We collect, use and are responsible for certain Personal Information about you. When we do so we are subject to data protection laws applicable in the United Kingdom and we are responsible as ‘controller’ of the Personal Information for the purposes of those laws.
Personal Information we collect about you
We may collect and use the following Personal Information about you:
- Name and address
- Date of birth
- E-mail address
- Telephone number
This personal information is required to provide our product and/or service to you and satisfy regulatory and legal obligations.
How your personal information is collected
We collect most of this Personal Information directly from you – in person, by telephone, text or email and via our website. However, we may also collect information from publicly accessible sources and third parties. These could include from cookies on our website or other automated monitoring systems.
How and why we use your personal information
Under data protection law, we only use your Personal Information if we have a proper reason for doing so. In order to use your Personal Information, we rely on the following legal bases:
- processing is necessary for the performance of the products/services we provide to you;
- processing is necessary for the purposes of the legitimate business interests pursued by us; and
- processing is necessary for compliance with a legal obligation to which we are subject.
With whom we share your personal information
We routinely share personal Information with:
- third parties we use to help deliver products and/or services to you e.g. payment service providers, banks;
- third parties approved by you e.g. your financial advisor;
- credit reference agencies
- sanctions screening providers; and
- our insurers and brokers.
We only allow our service providers to handle your Personal Information if we are satisfied they take appropriate measures to protect your Personal Information. We impose contractual obligations on such service providers to ensure they only use your Personal Information to provide services to us and you.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We will not share your personal information with any other third party.
How your personal information will be kept
We will keep your personal information while you have an account with us or we are providing products and/or services to you. Thereafter, we will keep your personal Information for as long as is necessary:
- to respond to any questions, complaints or claims made by you;
- to show that we treated you fairly; and
- to keep records required by law.
When it is no longer necessary to retain your Personal Information, we will delete it.
You have the following rights which you can exercise free of charge:
Access – the right to be provided with a copy of your Personal Information.
Rectification – the right to require us to correct any mistakes.
To be forgotten – the right to require us to delete your personal Information.
Restriction of processing – the right to require us to restrict processing.
Data portability – the right to receive the personal Information in a commonly used format.
To object – the right to object to it being used for direct marketing.
To object – against the continued processing of the Personal Information.
Not to be subject to automation – not to be subject to a decision based on automated processing concerning you or that similarly significantly affects you.
If you would like to exercise any of these rights please contact us as set out below.
Keeping your personal Information secure
We have appropriate security measures to prevent personal Information from being accidently lost or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
We hope we can resolve any query or concern you may raise about our use of your information.
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the U.K. is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.
How to contact us
Our contact details are: