At Armstong Financial Planning Ltd we are committed to protecting and respecting your privacy.
We are required to comply with the General Data Protection Regulation (Regulation (EU) 2016/679 (the “GDPR“)) and as such hereby set out details as to how we process your data and your rights.
This Policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how it is kept secure.
Any questions regarding this Policy and our privacy practices should be directed to our Data Controller Paul Armstrong by email to email@example.com or by writing to Armstrong Financial Planning Lt, Trinity House, 15 Cross Street, Standish, Wigan, WN6 0HQ. Alternatively, you can telephone 01257 425544.
How do we collect information from you?
With regards to retail clients, we obtain information about you if you seek our advice or in the instance you are an existing client and we are providing an ongoing service, we will update the information held as part of our review process and note on our records. Information may be obtained from you face to face, via e-mail or telephone communication.
In the case of a commercial contact, we will obtain information about you and the company you represent, this may be obtained from you face to face, via e-mail or telephone communication.
As information is required to enable us to provide our services if you opt not to provide it we may not be able to continue to advise you or have a working relationship with you.
What type of information is collected from you?
If you are seeking advice from us we will undertake a ‘getting to know you process’. This will include obtaining information about your personal and financial circumstances and objectives. Where you have investments, or polices we will obtain information on these either from you or upon consent from you directly from the providers concerned. We will assess your Attitude to Risk and Capacity for loss and record this in our documentation. We will retain records of any investments or policies that you arrange through us – further details on how long we can retain data for is specified later in this document.
There may be situations where the information we require is a special category of personal data under the legislation. In this case we will explain why we need it and obtain your consent to obtain the data. This situation most commonly occurs where we are arranging life assurance products and need to obtain medical information from you.
We will also hold data relating to third parties that we currently have or previously have had commercial relationships with. This data will include names, addresses, telephone numbers, email address and general correspondence received via electronic and paper form.
Why do we need your data and how it is used?
We need your information to:
Ø Act as the basis for any advice we provide
Ø To carry out our obligations arising from any contracts entered by you and us
Ø Provide information to investment providers or life assurance firms for the purposes of arranging products and services for you
Ø Provide our ongoing service to you
Ø Meet our regulatory obligations in the services we provide to you
Lawful bases for processing your personal data:
Ø Contract; Upon signing our Client Agreement you herby provide the company with the consent to process your data for recommending suitable products and services in accordance with your personal circumstances.
Ø Legal Obligation; Processing of your personal data is necessary for us to comply with The Financial Conduct Authority (FCA) regulations.
How long is information retained?
We are required by legislation and the FCA rules to retain records for specified periods. These vary dependent upon the nature of the service provided. If more than one period applies to the same data, we will retain the data to the last such period to expire:
Ø We will hold any agreements between you and us for a period of 6 years from the termination or expiry of the agreement, unless we have been notified of any claim or circumstance which might give rise to a claim under or by reference to such agreements.
Ø We will process data relating to investments which we have provided advice on and / or arranged for you. We will process such data throughout the entire period you are and remain a client of the firm and for a period of not less than 6 years following our ceasing to provide service to you with regards to those investments. In the case of long-term investments, we may process your data until the date of maturation of such long-term investments.
Ø We will hold data as required by any Regulator until the end of any limitation period imposed by that Regulator, which in the case of the Financial Services Authority is currently 6 years for all types of business undertaken except for Occupational Pension Schemes, which can include Defined Benefit Transfers and Scheme Money Purchase Transfers, whereby the data retention period is indefinite.
Ø We will hold data as required by any relevant third party until the end of any limitation period imposed by that relevant third party, which in the case of HMRC shall be 7 years, unless we are notified that any period is considered “open” by HMRC in which case it will be until we are notified the period is “closed”.
Ø We will hold data as required for the purposes of any legal proceedings for a period of 6 years following the conclusion of any such proceedings unless a longer period is required pursuant to any court rule or enactment. Proceedings will be taken to have concluded on the expiry of any period given for appealing any final judgment or on the date of concluding any settlement staying all relevant claims if the proceedings were settled before judgement.
Ø In certain circumstances, Armstrong Financial Planning can override the above stated retention periods and decide to hold data for a longer period which can be a maximum of 125 years from the date we receive the data.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf:
We may pass your information to our third-party service providers such as investment houses and life assurance firms and other associated organisations for the purposes of completing tasks and providing services to you on our behalf such as paraplanning and compliance support.
These include the following companies:
EBI Portfolios Ltd https://ebip.co.uk/legal/privacy-policy
Integrated Financial Arrangements (Transact Platform) https://www.transact-online.co.uk/wp-content/uploads/Standard-Privacy-Notice.pdf
Keytech Managed Solutions (IT Support) https://www.keytech.co.uk/privacy-policy/
In addition to the above listed companies you will be notified in accordance with the terms of this agreement as to the name and contact details of the data controller for any other third-party entity with whom we share and / or transfer your data and their representative.
When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
Please be reassured that we will not release your information to third parties beyond the firm for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We will make appropriate contact with you to provide the agreed services. Where this includes our ongoing service, we will contact you at the agreed intervals to undertake our review. We may also contact you in between the agreed intervals if we believe that you need to take action e.g. if you should consider making ISA or pension contributions before tax year end.
We will not contact you for marketing purposes by post, email, phone or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us by email or post.
How do we store your personal data and how is it protected?
Data is held electronically and via paper documents.
The information held electronically is stored on our database provided by Keytech Managed Solutions, Dropbox as well as on internal servers which are backed up locally.
Access to these servers is physically restricted by a two locked doors. This data is only shared to authenticated users of our network domain.
Most data only passes through a workstation as it is being used and is never directly stored on the machines being used by our staff, however some work is saved locally for various reasons. Because of this all workstations (on-site and remote) are protected by domain credentials known only to our employees.
All workstations are protected by Microsoft anti-virus software. We also employ a staff policy of locking workstations upon leaving them unattended.
Our on-site servers use backup services provided by Keytech Managed Solutions, see https://www.keytech.co.uk/privacy-policy/.
Our email communications are stored by an external service Keytech Managed Solutions.
A copy of a member of staff’s emails will also be stored on workstations which they use, these are protected as above.
Our phone communications are provided by an external service BT.
Paper files containing data are stored on Armstrong Financial Planning premises in lockable filing cabinets. Any paper documents containing data that is no longer required in paper format is shredded and then destroyed.
Your rights in relation to your information
The accuracy of your information is important to us. Where we provide just an initial advice service the information will reflect your situation at that time and we will not normally update this (apart from a change of contact information). Where we are providing an ongoing service, we will update the information as appropriate when we undertake a review with you. If between reviews if there are any changes to your information, please notify us and we will update our records.
Under new EU requirements you have many specific rights, these are summarised below:
Access – You may ask for a copy of the information Armstrong Financial Planning Ltd hold about you and we will provide free of charge (we may charge a fee for subsequent or duplicate requests).
Rectification – You may ask us to correct any information that we hold that is inaccurate or incomplete.
Erasure – You may ask us to delete or cease processing data in certain situations. Please note that we will have regulatory obligations to retain information for certain time periods and we will retain such information as we believe is necessary to fulfil these obligations. This may result a refusal of a request.
Restrict processing – You may ask us to cease processing information. This means that we will be able to retain it but no longer act upon it. If you no longer need our services and terminate them we will automatically cease processing information.
Portability – You may have the right to have your data transferred to another service provider in an appropriate electronic format. Please note that we will have regulatory obligations to retain copies of the information as outlined previously.
Objection – You may have the right to object to us processing information or using it for marketing purposes.
Armstrong Financial Planning Ltd, have appropriate processes in place to ensure that we respond to all the above listed requests with regards to your information without undue delay and within one month of receipt.
We have processes and procedures in place to erase information securely and in the case of a request to restrict information, have the systems in place to enable us to do so.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it is retained securely and processed in a confidential manner. Your information may be accessed by your adviser and our support staff for the purposes of providing our services to you. In addition, it may be accessed by senior managers and our compliance consultants (or the FCA) for the purposes of ensuring compliance with our regulatory obligations and reviewing the quality of our advice.
Information may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information that passes between us, and you should consider the risk of this.
Once we receive your information, we make our best effort to ensure its security on our systems.
Use of ‘cookies’
It is possible to switch off cookies by setting your browser preferences. Turning cookies of may result in a loss of functionality when using our website.
Links to other websites
Right to complain
If you believe that we are not holding your information correctly or are unhappy at any dealings with us regarding your information you may complain to the Information Commissioners Office. You can do this via their website https://ico.org.uk/concerns or by calling 0303 123 1113.
Review of this Policy
Armstrong Financial Planning Ltd keep this policy under regular review and may amend this policy from time to time without giving any prior notification. You are responsible for regularly reviewing the policy to confirm your continued agreement.