1. Why we collect data
We collect data from our first point of contact with you because it is our intention to enter into a contract with you to provide financial advice. This data is essential for us to be able to provide the services you require from us and, without collecting your personal data, we would not be able to meet our contractual or regulatory obligations.
2. How your data is protected
We are governed by a strict code of conduct as we are a regulated firm and we adhere adhere to internationally recognised data and cyber security standards.
3. What data is collected
Our service involves providing financial planning solutions based on your needs and objectives. To do this we first need to collect information about you to base our financial planning. To do this we may ask you or other organisations to share data, which could include the following:
- Personal information
Your name, marital status, national insurance number, tax code, date of birth.
- Contact details
Your address, phone and email details and how you would prefer us to use them.
- Financial details
Your income and expenditure, savings, existing investments, goals and ambitions.
- Family relationships
Your partner and dependents.
- Official documents
A copy of your birth certificate, marriage certificate, drivers licence, passport, wills.
- Your other advisers
Solicitors, accountants, powers of attorney, trustees, beneficiaries.
- Special categories of data
Some data is particularly sensitive and has special treatment in law. In order for us to provide an effective financial planning service, we will often need to collect data that falls under this category, particularly in relation to health, and we will only collect or use this type of data if you explicitly consent to us doing so.
4. Sources of data
Our main source of data will always by yourself. This is provided when you speak, write, email, text, or use our website. For example, communications may be formally recorded in documents created specifically for collection of data, e.g. fact finds, risk profiles & application forms or they could be recorded in telephone or meeting notes.
We may need to obtain some of your data from other organisations, for example, where you have pension, investment or protection arrangements either arranged by us or by a previous financial adviser or legal adviser/accountant, or other organisations as necessary. We will always make you aware of this contact. In addition, the organisation releasing your data will require your authority before it is provided.
Information that you give us concerning others
You may provide information (data) about people who will not be entering into a contract with us, but their data is relevant to the service we are providing. For example, details of your partner, dependents or professional connections. We will assume that you have made those concerned aware prior to the information to us. In these circumstances, we are required (where possible) to make those individuals aware so that they can be given the opportunity to decline, object, restrict or erase the use of their data. If they do, we may not be able to process their data.
Receiving data from other sources
For data we receive from other sources, you will have the same or equivalent rights to those under the individual’s rights section, with a few exceptions.
We are not obliged to provide you with the data:
- where you already have this data;
- where we are subject to an obligation of professional secrecy prohibiting the disclosure of the data;
We may also collect data when you voluntarily complete client surveys or provide feedback to us.
5. Choosing not to provide data
We will need to collect data from you that is required by law, to comply with regulations or to enter into or fulfil our contractual agreement with you. If you choose not to give us this information, it may prevent us from fulfilling our legal or contractual duties. This may mean that we cannot continue to provide you with advice or continue to manage your financial planning arrangements.
6. Advice to children
We are unable to provide services directly to a child or enter in to a contract with them. However, there may be occasions where our services are engaged for their benefit. We will require the consent of a legal guardian and our interaction will be with the legal guardian until the child reaches eighteen, or the term will be determined by a legal arrangement, whichever is the later. For example, trust, power of attorney, ward of court.
7. How your data is used
Your personal data will only be used by us where the law allows, in one or more of the following circumstances:
- When we have your explicit consent to do so
- Where we need to perform the contract we have entered into with you
- Where we have a legal obligation
- Where it is necessary for our legitimate interests (or those of a third party)
We may need to use your data to do the following:
- To provide you with a fully comprehensive financial planning service and to provide the level of ongoing service you select from us
- Comply with relevant ‘Know Your Client’ obligations and other requirements imposed by our regulatory bodies.
- Using systems that provide results based on the personal data that we enter, to assist us in providing financial advice to you.
- Respond to requests for information from regulatory bodies or pursuant to an order of any court or tribunal having relevant jurisdiction;
- Comply with the requirements of regulatory bodies in respect of our professional conduct, including participating in audits and reviews conducted by or on behalf of the FCA and maintaining records of transaction and customer histories;
- Carrying out our own business and professional management, including maintaining adequate records so that we are able to fully respond to your queries, investigate and resolve complaints, prepare, verify and have audited our statutory accounts and complete our tax returns;
- In the event of any legal proceedings in which you or we may be involved, investigate the basis for any claims and our or your position with respect to them, obtain legal advice, and defend, pursue or settle such legal proceedings to the best of our ability, including complying with relevant directions with respect to evidence and the production of documents.
8. Preventing Financial Crime
We have a regulatory duty to ensure our services are not used to facilitate financial crime, such as money laundering for example. This means we are required to verify your identity when you become a client, involving us validating your name, address and other personal data against appropriate third-party databases. In performing the checks your personal information may be disclosed to a registered Credit Reference Agency which may keep a record of that information. The check is only carried out to confirm your identity, no credit check is carried out and your credit rating is unaffected. We may also ask you to evidence the source of funds for any investment made. We are also required to verify the identity of any person acting on your behalf, such as a power of attorney.
9. Call recording
We record all calls to and from our office to comply with regulations and for your protection. Please note that records will be available for at least five years and calls concerning advice or giving us instruction will be retained indefinitely. Please see Section 17 for more information on our retention periods.
It is possible to disable and delete cookies by changing the settings within your browser’s ‘Help’, ‘Tools’ or ‘Settings’ menu. Please note that by disabling cookies you may not benefit from some of the features of our site. You can find out more about deleting or controlling cookies by visiting aboutcookies.org.
11. Who we share your data with
To provide our services to you effectively, we may share your data with other organisations such as those that we engage for professional compliance, accountancy, regulatory or legal services, IT support, system and software providers, as well as product and platform providers that we use to arrange financial products for you.
We will require other organisations processing your data to deal act in line with all relevant standards and regulations and only use your data for the express purpose it is being provided.
We will use appropriate security measures to protect your data where it is necessary for us to provide it to another organization.
We will not share your information for marketing purposes.
12. Sending data outside of the European Economic Area (EEA)
The data we collect may be transferred to, and stored at, destinations outside of the European Economic Area (EEA) in the provision of services agreed with us. If we do transfer your data outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. This could include:
- countries that have been considered by the European Commission as having adequate privacy law.
- Putting in place contracts with the recipient detailing how your data will be used and ensuring that they protect it to the same standards as if your data was being processed in the EEA.
- Transferring your data to organisations that are covered as part of a Privacy Shield. These are frameworks that set privacy standards for transfer of data between the US and EU countries and Swiss and EU countries. These are voluntary codes of conduct that international companies adhere to.
13. Communicating with you
As part of your initial contact with us, you will be asked how you would prefer us to communicate with you, which could be by phone to your mobile, home or professional number, by text, email, post, along with giving you control over what you receive (where this is possible). Your preferences in this regard will also be confirmed within our Terms of Business document which you will be asked to sign and can be changed, by you, at any time.
Depending on the level of ongoing service you chose or financial products you hold with us, we may occasionally send you communications regarding significant events or changes (e.g. volatile market movements, budget summaries, year-end tax planning articles, and changes in regulatory or legal requirements). We consider these provisions to be part of our contractual agreement with you.
14. Data Security
When we communicate with you via email we will restrict the amount of your data included to that which is absolutely necessary. Sensitive data, such as policy number and dates of birth for example, will be redacted. Attachments containing sensitive data will be encrypted with a password. We strongly encourage you not to send us sensitive personal data via unencrypted emails, in particular copies of things like passports, birth certificates, bank statements should not be sent electronically to us unless using a secure email service.
When we deal with other companies via email, such as the provider of an investment product that you have or will have an investment with, we will us a secure email service where the recipient is able.
Your personal data contained in our written correspondence will be kept to that which is absolutely necessary and policy numbers will be partially redacted in our letters. Forms sent to you for signature will only contain your name and we will only ask you to complete necessary details we do not already hold on these forms.
15. Archiving data
We will regularly review the data we are processing, and where in our opinion this data has ceased to be active, we will archive it and process it only as archived data. This data will only be processed where necessary in response regulatory returns or enquiries, where disclosure of past advice is required by us in the operation of our business or for legal reasons, for example if a complaint is received.
All storage of data whether active or archived, will be conducted in accordance with good industry practice.
16. Our retention periods
Your data will only be kept by us for as long as it is necessary. Where we are using your data, we will review it on a regular basis to ensure it is correctly recorded. This will be at the point of any new advice or transaction or at a regular review meeting, depending on the nature of the services we provide you with.
The service we provide is long term financial planning and investment advice, which may include pensions, life assurance products and collective investments. We will need to retain your data throughout our relationship but it is likely that we will need to retain your data when your agreement with us ends and we are no longer providing you with financial advice or other services. The reason for retaining your data will be based on our business needs or for legal or regulatory requirements.
Where you approach us for advice and choose not to take up that advice, we will retain your data or 12 months from the date of our advice. After this your data will be archived and only processed as such. Please refer to Section 15 for full details.
17. Your rights
Data protection law provides you with the following rights with respect to your data:
- A right of access
You may request that we confirm if we are processing your data, what that is, and a copy of the information included in the data.
- A right to rectification
You may request that we rectify any inaccurate and/or complete any incomplete personal data.
- A right to erasure
You may request that we erase your data and will delete any records that we no longer require and do not have a purpose to keep.
- A right to restrict processing
You may request that we restrict processing your data, which if applied, means that we could only resume processing your data when you provide consent to do so.
- A right to data portability
A right to have your data provided to another company in a way they can easily upload to their systems.
- A right to object
You may request that we stop processing your personal data.
- A right to withdraw consent
You may withdraw your consent if this has previously been requested.
- A right to prevent processing for direct marketing
You have a choice regarding whether you receive direct marketing.
- A right to complain
You can always contact us if you are not happy with any of the services we provide but data protection law also gives you the right to complain, with respect to any processing of your data and any breach of the above rights, to the relevant supervisory authority, who in the case of the United Kingdom is the Information Commissioner’s Office. Their contact details are given below.
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate)
- A right to a judicial remedy
You have a right to claim compensation for damages caused by a breach of the Act.
19. How to contact us