Contact us: 01799 543222

Privacy Notice

This Privacy Notice explains how we collect, use, disclose, transfer and store your personal information. We have developed this Privacy Notice because we want you to feel confident about the privacy and the security of your personal information.

When we refer to “personal information” or “personal data” in this Privacy Notice, we mean information which identifies you as an individual, or is capable of doing so.

When will we collect your information
We will collect information from you when you use our services or contact us in person, by telephone, by e-mail or by post or when you voluntarily complete client surveys, provide feedback or complete a contact form on our website.

We may collect information about you from fraud prevention agencies and other organisations when we undertake checks such as identification verification checks, as explained further below.

We record all calls for training and quality purposes and to enable us to deal effectively with queries or complaints and in order to comply with our regulatory obligations.

We will collect information from you which is necessary to provide you with the services you require. This may include:

  • Your contact details, such as your name, address, telephone number and email address.
  • Your date of birth, nationality, country of birth, country of residence, employment status, income sources, source of wealth, existing investments and savings, family circumstances, objectives and plans and tax identification number (i.e. National Insurance Number).
  • Passport details, driving licence and utility bills.
  • Details of the services you request from us.

In some cases, you are not obliged to provide any personal data to us, but if you have requested a service from us, we will not be able to provide it without certain information. Before we can begin providing you with our services, we need to obtain certain information about you, so that we can verify your identity in order for us to meet our obligations under the Money Laundering and any other applicable legislation and for the purposes of crime prevention and fraud prevention. You are obliged to provide this information and if you do not provide it, we will be unable to provide you with our services.

We need your information in order for us to:

  • provide financial planning services to you which may include but not be limited to, giving you financial advice and making recommendations as to investments and financial products which are suitable for you and ensuring these continue to be suitable for you.
  • comply with our regulatory obligations imposed by the Financial Conduct Authority.
  • undertake checks such as identification verification checks with fraud prevention agencies to enable us to comply with our anti-money laundering obligations and for the purposes of crime prevention and fraud prevention.
  • deal with any queries, complaints or problems reported by you.
  • help improve the services we provide to you and to notify you of any changes to our services.

Unless otherwise stated in this Privacy Notice, the legal basis for our use of your personal data will be that this information is required for one or more of the legitimate interests described above.

Holding your data
We are committed to only keeping your personal data for as long as we need to in order to fulfil the relevant purpose(s) it was collected for, as set out above in this notice, and for as long as we are required or permitted to keep it by law.

We retain copies of our client contracts in order to enable us to deal with any legal issues and the information provided to us for identification verification checks, financial crime and anti-money laundering checks (as required by law) for 6 years after termination or expiry of our contract with you. We retain details of complaints for 6 years from the date of receipt.

  • We will hold any agreements between you and us for a period of 6 years from the termination or expiry of the agreement unless we have been notified of any claim or circumstance which might give rise to a claim under or by reference to such agreements.
  • We will process data relating to investments which we have provided advice on and / or arranged for you including call recordings, electronic communications and minutes of face-to-face meetings. We will process such data throughout the entire period you are and remain a client of the firm and for a period of not less than 6 years following our ceasing to provide services to you in regard to those investments. In the case of long-term investments, we may process your data until the date of maturation of such long-term investments.
  • We will hold data as required by any Regulator until the end of any limitation period imposed by that Regulator, which in the case of the Financial Conduct Authority is currently 6 years for all types of business undertaken except for some pension related business, which can include pension transfers, pension opt-outs and free-standing additional voluntary contributions where the data retention period is indefinite.
  • We will hold data as required by any relevant third party until the end of any limitation period imposed by that relevant third party, which in the case of HMRC shall be 7 years, unless we are notified that any period is considered “open” by HMRC in which case it will be until we are notified the period is “closed”.
  • We will hold data as required for the purposes of any legal proceedings for a period of 6 years following the conclusion of any such proceedings unless a longer period is required pursuant to any court rule or enactment. Proceedings will be taken to have concluded on the expiry of any period given for appealing any final judgement or on the date of concluding any settlement staying all relevant claims if the proceedings were settled before judgement.

Save for the above, we will hold data for a maximum of 50 years from the date we receive the data. In the event that more than one period applies to the same data, we will retain the data to the last such period to expire:

Data protection and confidentiality
We take appropriate security measures (including physical, electronic and procedural measures) to help protect the confidentiality, integrity and availability of your personal information from unauthorised access and disclosure.

You are responsible for maintaining the confidentiality of any User ID and password which relate to your access to certain services we provide or any account you set up with us. You agree to accept responsibility for all activities which occur in relation to the same.

You should not permit other people to use your User ID or password. Please contact us promptly if you believe your User ID or password may have been compromised. We will not be responsible to you if there is unauthorised access to your login details or unauthorised activity as a result of someone else using your login details, unless we caused this to happen
because of our negligence.

Despite our efforts regarding security it is important to bear in mind that the internet is not a secure means of communication. Personal information communicated through the internet may be intercepted by other people. We cannot guarantee the security of personal information sent to us in this way and you do so at your own risk.

Disclosure of your information
In order to carry out our legitimate business and to provide you with financial planning services, we have entered into agreements with and will share your information with the following companies for the purposes of compliance, business processing, IT systems security, data management and control and auditing. Full details of these companies addresses (all UK based) and contact details are available on request. We will not lend or sell your information to third parties.

  • Providers of investments or services we recommend, including providers of pensions, offshore bonds, onshore bonds, trusts, investment platforms, discretionary management services, mortgages, mortgage protection products, insurance products or other such products or services. We may also be required to share information with auditors appointed by the providers of such products or services.
  • If required to do so by the Financial Conduct Authority or any relevant regulatory authority where they are entitled to require disclosure.
  • Fraud prevention agencies and other organisations to allow us to undertake the checks set out below. We will supply details of such agencies on request.
  • Our compliance consultants.
  • Specialist service providers such as technical service providers and para-planning companies.
  • If the company or substantially all of its assets are acquired by a third party then personal information held by it about our clients may be one of the transferred assets.

Fraud prevention checks
As part of our process we will carry out automated checks using your personal data, such as your name, postal address, date of birth, telephone numbers and employment status. These checks include identification verification checks and financial crime checks and involve us obtaining information from fraud prevention agencies and any records held by financial crime prevention agencies, on the Electoral Register and providers of utility services.

We need to carry out these checks in order to meet our obligations under the Money Laundering Regulations and any other applicable legislation. The information obtained from these checks is used by us to determine if we can accept you as a client, whether further information is required or the application is rejected, based on factors such as whether we have been able to verify your identity.

We may make periodic searches with fraud prevention agencies during the course of our relationship with you to verify the information we hold remains correct and that there has been no change in your status (for example when you are a politically exposed person or if you have been subject to a financial sanction). We and other organisations (who may be from other countries) may use and access the information recorded by fraud prevention agencies.

To prevent or detect fraud, or to assist in verifying your identity we may make searches at fraud prevention agencies. We may also provide information to financial and other organisations involved in fraud prevention to protect ourselves and our customers from theft and/or fraud. If false or inaccurate information is provided and fraud is identified or reasonably suspected, details will be passed to fraud prevention agencies who will record this. This information may also be accessed by law enforcement agencies. This information may be used by us and other organisations to prevent fraud and money laundering, for example, when processing applications for services or for debt recovery.

Your rights
You have the following rights (unless exemptions apply), which can be exercised by contacting us using the details provided below. The right:

  • to ask us not to process your personal data for marketing purposes; To access personal data held about you and to obtain a copy of it.
  • to prevent any processing of personal data that is causing or is likely to cause unwarranted and substantial damage or distress to you or another individual.
  • to request the rectification or completion of personal data which are inaccurate or incomplete; To restrict or object to the processing of your personal data.
  • to request its erasure under certain circumstances.
  • in certain circumstances, to receive your personal data, which you have provided to us, in a structured, commonlyused and machine-readable format and the right to transmit that data to another data controller without hindrance, or to have that personal data transmitted to another data controller, where technically feasible.
  • to be informed about any use of your personal data to make automated decisions about you, and to obtain meaningful information about the logic involved, as well as the significance and the envisaged consequences of this processing.
  • to lodge a complaint about the way in which your personal data is being used to the Information Commissioner’s Office.

When you contact us to exercise any of the rights above, we may ask you to provide some additional information in order to verify your identity, such as your name, your address and proof of identity.

If you would like to lodge a complaint or exercise any of your rights set out above, you can contact us at:

E-mail: dpo@greenwoodfinancialplanning.co.uk

Post: Data Protection Officer, Greenwood Financial Planning LLP, The Barn, Audley End Business Centre, Wendens Ambo, Saffron Walden CB11 4JL.

Alternatively, you can contact the Information Commissioner’s Office

Marketing and updates
We would like to send you information about products and services of ours. We would also like to send you news and information about the financial markets and financial services. We will seek your consent before sending you any such marketing or communications. When you register with us or apply to use our services you may specify your marketing and communication preferences or indicate that you do not wish to receive news or information. If you have consented to receive marketing communications you may change your preferences or opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please contact us at office@greenwoodfinancialplanning.co.uk.