Robinhood Europe, U.A.B. Privacy Policy (EU) | Robinhood

Robinhood Europe, U.A.B. Privacy Policy (EU)

Effective: October 28, 2024

This Privacy Notice sets out how your Robinhood entity, together with its parent company, Robinhood Markets, and affiliates, collects, uses, discloses, transfers, stores, retains or otherwise processes your personal data in connection with our websites, apps, and other interactions (such as when you contact us or communicate or interact with us, for example via our pages or brand on social media websites, when you participate in offers, competitions, contests, sweepstakes or similar, when you participate in market research) in relation to our services (including when you are a prospective customer, customer or former customer (“Customer”)).

  • If your Country of Residence is within the European Economic Area (“EEA”), your Robinhood entity is Robinhood Europe, UAB

  • If your Country of Residence is the United Kingdom, your Robinhood entity is Robinhood U.K. Ltd.

If you are a customer residing in the United States, please refer instead to our United States Privacy Notice available here. This Privacy Notice also describes your data protection rights, including a right to object to some of the processing which we carry out in certain circumstances.

We also may provide you with additional information when we collect personal data where we feel it would be helpful to provide relevant and timely information.

You may contact us at any time using the information set out in the “How to Contact Us” section.

1. INFORMATION WE COLLECT AND HOW WE COLLECT IT

We process personal data about you when you use our website, apps, and when you interact with us in relation to our services, This includes:

  • Information you provide to us and information relating to your communication, such as information you submit via forms on our websites and apps and in surveys and focus groups and information you provide us if you contact us and information relating to our handling of your communication.

  • Usage and tracking information. We automatically collect certain types of usage and device information when you use our services or interact with our emails. This includes device identifiers (like IP address or mobile device identifiers), browser type, Internet service provider, platform type, device type, operating system, pages or features you use, time and date of access, unique device or account ID, usage information and other similar information. We collect this information using cookies and other technologies as described in our Cookie Policy.

In relation to information you provide us, the provision is optional, but if it is not provided this may affect your ability to receive certain services or take part in certain activities where the information is needed for those purposes.

Information about other sources of personal data is set out in the next Section.

We process the following categories of personal data in connection with our Customers and our services:

  • Identity and contact data, such as your name, date of birth, National Insurance number, email address, mailing address, telephone number, marital status, other data from government-issued identification documents, and facial images for verification and authentication purposes.

  • Financial data, such as your bank account and payment card details, and information about your income, account balances, securities holdings, financial transaction history, credit history, and tax information.

  • Profile data, such as your username and password, your knowledge assessment results, and your interests and preferences.

  • Marketing and advertising data, such as participation in focus groups, survey responses, contests/sweepstakes, your marketing choices, information regarding your preferences or attributes based on your use of our services, customer profiles and segments based on characteristics and combinations of characteristics, such as financial transaction history and holdings, and your interactions with advertising and marketing communications.

  • Customer support and communication data, such as your feedback and interactions with our customer support teams and other communications you have with us.

  • Service and transactional information. When you receive, submit, or complete a transaction via the services, we collect information about the transaction, such as transaction amount, type and nature of the transaction, and time and date of the transaction.

We collect information you directly provide when you use our services. For example, data is collected through application and sign ups, obtained from your use of our service, from forms completed by you, and from correspondence with you. Information about other sources of personal data is set out in the next Section.

Where we collect personal data to administer our contract with you or to comply with our legal obligations, this is mandatory and we will not be able to provide our services without this information. In other cases, provision of the requested personal data is optional, but this may affect your ability to procure or access certain functionalities or services where the information is needed for those purposes.

2. THIRD PARTY SOURCES

Where you are a website or app user, we collect information from advertising partners in connection with our ad campaigns that have surfaced on other platforms, such as the ads you clicked on and other interactions with our ads.

When you participate in research, we obtain information that you provide our service providers and partners that are assisting us with market research from those service providers and partners as well as their analysis in relation to research contributions. When you participate in offers, competitions, contests, sweepstakes or similar that we offer, we collect participation data from service providers and partners that we work with in relation to the offer or competition.

When you communicate or interact with us, our pages or brand on social media websites, we collect information about your communication or interaction from social media companies and service providers we engage in order to provide us analytics in relation to our social media pages and presence.

In relation to our Customers and services, we also obtain information about you from third party sources as described below.

  • Vendors and business partners. We collect contact and account information from technical, currency, payment and delivery service providers, fraud risk ratings, sanctions status, and related information from anti-fraud, anti-money laundering and sanctions reporting service providers, results of verification checks from providers of identity verification and related services, and attributes and interactions with different digital properties and advertisements from analytics and advertising service providers. We also use Google autofill features to help complete addresses during onboarding.

  • Financial account linking. We support account linking and aggregation services through a third-party provider. We may receive details about your relationship and accounts with your linked financial institution.

  • Connected services. If you link, connect, or log in to your Robinhood account with a third-party service (e.g., Google, Apple), the third-party service may send us information such as your profile information from that service. This information varies and is controlled by that service or as authorised by you via your privacy settings at that service. We may also collect location data through these services if this feature is enabled.

  • Publicly available data, such as contact information, social media content made public, sanctions lists and similar information.

3. OUR PURPOSES FOR PROCESSING PERSONAL DATA

We have to have a legal basis to process your personal data. We explain these legal bases below alongside the purposes for which we process your data.

  • Consent: In certain limited cases, we ask for your consent to use your personal data. Whenever we ask with your consent, we will explain the situations where we use your personal data and for what purposes.
  • Contractual performance: We have obligations under our contract with you, depending on the nature of the contract. To fulfil these obligations we have to use your personal data.
  • Legitimate interests: We can process your personal data when this is necessary for us to achieve a business purpose, or where this is necessary for someone else to achieve their purpose. We explain below what interests we, or others, are trying to achieve when we process your data. Where we process personal data on the basis of a legitimate interest, then—as required by data protection law—we have carried out a balancing test to document our interests, to consider what the impact of the processing will be on individuals and to determine whether individuals’ interests outweigh our interests in the processing taking place. You can obtain more information about this balancing test by using the contact details at the end of the notice.
  • Legal obligation: As an organisation we have obligations to comply with legal, regulatory, and other requirements under EU/EU Member State or UK laws (as applicable). In certain cases, we will have to use your personal data to meet these obligations.

In relation to website and app users, individuals that interact with us, our pages or brand on social media websites, individuals that participate in offers, competitions, contests, sweepstakes or similar and individuals that participate in market research:

Purpose of ProcessingLegal Basis
Processing account applications, providing products and services to our customers, managing customer accounts and billing, providing contractually required service, relationship or transactional information and otherwise performing our obligations under our contract with youContractual necessity
Administering and facilitating contests, sweepstakes, and promotions and processing and delivering entries and rewards in accordance with the terms of the contest, sweepstake or promotionContractual necessity
Managing our relationship with you, which includes notifying you about changes to our terms or this Privacy NoticeLegitimate interests
Marketing and business development activities and analysis, including analysis to understand what products and services may be of interest to you and others for direct marketing and advertising purposesLegitimate interests
Sharing personal data (such as email address and account status) with third party ad platforms for ad attribution and conversion tracking purposes and to enable the third party ad platform to improve ad targetingLegitimate interests
Handling and responding to queries, comments, complaints and other communications you send usLegitimate interests
Understanding how visitors engage with our services and monitoring, improving and optimising the performance of our services and developing the services we offerLegitimate interests
Identifying and managing financial, regulatory and reputational riskLegitimate interests
Meeting legal requirements in other jurisdictions, including required disclosures to any regulatory, prosecuting, law enforcement, tax or governmental authorities, courts or tribunalsLegitimate interests
Meeting requests from any regulatory, prosecuting, law enforcement, tax or governmental authorities, courts or tribunalsLegitimate interests
In connection with protecting and enforcing the rights, property, security or safety of us, our business, our customers or others, including investigating and helping to prevent fraud or other unlawful activityLegitimate interests
Information security purposes (including detecting, investigating, monitoring, remediating and/or preventing security or cyber incidents) and detecting and preventing fraudLegitimate interests
In connection with establishing, exercising or defending legal claims, including enforcing and carrying our contracts and agreementsLegitimate interests
For compliance, regulatory, audit and investigative purposesLegitimate interests
Personalising our services, including by suggesting and customising content in the app based on your interactions with Robinhood servicesLegitimate interests
Personalised advertising when permitted by your privacy choicesConsent
Sharing your device ID with third party ad platforms for ad attribution and conversion tracking purposes and to enable the third party ad platform to improve ad targetingConsent
Sending you direct marketing by in app messaging,email and SMS , including newsletters, product announcements, partner offerings, surveys, contests or sweepstakes, events, or announcementsConsent
Using cookies or similar technologies for the purposes explained in our Cookie PolicyConsent
Complying with UK legal requirements, including those associated with being a regulated broker-dealer, such as requirements in relation to ”know your customer,” anti-fraud and anti-money laundering, audit and reporting, maintenance of accounting and tax records, sanctions checking/screening, anti-terrorism laws and regulations and fighting crime, politically exposed persons screening, and international tax reportingLegal obligation
Making legally required disclosures to any regulatory, prosecuting, law enforcement, tax or governmental authorities, courts or tribunalsLegal obligation

4. DISCLOSURES OF YOUR PERSONAL DATA

We are committed to maintaining your trust, and we want you to understand when and with whom we share information about you. We share personal data about you in the instances described below.

  • Third-party service providers. We share information about you with our third-party service providers that perform services for us, such as fraud and crime prevention services, and sanctions screening, advertising and market research services, mailing services, tax and accounting services, customer support and account management services, backend engineering services, contest fulfilment services, market research services, web, platform and data hosting services and analytics services. We use an identification verification service provider to determine using biometric means (based on your consent) whether a selfie you take matches the photo in your government-issued identification and to gather information needed for any manual identity verification we carry out.

  • Financial account linking services. We support account linking and aggregation services through a third-party provider. We may share details about your Robinhood relationship and accounts with your linked financial institution.

  • Companies in which you hold securities. We provide your name, address, email address, and securities positions to requesting companies in which you hold securities in relation to your rights and participation as a shareholder in those companies.

  • Robinhood affiliates. We share personal data about you with other companies in the Robinhood group, including those entities based in the US, which provide infrastructure, operational, customer service, technical and IT services.

  • Sale of our business. We may share information about you in connection with a corporate transaction, a merger, consolidation, reorganisation, financing, change in control or acquisition of all or a portion of our business by a third party and as part of any due diligence activities in relation to the foregoing, or in the unlikely event of a bankruptcy or similar proceeding.

  • Third parties in relation to legal claims: We disclose personal data to third parties as required in order to establish, exercise or defend or to protect legal claims, including in relation to our contracts with our customers and in order to protect the rights, property or safety of us, our business, our customers or others, including to legal advisors, government and law enforcement authorities, courts and tribunals and with other parties involved in, or contemplating, legal proceedings.

  • Regulatory, prosecuting, law enforcement, tax or governmental authorities, courts or tribunals. We disclose information about you to these third parties upon their request or as required by law as set out in Section 3 above.

  • With your consent. We share information about you for any other purposes disclosed to you with your consent.

5. HOW LONG WE RETAIN YOUR PERSONAL DATA

With respect to our Customers and our services, we retain most personal data for the duration of your relationship with us and a period of up to seven years after that. However, different personal data will be subject to different retention periods depending on the circumstances or applicable law.

6. ADDITIONAL JURISDICTIONAL DISCLOSURES

RESIDENTS OF THE EEA/UK

DATA SUBJECT RIGHTS

You have the right to ask us for a copy of your personal data; to correct, delete or restrict processing of your personal data; and to port your data (which involves us giving you the personal data you provided or transferring the personal data you gave us to another party in a structured, machine-readable format. In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing purposes). Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to Robinhood processing your data, this will not affect any processing which has already taken place at that time.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. If you have unresolved concerns, you have the right to complain to your local data protection authority in the EEA or in the UK.

You can exercise your rights by contacting us using the details set out in Section You can also use our self-service tool by logging into your Robinhood account, navigating to the Security and Privacy menu, and selecting the option to either Download Personal Data or Request Data Deletion for access and deletion rights, respectively.

You can opt-out of direct marketing at any time by contacting us using the information in the ‘How to Contact Us’ section or by using the “unsubscribe” option in any direct marketing communication.

INTERNATIONAL DATA TRANSFERS

As a US headquartered company, most of our IT systems are hosted in the United States (including on third party systems). We also share personal data with our group companies in the US. As a result, we will transfer your personal data to this jurisdiction, including to our staff members who are located there. We transfer your personal data on the basis of the EU and UK standard contractual clauses.

We also transfer your personal data to third parties that host or access personal data outside of the EEA and the UK, including Canada, India, Columbia and the Philippines.

Where the country is subject to an adequacy decision by the European Commission and/or UK adequacy regulations, we rely on that adequacy decision of the transfer (for example, for Canada).

For the other countries not subject to an adequacy decision as described above, we use EU and UK standard contractual clauses to help ensure your information is afforded a high standard of protection. To the extent required or permitted by data protection law, we may alternatively rely on an appropriate Data Protection Framework Certification, a vendor’s processor binding corporate rules and/or other data transfer mechanisms available under EU/UK data protection laws. More information can be obtained by using the contact details below.

7. CHANGES TO THIS PRIVACY NOTICE

This Privacy Notice will evolve with time, and when we update it, we will revise the "Last Updated" entry above and post the new Privacy Notice and, in some cases, we provide additional notice (such as adding a statement to our website or sending you a notification). We may communicate any changes with you from time to time in a manner we determine.

8. HOW TO CONTACT US

If you have any questions about this Privacy Notice, wish to exercise your rights or wish to contact us for any other reason in relation to our personal data processing, please contact us at:

Robinhood EntityEmail and address
Robinhood Europe, UABEmail: dataprotection@robinhood.com Address: Mėsinių str. 5, Vilnius, the Republic of Lithuania
Robinhood U.K. Ltd.Email: dataprotection@robinhood.com Address: 70 Saint Mary Axe Suite 307, London, England EC3A 8BE
Robinhood Securities, LLCEmail: privacy@robinhood.com Address: 500 Colonial Center Parkway Suite 100, Lake Mary, FL 32746 United States
Robinhood Markets, Inc.; Robinhood International, Inc.; Robinhood Crypto, LLCEmail: privacy@robinhood.com Address: 85 Willow Road, Menlo Park, CA 94025 United States
Was this article helpful?
Reference No. 3973745
Follow us on

Crypto markets are highly volatile, and trading or holding crypto can lead to loss of your assets. Crypto is not legal tender, and is not backed by any government or covered by any government compensation scheme.

Cryptocurrency services are offered for eligible EU customers through an account with Robinhood Europe, UAB (company number 306377915), with its registered address at Mėsinių 5, LT-01133 Vilnius, Lithuania (“RHEC”). RHEC is registered according to the regulatory requirements of the Republic of Lithuania as a virtual currency exchange and virtual currency depository wallet operator. RHEC is supervised by the Lithuanian Financial Crime Investigation Service under the Ministry of the Interior of the Republic of Lithuania. RHEC is registered under the applicable Polish law as a virtual assets service provider (VASP) in the Register of Virtual Currency Activities maintained by the Director of the Tax Administration Chamber.

Robinhood, 85 Willow Road, Menlo Park, CA 94025.© 2024 Robinhood. All rights reserved.
Follow us on

Crypto markets are highly volatile, and trading or holding crypto can lead to loss of your assets. Crypto is not legal tender, and is not backed by any government or covered by any government compensation scheme.

Cryptocurrency services are offered for eligible EU customers through an account with Robinhood Europe, UAB (company number 306377915), with its registered address at Mėsinių 5, LT-01133 Vilnius, Lithuania (“RHEC”). RHEC is registered according to the regulatory requirements of the Republic of Lithuania as a virtual currency exchange and virtual currency depository wallet operator. RHEC is supervised by the Lithuanian Financial Crime Investigation Service under the Ministry of the Interior of the Republic of Lithuania. RHEC is registered under the applicable Polish law as a virtual assets service provider (VASP) in the Register of Virtual Currency Activities maintained by the Director of the Tax Administration Chamber.

Robinhood, 85 Willow Road, Menlo Park, CA 94025.© 2024 Robinhood. All rights reserved.