Securities Screener — Privacy Policy

Last Updated: 19 February 2026

1. Introduction

This Privacy Policy explains how Benchwalk Advisors Limited (“Benchwalk”, “we”, “our”, or “us”), a company registered in England and Wales, collects, uses, stores, and protects personal data in connection with the Securities Screener application (the “Application”), which Benchwalk administers.

We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all other applicable data protection legislation. For the purposes of data protection law, Benchwalk Advisors Limited is the data controller.

2. Data We Collect

We collect and process the following categories of personal data in connection with your use of the Application:

• Account and Access Data: Your name, email address, job title, organisation, and login credentials used to authenticate your access to the Application.
• Usage Data: Information about how you interact with the Application, including pages viewed, features used, search queries, screening parameters selected, reports generated, and the dates and times of your activity.
• Technical Data: Your IP address, browser type and version, operating system, device identifiers, and other technical information collected automatically when you access the Application.
• Communication Data: Any correspondence or communications between you and Benchwalk relating to the Application, including support requests and feedback.

The Application also processes publicly available financial data relating to listed companies, including share prices, financial statements, corporate announcements, and regulatory filings. This data does not constitute personal data and is not subject to this Privacy Policy except to the extent that it relates to identifiable individuals (for example, named directors or officers).

3. How We Use Your Data

We use the personal data we collect for the following purposes:

4. Data Sharing and Third-Party Processors

We may share your personal data with the following categories of recipients:

• Third-party service providers: We engage third-party providers to support the operation of the Application, including cloud hosting providers, data analytics services, and IT support. These providers process personal data on our behalf and are bound by data processing agreements in accordance with Article 28 of the UK GDPR.
• Market data providers: The Application integrates with third-party financial data APIs to retrieve market data, share prices, and financial information. While these integrations primarily involve non-personal corporate data, technical information such as your IP address may be transmitted to these providers in the course of API requests.
• Professional advisers: We may share personal data with our legal, accounting, or other professional advisers where necessary for the purposes of obtaining advice or in connection with legal proceedings.
• Regulatory authorities: We may disclose personal data to regulators, law enforcement agencies, or other authorities where required by applicable law or regulation, or in response to a lawful request.

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

5. International Data Transfers

Your personal data may be transferred to, and processed in, countries outside the United Kingdom where our service providers are located. Where such transfers occur, we ensure that appropriate safeguards are in place in accordance with the UK GDPR, including the use of standard contractual clauses approved by the Information Commissioner's Office (ICO), adequacy decisions, or other lawful transfer mechanisms.

6. Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law or regulation. Our general retention periods are as follows:

• Account Data: Retained for the duration of your access to the Application and for a period of 12 months following termination of access, unless longer retention is required for regulatory or legal purposes.
• Usage Data: Retained for a period of 24 months from the date of collection for the purposes of Application improvement and audit compliance.
• Technical Data: Server logs and technical data are retained for a period of 12 months.
• Communication Data: Retained for the duration of any ongoing matter to which the communication relates, and for a period of 6 years thereafter.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include, but are not limited to:

• Encryption of data in transit using TLS/SSL protocols.
• Access controls and authentication mechanisms to restrict access to authorised users.
• Regular security assessments and vulnerability testing.
• Secure cloud infrastructure with appropriate certifications.

While we take all reasonable steps to protect your personal data, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

8. Your Rights

Under the UK GDPR, you have the following rights in relation to your personal data:

• Right of access: You have the right to request a copy of the personal data we hold about you.
• Right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to erasure: You have the right to request that we delete your personal data in certain circumstances.
• Right to restriction of processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
• Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to object: You have the right to object to the processing of your personal data where we rely on legitimate interests as the legal basis for processing.
• Rights related to automated decision-making: You have the right not to be subject to a decision based solely on automated processing which produces legal effects or similarly significant effects. The Application does not make automated decisions of this nature; all screening outputs are provided for review by qualified professionals.

To exercise any of these rights, please contact us using the details set out in section 12 below. We will respond to your request within one month, or inform you if an extension is required.

9. Cookies and Tracking Technologies

The Application may use cookies and similar tracking technologies to facilitate authentication, maintain session state, and collect usage analytics. We use only strictly necessary and functional cookies, and do not use cookies for advertising or marketing purposes.

You may configure your browser to refuse cookies, but this may impair the functionality of the Application.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Application, or applicable law. We will notify you of any material changes by posting the updated policy within the Application and, where appropriate, by email. The “Last Updated” date at the top of this policy indicates when it was last revised.

11. Complaints

If you are not satisfied with how we handle your personal data or wish to make a complaint, you may contact us using the details below. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact: