This notice provides you with information concerning our collection and use of personal data. If you have any queries regarding this statement, please do not hesitate to contact us.
We collect, control and process your personal information because this is necessary to provide you with information requested, answer any queries you may have and for the provision of our services to you. Contractual necessity is therefore the lawful basis for collecting, controlling and processing your personal details and those of your employees and service providers other than sensitive or special category personal data for which we require individual consent unless we are using the data for insurance underwriting purposes. Where we are advising on or arranging insurances, investment bonds, pensions or other insurance based products, we need to collect and potentially share such information with providers.
Sensitive personal data:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data
- Biometric data
- Data concerning health
- Data concerning sex life or sexual orientation
We would discuss with you the need for the provision of sensitive data before you provide this information. The subsequent provision of sensitive personal data will be taken as consent to this processing.
It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.
We do not use your personal data for marketing purposes nor will we share your data with any other organisation for marketing purposes.
What data we collect & what we do with it
In order to provide financial/insurance advisory services, we will obtain personal information from you concerning your finances, circumstances, objectives and other relevant details. We will collect, store and process this information.
Completing our Data Capture Form
Once you complete the Data Capture Form, your data will be stored on
Completing our Attitude to Risk Questionnaire
Once you have completed our Attitude to Risk Questionnaire on Google Forms, your responses will be stored on Google and will be protected by single-factor authentication (SFA). Your responses are then transferred by us to Financial Express. Your responses on Financial Express are protected by SFA and require a group username, individual username and password.
What we will do with your data
Once your data has been processed, it will be transferred to Google Drive, a file-hosting system. Google Drive files at rest are encrypted using 256-bit Advanced Encryption Standard (AES).
To protect data in transit between Google Drive and our servers, Google Drive uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) for data transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. Where communications are ongoing, we will store your details within our Google Drive and Wealthbox accounts.
We will store your name and email address with a data processor (Mailchimp), to enable us to communicate service updates to you.
Our communication with you
We will generally communicate with you via email. This will be via Gmail, which is again protected by single-factor authentication (SFA).
Communication between staff
Alongside emails through Gmail, staff members will also communicate with each other through Slack, which is a secure instant messaging service where messages are encrypted both in transit and at rest. We will also communicate through WhatsApp, which is protected by end-to-end encryption.
Sharing your data
In the course of our work with you, we will share your personal data with product and service providers; we may also share you data with compliance monitoring and support organisations and regulatory bodies who are also ‘Data Controllers’ and registered with a supervisory authority in the EU unless otherwise indicated.
We also use external data processors that will hold information for the following purposes:
- Secure file sharing
- Data backup
- Dissemination of information
- Record keeping
- Compliance monitoring
Otherwise, we will not share your personal information with other companies without your express authority except if the firm is sold or where we are required to do so by law.
All our data processing takes place within EU jurisdiction. Should any processor hold any data on our behalf outside of the EU, we will take steps to ensure that it is held in a satisfactory jurisdiction. In the case of the US, we will ensure that the EU-US Privacy Shield applies.
A cookie is a piece of information in the form of a very small text file that is placed on an internet user’s hard drive. It is generated by a web page server, which is basically the computer that operates a web site. The information the cookie contains is set by the server and it can be used by that server whenever the user visits the site. A cookie can be thought of as an internet user’s identification card, which tell a web site when the user has returned.
Click here to find out more about cookies.
This website uses a web analytics service provided by Google, Inc. (‘Google’). Cookies are used to collect information about how visitors use our site; they do not contain any personal information.
We use the information to compile reports and to help us improve the site and user experience. Google Analytics uses first-party cookies to track visitor interactions. These cookies are used to store information, such as what time the current visit occurred, whether the visitor has been to the site before, and what site referred the visitor to the web page.
For more information regarding Google Analytics and your data privacy, click here.
It is possible to opt out of Google Analytics tracking on all websites you visit by installing an add-on to your browser.
The Google Analytics Opt-out Browser Add-on is available for Internet Explorer, Google Chrome, Mozilla Firefox, Apple Safari and Opera. The add-on can be downloaded here.
The information we collect about you is used solely for the purposes for which it was provided. We will never use your data or share it for marketing purposes.
If we have collected information from you for marketing purposes, we will inform you and specifically gain your consent.
We will keep your personal data throughout our business relationship. At the end of any contractual relationship, we are required to continue to hold personal data under current legislation for varying periods and, in some circumstances, indefinitely. We may also consider it necessary to keep data beyond these timescales in order to defend any future legal action. Where we no longer need regular access to your data, we will transfer your data to a secure archive in order to avoid any unnecessary processing.
Under data protection law, you have the right to ask us for a copy of the information we hold about you, and to have any inaccuracies corrected or removed. You may also ask us to delete all personal data held by us or any controller or processor with which we have shared your data.
To do this, please either contact us in writing, by telephone or email.
Where we store your Personal Data
All the data that we collect is stored on our encrypted server or back-up drives in the UK or with our listed processors under contract.
For any queries about data protection, please contact:
Contact name: Ben Baldwin
Address: Suite F, The Opus, Telford Way, Gloucester, GL2 2AB
Telephone: 01452 470500