At Serenity Financial Planning we’re committed to protecting and respecting your privacy.
This Policy explains when and why we collect personal information about people who visit our website or seek our services, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to Clive Thompson, Head of Business Standards, Serenity Financial Planning, 15 Beaumont Fee, Lincoln, LN1 1UH. Alternatively, you can telephone 020 8440 4788.
How do we collect information from you?
We obtain information about you when you use our website, and if you seek our advice or other services.
What information do we collect about you?
If you are visiting our website the personal information we collect might include your name, address, email address, IP address, and information regarding what pages are accessed and when.
We collect information about you when you request us to provide you with quotes for our services and engage us for financial planning services. This information will relate to your personal and financial circumstances and objectives. It may also include special categories of personal data such as data about your health, if this is necessary for the provision of our services.
Where you have investments or polices we will obtain information on these either from you or upon consent from you directly from the providers concerned. We will assess your Attitude to Risk and Capacity for loss and record this in our documentation. We will retain records of any investments or policies that you arrange through us.
Where we are providing an ongoing service we will update the information as part of our review process and note our records.
Information may be obtained from you face to face or through e mail or completion of online documentation. As the information is required to enable us to provide our services if you opt not to provide it we may not be able to continue to advise you.
We may also collect information when you voluntarily complete client surveys or provide feedback to us.
Information relating to usage of our website is collected using cookies. These are text files placed on your computer to collect standard internet log information and visitor behaviour information. We’ll use your information collected from the website to personalise your repeat visits to the site.
We try at all times to keep at all personal data collected and processed accurate and up-to-date. We check the accuracy of data when it is collected and at regular intervals thereafter. Where any inaccurate or out-of-date data is found, all reasonable steps will be taken to amend or erase that data, as appropriate.
Special categories of data
There may be situations where the information we require is a special category of personal data under the legislation. In this case we will explain why we need it and obtain your consent to obtain the data. This situation most commonly occurs where we are arranging life assurance products and need to obtain medical information from you.
Information about connected individuals
We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
Why do we need to collect and use your personal data
The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.
How will we use the information about you?
We collect information about you in order to:
- provide you with the services for which you engage us:
- act as the basis for any advice we provide
- carry out our obligations arising from any contracts entered into by you and us;
- provide information to investment providers or life assurance firms for the purposes of arranging products and services for you;
- provide our ongoing service to you.
- meet our regulatory obligations in the services we provide to you.
Who might we share your information with?
We will not sell or rent your information to third parties.
Third Party Service Providers working on our behalf: We may pass your information to our third-party service providers (including investment houses and life assurance firms), agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf such as paraplanning and compliance support. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We will not release your information to third parties beyond the firm for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Where third parties are involved in processing your data we’ll have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they’ll only act in accordance with our written instructions.
Where it’s necessary for your personal data to be forwarded to a third party we’ll use appropriate security measures to protect your personal data in transit such as encrypted data file transfers and password protected documents.
To fulfil our obligations in respect of prevention of money-laundering and other financial crime we may send your details to third party agencies for identity verification purposes.
How long do we keep hold of your information?
During the course of our relationship with you we’ll retain personal data which is necessary to provide services to you. We’ll take all reasonable steps to keep your personal data up to date throughout our relationship.
We are also subject to regulatory requirements to retain your data for specified minimum periods. These are, generally:
- Five years for investment business
- Indefinitely for pension transfers and opt-out business
- Three years for insurance business
These are minimum periods, during which we have a legal obligation to retain your records.
We reserve the right to retain data for longer where we believe it’s in our legitimate interests to do so. You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
How can I access the information you hold about me?
You have the right to request a copy of the information that we hold about you. If you’d like a copy of some or all your personal information, please email or write to us using the contact details noted above.
You may make a subject access request (“SAR”) at any time to find out more about the personal data which we hold about you. We are usually required to respond to SARs within one month of receipt (this can be extended by up to two months in the case of complex and/or numerous requests, and in such cases the data subject shall be informed of the need for the extension).
All subject access requests must be sent to our Data Protection Officer.
We do not charge a fee for the handling of normal SARs. The Company reserves the right to charge reasonable fees for additional copies of information that has already been supplied to a data subject, and for requests that are manifestly unfounded or excessive, particularly where such requests are repetitive.
You also have the following rights in respect of your personal data:
- The right to be informed of the processing – you may ask for a copy of the information Serenity Financial Planning holds about you and we will provide this within one month of receipt free of charge (we may charge a fee for subsequent or duplicate requests).
- The right to rectification – you may ask us to correct any information that we hold that is inaccurate or incomplete:
- The right of erasure – you may ask us to delete or cease processing data in certain situations. Please note that we will have regulatory obligations to retain information for certain time periods and we will retain such information as we believe is necessary to fulfil these obligations;
- The right to restrict processing – you may ask us to cease processing information. This means that we will be able to retain it but no longer act upon it. In the event that you no longer need our services and terminate them we will automatically cease processing information;
- The right of data portability – You may have the right to have your data transferred to another service provider in an appropriate electronic format. Please note that we will have regulatory obligations to retain copies of the information as outlined previously;
- The right to object to processing – You may have the right to object to us processing information or using it for marketing purposes;
- The right to understand automated decision making and profiling – when your personal data is processed by automated means you have the right to ask us to move your personal data to another organisation for their use.
For more details on how to exercise these rights please contact us.
We have an obligation to ensure that your personal information is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.
We’d like to send you information about our products and services which may be of interest to you. If you’ve agreed to receive marketing information, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing. If you no longer wish to be contacted for marketing purposes, please contact us by email or post.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it is retained securely and processed in a confidential manner. Your information may be accessed by your adviser and our support staff for the purposes of providing our services to you. In addition, it may be accessed by senior managers and our compliance consultants (or the FCA) for the purposes of ensuring compliance with our regulatory obligations and reviewing the quality of our advice.
Information may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information that passes between us, and you should consider the risk of this. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
For further information visit http://www.allaboutcookies.org/
You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
What can you do if you are unhappy with how your personal data is processed?
If you believe that we are not holding your information correctly or are unhappy at any dealings with us regarding your information you may complain to the Information Commissioners Office. You can do this via their website https://ico.org.uk/concerns or by calling 0303 123 1113 (local rate) or write to them at:
Information Commissioner’s Office