1.1 We are committed to safeguarding the privacy of our clients; in this policy we explain how we will handle your personal data.
1.3 By completion of the attached consent form you can specify whether you would like to receive direct marketing communications.
2. How we use your personal data
2.1 In this Section 2 we have set out:
(a) the general categories of personal data that we may process;
(b) the purposes for which we may process personal data; and
(c) the legal bases of the processing.
2.2 We may process your personal data that are provided in the course of the use of our services. The service data may be processed for the purposes of providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is consent and the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
2.3 We may process information contained in any enquiry you submit to us regarding products and/or services. The enquiry data may be processed for the purposes of offering, marketing and selling relevant products and/or services to you. The legal basis for this processing is consent.
2.4 We may process information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website. The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.
2.5 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters. The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent.
2.6 In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with regulatory and legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
2.7 Please do not supply any other person’s personal data to us, unless we prompt you to do so.
3. Providing your personal data to others
3.1 We may disclose your personal data to our insurers and professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
3.2 In addition to the specific disclosures of personal data set out in this Section 3, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
3.4 Sensitive Data
3.5 Sensitive data refers to data that may include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences and only collect information about the above if it is needed for us to provide our services.
3.6 You are not obliged to share sensitive personal data (or any personal data) and must give us explicit consent to process this type of data. However, without your consent, it is unlikely that we will be able to fulfil our contract to you and would most likely have to terminate any agreement we have in place with you to provide financial planning services. If we are unable to provide these services, we will notify you at the time.
4. International transfers of your personal data.
4.1 We store your data on our secure servers in the United Kingdom and retain it for a reasonable period or as long as the law requires. However, your data may be transferred to, stored at, and processed at a destination inside or outside the European Economic Area by our partners or service providers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice.
5. Retaining and deleting personal data
5.1 This Section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
5.2 Personal data that we process shall not be kept for longer than is necessary for that purpose or those purposes.
5.3 We will retain and delete your personal data as follows:
5.4 If you cease to be a client of Pennine Financial Planning Ltd, we will ‘deactivate’ your data, which means that we will no longer process it. However, we will keep a record of any advice given as we have to adhere to certain rules set by the Financial Conduct Authority and, in addition, we believe we have a legitimate interest in holding a record of the personal information to protect ourselves against future complaints.
6.1 We may update this policy from time to time by publishing a new version on our website.
6.2 You should check this page occasionally to ensure you are happy with any changes to this policy.
6.3 We may notify you of changes to this policy by email or through private messaging system or via our website.
7. Your rights
7.1 In this Section, we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
7.2 Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
7.3 You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a) the supply of appropriate evidence of your identity. For this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address.
7.4 In practice, you will usually either expressly agree (opt in) in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
7.5 To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
8. About cookies
8.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
8.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
8.3 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
9. Our details
9.1 This website is owned and operated by Pennine Financial Planning Limited.
9.2 We are registered in England and Wales under registration number 5962655, and our registered office is at 29 High Street, Morley, Leeds LS27 9AL
9.3 Our principal place of business is at Greenbottom Farm Cottage, Barnsley Road, Hoylandswaine, Sheffield S36 7JA
9.4 You can contact us:
(a) by post, using the postal address given above;
(b) using our website contact form;
(c) by telephone, on 01226 370111; or
(d) by email, using firstname.lastname@example.org