GDPR – What you need to know
On 25th May 2018 new General Data Protection Regulations (GDPR) came into force in the UK which requires us to update our procedures for processing data.
The purpose of this information page is to inform you of what data we keep on you, what we are going to do with it and your rights under the new Regulations.
Personal data that we keep on you:
Name, address and other contact details
Personal circumstances (health, family, income, expenditure, assets, liabilities)
Financial arrangements (policies, pensions, investments etc)
“Soft data” (attitude to risk, personal financial objectives etc)
Why we keep the data and what we are going to do with it:
To assist us in keeping in contact
To ensure that our advice is accurate, relevant and suitable
To help us sustain a robust ongoing review service
To enable us to represent your interest in relation to third-party companies (e.g. product-providers)
To assist your family and dependants (when authorised to do so)
How long we will keep and use your data
We will retain your personal data within our secure client management system only whilst we are continuing to act for you. If you no longer require us to advise you, we will archive that information (so it is no longer held visibly on our client management system) but we will need to retain what we have in order to satisfy the requirements of the Financial Conduct Authority.
Why we need your consent
By law we have to identify a justification as to why we are entitled to collect, retain, process and use your data. We have identified the justification as being that we have received your information and voluntary consent to do so. The Regulations require us to have your consent on an “opt-in” basis. As we already hold your financial data, to the best of our knowledge you have already actively opted-in to allow us to act for you in relation to regulated financial services advice. If that is not the case please let us know as soon as possible and we shall remove your data from our records immediately. Under the GDPR you can withdraw your consent at any time. If you wish to do this at any time just let us know and we shall remove your data from our records immediately. It is our intention to keep the data indefinitely until we receive your request to delete your data, as without it we are unable to provide any kind of regulated services to you.
Under the GDPR you have the right to require us to:
Tell you what data we keep on you:
Access such data:
Rectify any mistakes there are in the data:
Erase all information we have on you (where we have provided regulated advice we would instead archive your information):
Stop processing your data (and therefore provide no further advice):
Move the data we hold to someone else and remedy something we have done contrary to the Regulations.
For more information read the guidance at the website of the Information Commissioner’s Office: https://lco.org.uk/for-organisations/guide-to-data-protection/principle-6-rights/
We are, at any time, able to tell you what data we hold on you, by supplying you with an updated copy of our ‘Client Fact Find’. Due to the cost implications, we will generally supply this by email, upon receipt of a request. We will, in any case, usually verify this information with you when we conduct reviews.