Global trust, global compliance

Apply For LEI

Privacy Policy

Effective Date: December 9, 2025

This Privacy Policy explains how GCBS LTD (the “Company,” “We,” “Us”), acting as a GLEIF-accredited Registration Agent (RA), and its UK branch LEI REGISTRY LTD, collect, use, store, and protect Personal Data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the GLEIF Registration Agents Governance Framework.

1. Data Controller and Our Structure

1.1. Data Controller Details

The Data Controller responsible for the processing of your Personal Data is the parent company:

  • Company Name: GCBS LTD
  • Company Number: HE 469314
  • LEI: 6367000JXG942DHDPK43
  • Registered Address: 34 Makarios III Avenue, 2nd Floor, Flat 203, Hadjiyiannis Building, 3065 Limassol, Cyprus.
  • Data Protection Contact: support@leiregistry.co.uk

1.2. Operating Structure & UK Representative

GCBS LTD processes data through its local specialist branches. For clients in the United Kingdom, the local representative and primary contact point is:

  • Entity: LEI REGISTRY LTD
  • Company Number: 16468289
  • Address: 20 Elswick Street, London, SW6 2QR, United Kingdom.


All branches adhere strictly to this central privacy policy to ensure a unified standard of data protection.

2. Data Collection, Purpose, and Legal Basis

We collect Personal Data solely for the purpose of initiating, maintaining, and renewing Legal Entity Identifier (LEI) services in compliance with global financial regulations.

2.1. Categories of Data Processed

We process the following specific categories of data based on the defined legal grounds:

Contact Person Data:

  • Data: Name, Title, E-mail address, and Phone number of the entity’s authorized representative.
  • Legal Basis: Contract (necessary for the performance of the LEI service agreement) and Legal Obligation (required by GLEIF validation protocols).

Legal Entity Data:

  • Data: Official Company Name, Address, Registration Number, and Level 2 (Parent) Data.
  • Legal Basis: Legal Obligation (compliance with ISO 17442 standards and GLEIF regulatory mandates).

Payment & Billing Data:

  • Data: Transaction details, billing address, and VAT numbers.
  • Legal Basis: Contract (to process payments) and Legal Obligation (compliance with tax and accounting laws).

Technical Data & Cookies:

  • Data: IP address, browser type, device information, and cookies.
  • Legal Basis: Legitimate Interest (ensuring security and functionality) and

Consent (for non-essential cookies, managed via our Cookie Banner).

3. Data Sharing and International Transfers

3.1. Sharing with Our Partner LOU

To issue an LEI, we must share the necessary Contact Person Data and Legal Entity Data with our accredited partner, the Local Operating Unit (LOU):

  • Partner LOU: Nasdaq CSD SE
  • LEI: 485100001PLJJ09NZT59
  • Address: Vaļņu iela 1, LV-1050, Riga, Latvia.

This sharing is strictly necessary for the validation and issuance of the LEI code.

3.2. Public Disclosure (Global LEI Index)

The Client acknowledges that strictly defined Legal Entity Data (including the LEI code, official name, address, and Level 2 parent relationships) is mandated by the GLEIF framework to be publicly available via the Global LEI Index. The Client is obligated to report accurate Level 2 data unless a valid exemption applies. Personal data of contact persons is NOT published in the public index.

3.3. Transfers Outside the UK/EEA

As GCBS LTD is headquartered in Cyprus (EU) and operates within a global system, data transfer outside the UK may occur.

  • Transfers to Cyprus/EU: The UK recognizes the EU/EEA as having an adequate level of data protection.
  • Transfers to GLEIF (Switzerland): Switzerland is recognized by the UK as providing adequate protection.
  • Other Transfers: Any other international transfers are performed based on Standard Contractual Clauses (SCCs) or specific derogations for the performance of a contract.

4. Data Security and Retention

4.1. Security Commitment

We maintain high technical and organizational security standards (TOMs) to protect your Personal Data against unauthorized access, loss, or alteration. Our practices align with the ISO 27001 standards and the security requirements of the GLEIF Governance Framework, including the use of encryption for data in transit and at rest.

4.2. Retention Period

We retain Personal Data only for as long as necessary to fulfill the purposes outlined in this policy and to comply with our contractual obligations towards Nasdaq CSD SE.

  • LEI Service Data: Due to regulatory requirements and our agreement with the LOU (Nasdaq CSD SE), data related to LEI issuance and maintenance is retained for a period of 10 years following the termination of the service.
  • Financial Records: Data required for tax and accounting purposes is retained for 7 years

in accordance with UK and Cypriot tax laws.

5. Your Rights (UK GDPR)

As a data subject, you have the following rights concerning your Personal Data:

  1. Right to Access: To obtain confirmation about the processing of your data and a copy thereof.
  2. Right to Rectification: To have inaccurate or incomplete data corrected.
  3. Right to Erasure: To request deletion of your data (“Right to be Forgotten”), provided that legal obligations (such as the mandatory 10-year retention for LEI audit trails) do not require us to keep it.
  4. Right to Restriction: To request temporary limitation of processing.
  5. Right to Portability: To receive your provided data in a structured, machine-readable format.
  6. Right to Object: To object to processing based on legitimate interests, including direct marketing.

5.1. Filing a Complaint

We are committed to resolving any data privacy concerns you may have. We encourage you to contact us first at support@leiregistry.co.uk.

If you believe your rights have been violated and we have not addressed your concern, you have the right to lodge a complaint with the UK Supervisory Authority: Information Commissioner’s Office (ICO) Website: www.ico.org.uk

6. Policy Updates

GCBS LTD reserves the right to amend this Privacy Policy at any time to reflect changes in legal requirements or our service. The most current version will always be posted on the www.leiregistry.co.uk website

Shane Healey

Chief Financial Officer

Highly experienced professional accountant with over forty years involvement in regulated finance and accounting positions in both private and publicly listed companies in Australia, the United States and the United Kingdom.

Dr Healy has worked as employee, partner, consultant, company secretary and director in a number of firms and multi-national entities across diverse industries holding CFO, Finance Director, CEO and Chairman positions.

Darko Brzica

Chief Technology Officer

Darko brings over 20 years of deep technical expertise to Global Compliance, with a background in infrastructure design, cybersecurity, and artificial intelligence. He’s built scalable platforms for financial services, logistics, and SaaS businesses, and has been at the forefront of applied AI for over a decade.

  • Expert in AI workflow automation, document parsing, and compliance tech
  • Former lead architect for enterprise-grade systems in finance and e-commerce
  • Passionate about bridging the gap between automation and human service
  • Driving the technical core of Global Compliance compliance-as-a-service vision

Robert Andersson

Senior Advisor

With more than 15 years in executive leadership at public companies, Robert has driven IPOs, major M&A deals, and cross-border expansion in sectors like iGaming, fintech, and digital media. His leadership is built on real-world compliance experience, a passion for transparency, and a deep understanding of operational scaling in regulated industries.

  • Former CEO of Catena Media, Enlabs, and Acroud
  • Led €100M+ in funding and exits
  • Specialist in strategic growth, governance, and business transformation
  • Founded Global Compliance to simplify and modernize global compliance

Polina Bojilova Taliana

Managing Director

Polina is a seasoned expert in corporate governance and compliance, with extensive directorship experience across the UK and Europe.

She has led governance and regulatory frameworks in the health-tech, med-tech, and financial services sectors — ensuring transparency, accountability, and adherence to industry standards.

Her career includes senior roles at:

  • LEI Register
  • Europe Health Tech
  • PTMeditech
  • FactorChoice.net

In these positions, she has overseen compliance, risk management, and international corporate expansion.

Beyond corporate leadership, Polina is an entrepreneur — the founder of a regulated aesthetics franchise and an investor in cross-border property development.

Fluent in English, Bulgarian, Spanish, and Russian, she combines strong technical expertise in compliance and governance with the ability to navigate complex international business environments.