Data Protection and Privacy Notice

Introduction

In order to provide you with financial planning services Asset Management Financial Advisers Limited (AMFA) will collect and hold personal data about and on you. AMFA are also required to comply with the General Data Protection Regulation (Regulation (EU) 2016/679 (the “GDPR)) and as such hereby set out details as to how we process your data and your rights.

We may update the Privacy Statement from time to time, which will be updated accordingly on this page.

What type of information will we collect from you?

Where required, the type of information that we will collect from you will typically include the following:

  • Personal Details (such as full name, contact details, gender, date of birth etc.)
  • Copies of Passport, Driving Licence and / or other documents that relate to your identity (where we are required by law) in order to comply with the Money Laundering Regulations 2017.
  • Employment Status & history and Renumeration information (inc. Salary, bonuses, other benefits)
  • Bank Account Details, National Insurance Number, Tax information, Sources of Income and Expenditure, any pre-existing savings, investments or pensions etc.
  • Details of any dependents and family circumstances
  • Health Status and Medical History

Why do we need your Information?

We need your information in order for us to:

  • Provide financial planning services to you in accordance with this agreement which may include but not limited to; giving you financial advice and making recommendations as to investments and financial products which are suitable for you, taking into account current financial markets and economic conditions, availability of products and the providers of those products, as well as a detailed analysis of your personal circumstances and requirements. Therefore, we have a legal obligation to hold your data.
  • Comply with our regulatory obligations imposed by the Financial Conduct Authority in regard to the relevant ‘Know Your Client’ obligations. In addition, to comply with the Regulator’s requirements for record keeping for the purposes of audits and reviews, records of transactions undertaken and customer histories for prescribed periods of time as directed. Therefore, we have a legal obligation to hold your data.
  • Respond to any legitimate legal requests for information about you to the Regulatory authority or pursuant to an order of any court or tribunal having relevant jurisdiction, or as required by law for the purposes of but not limited to combatting fraud, money-laundering and criminal activities.
  • Carry out our legitimate business and professional management responsibilities which include, but are not limited to providing you with suitable advice, ensuring your portfolio and financial products continue to be suitable for you, adhere to anti money laundering requirements and investigating and resolving complaints.

General information about your data and your rights

Where we collect data directly from you, we will inform you:

  • In addition to those third party companies expressly detailed in this agreement, to inform you in writing of the name and contact details of the data controller for that data and their representative. For example, where we arrange an investment on your behalf with a third party investment provider, the data controller may be the financial institution in question.
  • where appropriate, of the contact details for any Data Protection Officer appointed by us.
  • and make clear the purposes for which the data is to be processed and the legal basis for that processing. In the event that the legal basis to be relied on is that of the legitimate interests of the data controller or any third party, we will inform you as to the nature of those legitimate interests.
  • of the recipients or categories of recipients of data.
  • In the event that the data controller proposes to transfer the data to a country other than those covered by the GDPR, to provide you with details of the safeguards surrounding such transfers and how to obtain a copy of them.
  • of the period for which we propose to hold the data, or where this is not possible, the criteria which we will apply to data retention.
  • To remind you of your rights whereby you may:
    • request access to data of which you are the data subject
    • object to, or withdraw consent for, the processing of the same
    • obtain rectification of inaccurate data
    • prevent data processing for the purposes of direct marketing
    • object to decisions being taken by automated means and to have the logic behind those decisions clearly explained
    • claim compensation for damages caused by a breach of the Act
    • request data erasure

Where you exercise your right to request (via email or post) access to data of which you are the data subject, we will undertake to respond to you within 30 calendar days of receipt of your request. There will be no charge for this service unless the request is manifestly unfounded or excessive in which case we reserve the right to charge a fee or refuse to respond.

You may at any time, by giving notice to us in writing, request that we cease to process your data.  We will undertake to comply with any such request as soon as is reasonably practicable.

Where the legal basis for the processing of your data is to adhere to compliance with a statutory or contractual obligation, or the necessary precondition to entering into a contract, including compliance with the requirements of any Regulator, we will inform you as to:

  • Whether you are legally required to provide such data, and
  • The consequences of failing to provide such data

Where we obtain your data otherwise than directly from you, you will have the same or equivalent rights to those set out above.

Save in the circumstance as detailed below, we will inform you which source the data originated from and whether it came from publically accessible sources.  The information to be provided will be in accordance with the following time periods, whichever shall occur first:

  • As soon as practicable after obtaining the data and in any event within 1 month
  • At the time of our first communication with you using the data
  • When the data is first disclosed to another person

We shall not be obliged to provide you with the information:

  • Where you already have this information
  • Where we are subject to an obligation of professional secrecy prohibiting the disclosure of the information
  • Where disclosure would render impossible or severely impair the achievement of the reasons for which the data is to be processed. In such cases, we will do what we can to protect your rights and freedoms with respect to our processing of the data

You have the right to complain in regard to any aspect of the processing of your data and any breach of the above rights to the relevant supervisory authority, who in the case of the United Kingdom is the Information Commissioners Office, whom may be contacted at:

  • Online: ico.org.uk
  • Phone: 0303 123 1113

Holding your data

We undertake to review the data we hold on you on a regular basis to ensure compliance with data protection law.  In the course of any review, we will:

  • Delete any data which is trivial or transitory in nature, or which in our opinion is no longer required for the purposes set out above.
  • Update the data to ensure that any errors or inaccuracies are corrected.
  • Archive data as detailed below.
  • Subject to the data retention periods, as detailed below, securely delete the data when it is identified that we no longer need to hold it.

We may retain and process your data for the following periods. In the event that more than one period applies to the same data, we will retain the data to the last such period to expire:

  • We will hold any agreements between you and us for a period of 6 years from the termination or expiry of the agreement unless we have been notified of any claim or circumstance which might give rise to a claim under or by reference to such agreements.
  • We will process data relating to investments which we have provided advice on and / or arranged for you. We will process such data throughout the entire period you are and remain a client of the firm and for a period of not less than 6 years following our ceasing to provide service to you in regard to those investments.  In the case of long-term investments we may process your data until the date of maturation of such long-term investments.
  • We will hold date as required by any Regulator until the end of any limitation period imposed by that Regulator, which in the case of the Financial Services Authority is currently 6 years for all types of business undertaken except for Occupational Pension Schemes, which can include Defined Benefit Transfers and Scheme Money Purchase Transfers, whereby the data retention period is indefinite.
  • We will hold data as required for the purposes of any legal proceedings for a period of 6 years following the conclusion of any such proceedings unless a longer period is required pursuant to any court rule or enactment. Proceedings will be taken to have concluded on the expiry of any period given for appealing any final judgment or on the date of concluding any settlement staying all relevant claims if the proceedings were settled before judgement.
  • Save for the above, we will hold data for a maximum of 50 years from the date we receive the data.

Archiving data

We will regularly review data and where in our opinion such data has ceased to be Active we will archive it and process it only as Archived Data.  Any data which is deemed Archived Data will only be processed in limited circumstances.

All storage of data, whether Active Data or Archived Data will be in accordance with good industry practice and will be undertaken in accordance with organisational systems and procedures, which will be regularly reviewed, to maintain the security of data.

Data portability

On the termination or expiry of any agreement to provide services to you and on your written request, we will, subject to our right to retain copies of data for the purposes set out above, agree to return any data you have provided to us in a structured, commonly used machine-readable format, or transfer the same to a new data controller nominated by you.

Whom we may share your data with

In order to carry out our legitimate business and to provide you with financial planning services, we have entered into agreements with and will share your information with the following companies, for the purposes of Compliance, IT systems security, data management and control and auditing.  Full details of these companies addresses (all UK based) and contact details are available on request:

  • Compliance and Training Solutions Ltd (Compliance consultants)
  • Uniq IT (IT Consultants)

In addition to the above listed companies you will be notified in accordance with the terms of this agreement as to the name and contact details of the data controller for any other third party entity with whom we share and / or transfer your data and their representative.

Special Category Data

Special category data is personal data which is more sensitive than Personal Data. This includes your racial or ethnic origin, political opinions, religious or philosophical beliefs.  It also covers the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning health, a person’s sex life or sexual orientation. 

Why we need your special category data

It is almost certain that we will request some or all of the information covered under special category data during our relationship.

We need your data in order for us to:

  • Provide a full financial plan, and other associated financial advice, life products or private medical insurance, in accordance with this agreement, which may include, but is not limited to, giving you financial advice and making recommendations as to investments and financial products which are suitable for you. Taking into account your personal situation, goals and objectives, the availability of products and the providers of those products, as well as a detailed analysis of your personal circumstances and requirements.
  • Carry out our legitimate business and professional management responsibilities which include, but are not limited to providing you with suitable advice, with appropriate safeguards and personal data is not disclosed outside without the consent of the data subject
  • In order for us to lawfully process special category data, we require additional explicit consent from you, due to its sensitive nature, to enable us to process your information.

Please confirm on the declaration if you consent to us asking for this information and processing it on your behalf.

Marketing

From time to time we may wish to contact you with details of other investment, pension or financial products and/or services which we think may be of interest and/or beneficial to you.

If you consent to us contacting you for this purpose then please tick the options on the Declaration in regard to how you would like to be contacted:

If you do not tick any of the options we will reasonably assume that you do not wish to be contacted by us in regard to additional investment, pension or financial products and services.

We will not use your data for marketing purposes of any sort unless you have expressly given us your prior consent.  The use of your data as detailed in the remained of this agreement is not affected by whether you choose to consent to the use of data for marketing purposes.

Please note that you may withdraw your consent to marketing at any time by giving us notice in writing.

Website and the Use of ‘cookies’

Like many other websites, the Asset Management Financial Advisers Ltd website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your country preference. This helps us to improve our website and deliver a better more personalised service.

It is possible to switch off cookies by setting your browser preferences.  Turning cookies of may result in a loss of functionality when using our website.

Profiling

When you visit our websites we use a cookie to assign you a randomly generated unique identifier. We log your activity on our websites against this identifier in our databases. Once in our databases, this information will be added to your user profile and we use this data to monitor your activity on our website.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site. 

Legal Terms

If any provision, or part thereof, of this agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.

In the event of any change in Data Protection Law occurring after the date of this agreement which requires the adoption of revised provisions dealing with data retention or portability, the parties will use all reasonable endeavours to agree such consequential changes to this agreement as may reasonably be required to comply with the requirements of Data Protection Law (“Compliant Terms”) and incorporate the same as an amendment to this agreement.

Who to contact in AMFA in relation to your Information 

If you have any queries or comments about this document, or should you wish to contact AMFA in order to exercise any of your rights set out within this document, then please contact:

Peter Davis, Head of Operations

Asset Management Financial Advisers Limited

40 Victoria Road

Woolston

Southampton

SO19 9DX

Email: peter.davis@assetmanagement.co.uk

Tel: 02380 420 606

If AMFA feel that we have a legal right not to deal with your request, or to action it in a different way to how you have requested it, we will inform you of this.

Should you become aware of any unauthorised disclosure of your information, then please contact us as soon as possible so that we may fully investigate and fulfil our own regulatory obligations.

Right to complain

If you believe that we are not holding your information correctly or are unhappy at any dealings with us regarding your information you may complain to the Information Commissioners Office. You can do this via their website https://ico.org.uk/concerns or by calling 0303 123 1113.

Review of this Policy

We keep this Policy under regular review. This Policy was last updated in May 2018.

Contacting us

We welcome any queries, comments or requests you may have regarding this policy please do not hesitate to contact us at dataprotection@assetmanagement.co.uk