Skip to main content
FP·EDITORIAL · VOL. III · ISSUE 14 · UNITED STATES · MAY 2026 last sweep 2026-05-14 · 142 programs scored · 1 defunct
fintechpays Editorial · independent · est. 2026

Privacy · United States

methodology v3.2 · audited apr '26

iso 27001 · CompaniesHouse #OC4451x

Editorial · Data protection

Privacy policy.

FintechPays Editorial Co., UK LLP (Companies House #OC4451x) publishes editorial fintech reviews at fintechpays.com. This document describes what data the site collects from you (almost nothing), how we use it (mostly we don't), and your rights under UK GDPR and the EU General Data Protection Regulation. It is written in plain language because the underlying answer is simple: we are an editorial publisher, not a data business.

Who we are

FintechPays Editorial Co., UK LLP (Companies House #OC4451x), a UK limited liability partnership, is the data controller for any personal data this site processes. Our editorial contact is editorial@fintechpays.com. Privacy-specific requests can be sent to the same address with "Privacy" in the subject line.

What we collect

Almost nothing. The site has no contact form, no comment system, no newsletter sign-up, no account creation, no payment flow, and no third-party analytics platform. We do not set tracking cookies. We do not embed Facebook, Google Tag Manager, or any session-recording script.

The single piece of data the site stores on your device is a localStorage key called fp-theme, which records whether you selected the light or dark theme via the masthead toggle. This is functional storage, not tracking; it never leaves your browser, never reaches our servers, and never reaches any third party. Under UK GDPR + PECR this falls within the "strictly necessary for the service" exemption, which is why we do not display a cookie banner — there is nothing to consent to.

What our host sees

fintechpays.com is served via Cloudflare. Cloudflare's edge network logs the IP address, user agent, and request path of every visitor — this is standard server-log data, retained by Cloudflare for fraud and DDoS protection per their privacy policy. We do not export, mirror, or analyse those logs. If a security incident requires us to inspect logs, we will do so under UK GDPR Art. 6(1)(f) "legitimate interest" basis and retain only what the incident requires.

We do not run our own analytics platform on top of those logs. We do not enable Cloudflare's Web Analytics product. The first-party request counts shown in our Cloudflare dashboard come from edge logs, not from any cookie or fingerprint on your device.

Affiliate links + third-party sites

FintechPays earns commissions when a reader clicks an affiliate link and completes an action on the partner's site. The compensation arrangement is disclosed above every page via the affiliate disclosure stripe, on every program card via the ¶ affiliate caption, and in detail at /disclosure/.

When you click an affiliate link, you leave fintechpays.com and enter the partner's site, where the partner's own privacy policy and tracking practices apply. We do not control what the partner does. We do not insert tracking pixels on your behalf, and we do not receive personally identifiable information back from the partner — only aggregate, attributed conversion counts under each partner's affiliate-program terms.

Your rights under UK + EU GDPR

You have the following rights regarding any personal data we process about you:

  • Right of access — request a copy of any personal data we hold about you
  • Right to rectification — ask us to correct inaccurate data
  • Right to erasure ("right to be forgotten") — ask us to delete your data
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing on legitimate-interest grounds
  • Right to lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or, if you are EU-based, your member state's data-protection authority

Because the site does not collect personally identifiable information from you in the ordinary course, most rights requests will reach the same conclusion: we have nothing to access, rectify, erase, or restrict. We will respond to any request within one calendar month of receipt to confirm what we hold (typically none) and explain why.

International transfers

Cloudflare operates a global edge network — your requests are served from whichever data centre is geographically closest. The associated server logs may be transiently stored in any Cloudflare data centre, including outside the UK or EU. Cloudflare's published Data Processing Addendum and Standard Contractual Clauses cover these transfers.

Children

FintechPays publishes content about regulated financial products typically restricted to adults (prop trading, crypto exchanges, business banking, credit cards). We do not knowingly direct any of our content at children under 16 and do not knowingly collect data from anyone under 16. If you believe we have inadvertently received data from a child, contact editorial@fintechpays.com and we will delete it.

Changes to this policy

If we make material changes — for example, if we add a newsletter, a contact form, an analytics platform, or any other system that processes personal data — we will publish a revised policy here with a new "last reviewed" date and a short summary at the top of this section describing what changed.

Dates

  • Policy prepared:
  • Last reviewed:
  • Next scheduled review: , or sooner if data flows change

Editorial signatures and issue metadata

Edited by

Maren Holst

Senior Editor

Signed · M.HOLST

Fact-checked by

Asha Devi

Standards Desk (Fact-Checker)

Signed · A.DEVI

Issue meta

vol iii · iss 14

published 2026-03-12

last sweep 2026-05-14

methodology v3.2 · audited apr '26

Companies House #OC4451x