name and email address.

4. ANONYMOUS DATA

We may anonymise and aggregate any of the personal information we collect about you (so that it does not directly identify you). We may use anonymised information for purposes that include testing our systems, research, data analysis, improving our service, promoting our service and developing new products and features. We may also share such anonymised information with others.

5. DATA RETENTION

We will store the personal information we collect about you for no longer than necessary for the purposes set out in Annex 1 in accordance with our legal obligations and legitimate business interests.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, as well as the applicable legal, regulatory, tax, accounting or other requirements.

6. RECIPIENTS OF PERSONAL INFORMATION

We may share your personal information with the following categories of recipients (as required in accordance with the uses set out in Annex 1):

  1. The e-money issuer: the e-money issuer will need your personal information as it is responsible for safeguarding the e-money in your Hnry account and managing the payments into and out of it at our instruction. The e-money issuer of your Hnry account is PrePay Technologies Limited (“PPT”). We may need to share certain of your personal information with PPT in order that they can monitor compliance with their and our regulatory obligations. Please ensure that you have read PPT’s privacy policy so that you understand what personal information they collect about you and how they use it.
  2. Service providers: we may share your personal information with third-party vendors and other service providers that perform services for us or on our behalf, which may include providing the following services: messaging and communications, marketing, CRM, customer support, surveys, receipt and invoice scanning, database, fraud prevention, cyber security, system monitoring, error tracking, web and cloud hosting, storage, payment, advertising, analytics and reporting.
  3. ID verification provider(s): we share your personal information with our ID verification and fraud prevention provider(s) as needed to carry out KYC, KYB verification, anti-money laundering, compliance (including sanctions, PEP and adverse media) and other background checks as needed.
  4. Payment recipients (including tax authorities): as part of the Services, we will need to share your personal information (including your tax/contributions/loans/repayment details) with the relevant tax authorities/pension providers/insurers/lenders (and other relevant payment recipients) to which you owe and/or are required to provide payments.
  5. Professional advisors: we may share your personal information with our lawyers, accountants, insurers and other professional advisors to the extent we need to (for example, to defend ourselves against legal claims).
  6. Business partners: we may share your personal information (such as contact details) with our business partners where this is necessary in the normal course of our business.
  7. Purchasers and third parties in connection with a business transaction: your personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
  8. Research agencies (of their respective partners): if you have agreed to participate in a research group, user testing, collaboration exercise, questionnaire regarding the service, focus group or similar-type project in respect of the service, we may share certain information of yours with the research agency or our business partner (and/or their respective partner as appropriate) that requires your information as part of that project.
  9. Law enforcement, regulators and other parties for legal reasons: we may share your personal information with third parties as required by law or if we reasonably believe that such action is necessary to (i) recover debts owed to us; (ii) comply with the law and the reasonable requests of law enforcement; (iii) detect and investigate illegal activities, unlawful activity and/or breaches of agreements; and/or (iv) exercise or protect the rights, property, or personal safety of Hnry, its clients or others.
  10. Other members of the Hnry group: we may share your personal information with our group affiliates (for example, where they provide services on our behalf) or where such sharing is otherwise necessary in accordance with the uses set out in Annex 1.

7. MARKETING AND ADVERTISING

Email marketing

From time to time, we may contact you with information about our Services and/or Hnry. We may also send you information regarding our other products and services we may offer from time to time, updates, offers, discounts and similar marketing, which we believe you may be interested in.

Most marketing messages we send will be by email. For some marketing messages, we may use personal information we collect about you to help us determine the most relevant marketing information to share with you.

We will only send you marketing messages if you have given us your consent to do so, unless consent is not required under applicable law. Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of our processing based on consent before its withdrawal. In any case, you have the right to opt out of receiving electronic marketing communications from us by clicking on the ‘unsubscribe’ link at the bottom of our marketing communications.

Interest-based advertising

We may also participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your online browsing history and your interests. To do this, we or our advertising partners may collect information about how you use or connect to our websites or apps, social media services, or content and ads that you (or others using your device) visit so that we or our advertising partners may play or display ads on our websites or apps you may use, and on other devices you may use.

To learn about interest-based advertising and how you may be able to opt out of some of this advertising and to limit some third-party advertising cookies, you may wish to visit:

8. STORING AND TRANSFERRING YOUR PERSONAL INFORMATION

Security. We implement appropriate technical and organisational measures to protect your personal information against accidental or unlawful access destruction, loss, alteration or damage. All personal information we collect will be stored on our secure servers. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, bank account details or national identification numbers.

Hnry takes reasonable steps to ensure the following:

  1. that personal information we collect is accurate, up-to-date, complete, and relevant;
  2. protect personal information from misuse, interference, and loss and from unauthorised access, modification, or disclosure by using an appropriate level of online security. Where appropriate, we have put in place SSL (Secure Socket Layer) or TLS (Transport Layer Security) encryption technology to protect information transmitted from the Services. We also require a username and password from each user who wishes to access the information held in their Hnry account and other areas on the Services;
  3. de-identify or delete personal information that is no longer necessary;
  4. maintain physical security over our paper and electronic data stores; and
  5. we have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We cannot guarantee the security of information transmitted via the internet. As such, transmission of personal information via the internet is at your own risk and we cannot be held responsible for the security of such information. This includes transmission of your personal information to us from third parties via the internet.

International Transfers of your Personal Information. The personal information we collect may be transferred to and stored in countries outside of the UK where our group companies, third-party service providers, advisors or business partners have operations. These international transfers of your personal information will be made pursuant to appropriate safeguards, such as adequacy decisions or the appropriate standard data protection clauses. If you wish to enquire further about the safeguards used, please contact us using the details set out at the end of this privacy policy.

9. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL INFORMATION

In accordance with applicable privacy law, you have the following rights in respect of your personal information that we hold:

  1. Right of access. You have the right to obtain access to, and a copy of, your personal information.
  2. Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another data controller.
  3. Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information we hold about you without undue delay.
  4. Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not lawful or justified.
  5. Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.
  6. Right to withdraw consent. If you have provided consent to any processing of your personal information, you have a right to withdraw that consent, but without affecting the lawfulness of our processing based on consent before its withdrawal.

You also have a right to object to any processing based on our legitimate interests in certain circumstances. You can also object to our direct marketing activities for any reason by clicking the “unsubscribe” link set out in any marketing communication you receive.

Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, or charge a reasonable fee, where exceptions under the applicable law apply.

If you wish to exercise one of these rights, please contact us using the contact details at the end of this privacy policy or via the in-app settings.

We would of course prefer that you contact us first if you have any complaints or concerns regarding how we have used your personal information.

However, you also have the right to lodge a complaint to your national data protection authority. The below list sets out the relevant authority and their respective website, depending on where you are located:

Location Data protection authority Contact details available at:
UK Information Commissioner’s Office https://ico.org.uk/
Australia Office of the Australian Information Commissioner https://www.oaic.gov.au/
New Zealand Office of the Privacy Commissioner for NZ https://www.privacy.org.nz/

10. AUTOMATED DECISION-MAKING

We sometimes use algorithms to make decisions on our behalf. This is referred to as automated decision-making. We use automated decision-making for the following purposes:

  1. To assess your application for an account. Our, or our third-party service providers’, algorithms assess your suitability for an account with us based on the results of our ID and compliance checks (including anti-money laundering and sanctions checks). This means that we may automatically decide that you present a fraud or money-laundering risk or pose a risk to us in terms of breaking financial sanctions, in which case we will reject your application for an account.
  2. To detect and prevent fraud. Our, or our third-party service providers, algorithms may freeze a transaction or account if we suspect fraud or money laundering against Hnry, our customers or any relevant third parties. Such decisions are based on patterns in our data, such as the Hnry account being used in a way that fraudsters work.

Subject to any applicable law or regulatory requirement which provides otherwise, you can ask for a member of the team to review an automated decision using the contact details set out below.

11. COOKIES AND SIMILAR TECHNOLOGIES

Hnry uses cookies and similar tracking technologies to ensure the efficient operation of our website(s) and app(s) and enhance your user experience. Certain technologies are necessary for technical reasons, such as keeping track of your current session and enabling secure transactions. We also include optional cookies for analytics, marketing and personalised content. Please refer to our Cookie Policy for more information as to the way in which we use cookies and similar technologies on our Services.

12. CHILDREN

The Services are not intended for children, and we do not knowingly collect data relating to children. You are not permitted to use the Services if you are under 18 years of age.

If we learn we have collected or received personal information from an individual under 18, we will promptly delete that information. If you have any information from or about a child under 18, please contact us using the contact details provided below.

Our website(s), app(s), terms and policies may, from time to time, contain links to and from third-party websites, including those of our business partners, advertisers, news publications and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to the relevant site.

14. CHANGES TO THIS POLICY

We may update this privacy policy from time to time and so you should review this page periodically. When we change this privacy policy in a material way, we will update the “last modified” date at the end of this privacy policy. Changes to this privacy policy are effective when they are posted on this page.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new address or email address.

15. NOTICE TO YOU

If we need to provide you with information about something, whether for legal, marketing or other business-related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on our website (or both). The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this privacy policy.

16. CONTACTING US

If you have any questions, comments and requests regarding this privacy policy, you can contact us using one of the following methods:

By post:

FAO: Privacy Officer
35-41 Folgate Street
London,
United Kingdom
E1 6BX

By email: privacy@hnry.co.uk

ANNEX 1

PERSONAL INFORMATION WE PROCESS AND THE PURPOSES AND THE LAWFUL BASES FOR PROCESSING

Category of personal data Purpose of Processing Lawful basis for processing
Contact Data (including name, billing address, email address, postal address and telephone number) Hnry Account Data (including account name and account number) Identity Data (including first name, last name, any previous names, date of birth and copy of identification documentation or personal tax and/or government identifier) Communications Data (any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us) Transaction Data (including details of the Services which you require from Hnry, payments made to and from you in connection with the Services, identity of your customers (as applicable)) Financial Data (including billing and payment details (such as payment status and bank account details) and tax number(s)) To assist you in creating an account. To register you with the Services. To enable you to use our Services (including accounting and tax services, ensuring appropriate amounts are deducted from your Hnry account, duly paying payment recipients (including relevant tax authorities), returning the money due to your designated bank account, and retaining payment for your use of the Services provided). To communicate with you as needed in relation to the Services. To develop, monitor and improve the Services. To administer your account (including sending you information regarding changes to our policies, other terms and other administrative information such as reminders, technical notices, updates and security alerts). Such processing is necessary to perform our contract with you or in order to take steps at your request prior to entering into a contract. Otherwise, such processing is necessary to pursue our legitimate interests in providing you with our Services.
Contact Data and Identity Data To carry out KYC, KYB, anti-money laundering, compliance (including sanctions, adverse media and PEP) and other background checks when onboarding you as a customer and periodically to ensure the results of such checks have not changed since onboarding and, where necessary, share this with other financial institutions and regulatory bodies to comply with relevant laws. Compliance with a legal obligation. Otherwise, such processing is necessary for the performance of our contract with you or, if not applicable, such processing is in our legitimate interests to carry out the necessary KYC, anti-money laundering and other background checks in order to provide our Services.
Hnry Account Data Contact Data Financial Data and Transaction Data To communicate customer and payment data with the payment recipient(s) (including relevant tax authorities) in order to pay the relevant amount due to the payment recipient(s). Such processing is necessary for the performance of our contract with you or in order to take steps at your request prior to entering into a contract. Otherwise, such processing is in our legitimate interests to provide our Services to you.
Contact Data Identity Data Financial Data To verify the bank account, into which a payment will be sent to, is owned by you or under your control or authorisation. To send the remainder of your income into that designated bank account. Such processing is necessary for the performance of our contract with you or in order to take steps at your request prior to entering into a contract.
Financial Data and Transaction Data To take payment for our Services and keep a record of our transactions with you. To pursue our legitimate interests (to fulfil our contract with you, recover debts due to us, to pay refunds or compensation owed to you and to prevent us facilitating fraud).
Hnry Account Data Contact Data Identity Data Financial Data and Transaction Data To monitor transactions into the e-money account for unexpected transfers. To investigate source of funds and / or suspicious activity as necessary. Compliance with a legal obligation. Otherwise, it is in our and your legitimate interests that we carry out fraud, anti-money laundering and similar checks (for suspicious activity or otherwise) to prevent you and us being defrauded and for the prevention of unlawful activity.
Technical information (including IP address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, preferred language, activities, operating system and platform, and geographical location); and Usage data (including clickstream to, through and from the website, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), date and time pages are accessed, and website navigation and search terms used). To administer our Services including resolving technical issues, troubleshooting, data analysis, testing, research, statistical and survey purposes. To improve our Services to ensure that content is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access our website or app. To help create and maintain a trusted and safe environment on our Services. To ensure that you are provided with marketing and advertising that is in line with your preferences and appropriate location. Consent (to the extent required under applicable laws). Where consent is not required, such processing will be carried out on the basis of our legitimate interests to improve our website, app and Services, provide a safe and secure environment for our customers, resolve issues for customers and develop and grow our brand.
Marketing Data (your preferences regarding receiving marketing from us). Communications Data Technical and Usage Data Contact Data Identity Data To send you marketing and advertising (including sending you newsletters and measuring the effectiveness of our marketing). To contact you to help us with market research. Consent or, where consent is not required under applicable law, it is in our legitimate interests to market relevant products and services in order to promote and grow our business. It is also in our legitimate interests to request your feedback, or invite you to participate in a research (or similar) project in order to improve our services, better understand the needs of our customers, enhance the user experience and grow our brand.
Contact Data Communications Data Marketing Data Transaction Data To respond to queries and complaints and provide you with information and materials that you request from us. To carry out surveys and/or ask for feedback with a view to improving our Services. It is in our legitimate interests to respond to your queries and provide any information and materials requested in order for you to have a positive experience with us and to maintain good customer relations. It is in our legitimate interests to understand how our users feel about our Service so we can take steps to improve this.
Contact Data Identity Data Marketing Data Technical and Usage Data To administer and protect our business and our Services (including troubleshooting, fraud prevention, IT security, data analysis, testing, system maintenance, support, reporting and hosting of data) It is in our legitimate interests to monitor the Services and resolve errors to ensure that everything functions properly. To comply with our legal and regulatory obligations under applicable law. It is also in our legitimate interests to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us.
Contact Data Marketing Data Technical and Usage Data If you have agreed to participate in a research group, user testing, collaboration exercise, questionnaire regarding our Services, focus group or similar-type project in respect of our Services, we may use certain information of yours and where relevant share it with the research agency or our business partner (and / or their respective partner as appropriate) for the purposes of that project. Such purposes may include (but are not limited to):
  • analysis of data (e.g. output or feedback) for the purposes of the project
  • determining whether you have participated in accordance with our rules or terms (or the rules or terms of the relevant third party)
 It is in our legitimate interests (and the legitimate interests of the third party conducting the research) to ensure the project is conducted appropriately and successfully and, ultimately, to improve our Services, better understand the needs of our customers, enhance the customer experience, inform our marketing strategy, gather feedback and / or develop and grow our brand.
Contact Data Telephone Recordings To record your calls with our customer services team to comply with applicable laws or otherwise as permitted by law. Compliance with a legal obligation. Otherwise, to pursue our legitimate interests to establish the existence of facts relevant to the business (e.g. to keep a record of instructions given over the phone) and to monitor that our training and quality standards are being maintained.
If you are representing a business, work contact details such as your name, surname, email address, telephone number, job title, mailing address/place of work. To enter into a business relationship with you and to manage our ongoing business relationship with you. Such processing is in our and your legitimate interests to enter into, and manage, a business relationship with you and ensure the organisation you represent is provided with our services in accordance with our contract with that organisation.
Any and all personal data mentioned above. Compliance with any legal and/or regulatory requirements. To exercise or protect the rights, property, or personal safety of Hnry, its customers, staff or others. Compliance with a legal obligation. To pursue our legitimate interests in protecting the rights, property, or personal safety of Hnry, its customers, staff or others (including for the purpose of establishing, exercising or defending our legal rights).