The information that we collect
As part of our ‘client-first’ approach, and in order to assess your needs and circumstances to provide advice to you, we will undertake a “Getting to know you” process. This process will include obtaining the details relevant to your personal and financial circumstances and objectives.
Your personal data identifies you directly, for example, your full name, date of birth, national insurance number etc. and relates to your personal circumstances.
Your personal data may also identify you indirectly, for example, your employment details, physical and mental health history, or any other details that may be associated to your cultural or social identity.
Your personal data may include, but is not limited to:
|Personal||Title; Full Name; Date of Birth; Gender; Nationality; Contact Details|
|Employment||Employment Status; Remuneration Information; Employment History|
|Assets & Liabilities||Bank Account Details; Sources of Income and Expenditure; Credit History|
|Health||Health Status and History (Further details provided below specifically regarding this type of information and how it is processed|
|Existing Arrangement||Existing investment; mortgage; pension; term protection|
In most instances we will obtain your information in a face to face meeting. There may however be occasions where we will rely on telephone calls, emails and online portals. We will retain records of all products that you arrange via our service and, where an ongoing service is provided, we will maintain the records as part of the review process.
We are required by the Financial Conduct Authority (FCA) to verify the identity of potential and existing clients. In order to do this we will use electronic identity verification software, the adviser may also request proof of your identity i.e. passport; driving license etc. The full details regarding this can be found in the Anti-Money Laundering section of the client agreement.
How your personal information is used
Your information will be used:
- As the basis for any advice we provide to you.
- To provide an ongoing service to you, where agreed.
- To comply with regulatory obligations enforced by our regulator the FCA, including Anti-Money Laundering.
- In the application process with product providers with whom you agree a service or product with.
- As confirmation of your identity for data protection purposes.
The lawful basis for holding your data
We will hold your data on the Contractual lawful basis, in accordance with the Data Protection Act of 1998 and the General Data Protection Regulation (GDPR) enforced by the Information Commissioners Office (ICO) whereby both parties are entering a contract for the provision of a service.
Your personal data will be used provided it is in our business interest to do so and your rights are not affected. For example, we may need to respond to requests from product providers, compliance service providers or you, the client, regarding advice given or simply to request feedback relating to the service provided to you.
Special category data is personal data which the GDPR says is more sensitive, and so needs more protection. This may include, but is not limited to, race, ethnic origin, health, sex life or sexual orientation.
We will only record your special data where it is appropriate to do so in order to meet the obligations of the contractual agreement entered into by you and Sequence Financial Management. For example, an insurance company may request details regarding your medical history.
If you are the parental guardian for a child/children under the age of 13, we will record information relevant to them where necessary. This may also include their Special Data.
How your Personal Data is used when it is disclosed to us
When using your personal data, we will:
- Record and store your personal data in paper and electronic formats (computer hard drives, client relationships management software, email). Only employees of our organisation can access this information and, where necessary, share it with third parties to provide our service to you.
- Submit your personal data to product providers, both in paper form and online. The provision of this information to a third party is essential in allowing us to progress any enquiry or application made on your behalf and to deal with any additional questions or administrative issues that may arise.
- Use Your Personal Data for the purposes of responding to any queries you may have in relation to any product you may take out, or to inform you of any developments in relation to those products and/or polices of which we might become aware.
Retention of your Personal Data
The FCA requires us to retain records for specified periods based upon the nature of the service provided. The retention periods vary dependant on the nature of the services provided. Your Personal Data will be retained by us, either electronically or in paper format, for a minimum of six years. In instances where we have a legal right, or there is a regulatory requirement by the FCA to such information, we will retain records indefinitely.
Where we are providing an ongoing service, we will hold data for a period of not less than 6 years following the cessation of the agreement in relation to that service.
Who will have access to your Personal Data?
Your personal data will be shared with:
- Product providers relevant to the advice being provided to you.
- Third parties that are deemed as able to assist with your enquiry/application, or are able to support your needs identified during the “getting to know you” process or provided by you as part of an enquiry.
Your personal data will only be shared for the purposes set out in this Privacy Notice. The sharing of your personal data does not entitle the third parties to send you marketing or promotional material. Your data is shared is to ensure that we can provide you with our professional services.
We will not sell or rent your personal data to third parties, whether that be for marketing or any other purpose.
Your rights relating to your Personal Data
The fourth data protection principle of the Data Protection Act 1998 states that “Personal data shall be accurate and, where necessary, kept up to date.” We take this principle very seriously and endeavour to ensure we have the most up to date information relevant to the client agreement.
Where we provide an initial advice service only we will ensure that your data is recorded to reflect your situation at that time. This means that we will not update your details unless requested to do so by you.
Where an ongoing service is provided we will update your information when necessary, usually at review stage. Should your details change between reviews we strongly encourage you to let us know.
Your rights in relation to your data can be summarised as follows:
- The right to be informed – You have the right to be informed about the collection and use of your personal data.
- The right of access – You have the right to access your data, this is commonly known as Subject Access. You can make a Subject Access Request verbally or in writing. We will respond within one month of your request and there is no charge associated. Please note that duplicate or excessive requests may incur a charge.
- The right to rectification – The GDPR includes a right for individuals to have inaccurate personal data rectified or completed if it is incomplete. You can make a rectification request verbally or in writing. We will respond to your request within one month. A request for rectification may be refused, this will be explained in the response.
- The right to erasure – You have the right to have your personal data erased. This is also known as ‘The right to be forgotten’. You can make a request for erasure verbally or in writing. We will respond to your request within one month.
- The right to restrict processing – You have the right to request the restriction or suppression of your personal data. Please note that when the processing is restricted we still maintain the right to store the personal data, but not use it. You can make a request to restrict processing verbally or in writing. We will respond to your request within one month.
- The right to data portability – This allows you to obtain and reuse your personal data for your own purposes across different services. This allows you to move, copy or transfer data from one IT environment to another safely and securely, without affecting the usability of the usability of the data.
- The right to object – The GDPR gives you the right to object to the processing of your personal data in certain circumstances. You have the absolute right to stop your data being used for direct marketing. You can make an objection request verbally or in writing. We will respond to your request within a month
- Rights in relation to automated decision making and profiling – You have the right to challenge a decision or request human intervention where automated decision making and profiling has occurred.
This is a summary of your rights and there may be restrictions on some of them. If you wish to explore any of these rights at any time, please contact us using the contact details provided and we will be pleased to assist you.
Precautions taken to protect against the misuse, unauthorised alteration and loss of your Personal Data
We take steps to ensure that personal data you provide to us is retained securely and processed in a confidential manner by those authorised to do so. Typically, this will be your assigned adviser and our support staff for the purpose providing our service to you. Your personal data may also be accessed by senior managers, compliance officers and/or the FCA for the purpose of ensuring compliance with our regulatory requirements.
The best efforts are made to ensure that any personal data that you transmit to us via the internet is recorded and stored securely. In instances where we are required to provide you with a password to gain access to provider websites, we strongly urge you to change that password at your earliest convenience. You are responsible for keeping passwords confidential and we ask that you do not share your passwords with anyone.
You are also expected to take reasonable steps to safeguard your personal data when transferring it to us. Confidential data should not be sent via unprotected email, any attachments sent via email are password protected or encrypted and anything sent via post should be sent using secure methods of postage which can be traced.
Transferring your information outside of Europe
If, in the unlikely event that is deemed necessary to share any data we hold about you with any party outside of the European Economic Area, that party will be required to firstly comply and adhere to the GDPR regulation.
We will contact you to provide the service agreed. Where this includes our ongoing service, we will contact you at the agreed time to undertake your ongoing review. We may also contact you between reviews if we believe that you need to take action i.e. making ISA or pension contributions before tax year end, or if we think you need to be aware of changes in the economic situation.
Any questions regarding this Policy and our privacy practices should be sent via email to firstname.lastname@example.org or in writing to Sequence Financial Management, 14 Brunel Court, Rudheath Way, Northwich, Cheshire, CW9 7LP. Alternatively, you can call our office on 0345 643 2633.
Right to complain
If you have any concerns or complaints as to how we have handled Your Personal Data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us/ or by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.