Privacy Policy

Last updated: December 16, 2025

Coustra ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and disclose personal information when you visit our website (coustra.com) and use our services. It also describes your choices regarding use, access, and correction of personal data.

1. Who We Are

Coustra provides software solutions and analytics to investment professionals and enterprises. Our platform integrates with client systems to automate workflows and leverage data using artificial intelligence technologies.

2. Scope Of This Privacy Policy

This Privacy Policy applies to personal information we collect or process when you:

  • Visit or interact with our website
  • Use or inquire about our services
  • Communicate with us by email, phone, or other methods

In many instances we process personal data on behalf of our clients. In those scenarios, our clients control the data and we act as a "data processor" (under UK/EU data protection laws) or "service provider" (under US privacy laws). Where we decide how and why personal information is processed, we act as a "data controller."

3. Information We Collect

3.1. Information You Provide To Us

  • Contact Information: Name, business email address, business phone number, company name
  • Account Information: If you or your firm register for our services, we may collect login credentials and profile details you provide
  • Communications: If you contact us directly, we receive your name, contact details, and the contents of your message

3.2. Information We Collect Automatically

  • Device and Usage Information: IP address, browser type, operating system, referring URLs, pages viewed, time spent, and interaction data
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about your interactions with our website

We use Google Analytics to understand how visitors use our website, including pages visited, time spent, browser and device information, approximate geographic location, and IP address (which may be truncated or anonymised where required by applicable law). Analytics cookies are non-essential. For visitors in the UK/EEA they are only used where you have provided explicit consent.

You can manage cookie preferences via your browser settings or our cookie preferences page.

3.3. Information Processed On Behalf Of Clients

When providing our services, we may process personal data about our clients' end users and employees. In this context, we act solely under our clients' instructions and process the data as a processor/service provider.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Improve Our Services: Including setting up user accounts, providing customer support, maintaining and enhancing our platform
  • To Communicate with You: Responding to inquiries, sharing information about our services, and sending administrative messages
  • For Business Operations and Analytics: Monitoring and analysing usage, trends, and activities to improve our offerings
  • Legal Compliance and Security: Complying with applicable laws, protecting rights, privacy, safety, and preventing fraud or misuse

When we process data on behalf of clients, we do so in accordance with contractual obligations and client instructions.

5. Legal Basis for Processing (UK/EU visitors)

Where the UK GDPR or EU GDPR applies, we rely on:

  • Contractual Necessity: Where processing is necessary to provide services or take steps at your request
  • Legitimate Interests: For improving and securing our services, provided such interests are not overridden by your rights
  • Consent: For non-essential cookies such as analytics cookies; these will not be set unless you provide consent

6. International Transfers

Your personal data may be transferred to and processed in countries outside your country of residence. Where required, we implement appropriate safeguards (such as standard contractual clauses) to protect your data in accordance with applicable laws.

7. Data Retention

We retain personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary based on the nature of the data and legal requirements.

8. Your Rights

Subject to applicable law, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent
  • Data portability for information you have provided to us

To exercise these rights, contact us using the details below. We may need to verify your identity before responding.

9. Security

We implement technical and organisational measures designed to protect personal data against unauthorised access, disclosure, alteration, or destruction. No system is completely secure; we cannot guarantee absolute security.

10. Children

Our website and services are not directed to children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will take appropriate steps to delete the information.

11. Changes To This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The "Last updated" date indicates when this Privacy Policy was last revised. Your continued use of the website or services signifies acceptance of the updated policy.

12. Contact Us

If you have questions or requests regarding this Privacy Policy or our data practices, contact us at: info@coustra.com.