white-branch

Privacy Policy

white-branch

Introduction

This notice provides you with information concerning our collection and use of personal
data. If you have any queries regarding this statement, please do not hesitate to contact us.

Legal basis

We collect, control and process your personal information because this is necessary to
provide you with information, answer any queries you may have and for the provision of our
services to you. Contractual necessity is therefore the lawful basis for collecting, controlling
and processing your personal details and those of your employees and service providers
other than sensitive personal data for which we require individual consent. We do not
normally request or process any sensitive personal data.

Sensitive personal data:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data
  • Data concerning health
  • Data concerning sex life or sexual orientation

We would discuss with you the need for the provision of sensitive data before you provide
this information. The subsequent provision of sensitive personal data will be taken as
consent to this processing.

It is entirely up to you as to whether or not you choose to provide us with any personal
information. If you choose not to, we simply may not be able to assist you.

We do not use your personal data for marketing purposes nor will we share your data with
any other organisation for marketing purposes.

What data we collect & what we do with it

In order to provide financial/insurance advisory services we will obtain personal information
from you concerning your finances, circumstances, objectives and other relevant details. We
will collect, store and process this information.

Completing our data capture form

Once you complete the data capture form your data will be stored on CashCalc.co.uk and
will be protected by single-factor authentication (SFA). You will require a PIN to access the
data capture form which has been set up for your safety and security. CashCalc has taken
appropriate action to ensure your data is secure and is required to let you know of any
breaches. Their privacy policy can be accessed here.

Completing our Attitude to Risk Questionnaire

Once you have completed our Attitude to Risk Questionnaire on Google Forms your
responses will be stored on Google and will be protected by single-factor authentication
(SFA). Your responses are then transferred by us to Financial Express. Your responses on
Financial Express are protected by SFA and require a group username, username and
password.

What we will do with your data

Once your data has been processed it will be transferred to Dropbox, a file-hosting system.
Dropbox files at rest are encrypted using 256-bit Advanced Encryption Standard (AES). To
protect data in transit between Dropbox apps (currently desktop, mobile, API, or web) and
our servers, Dropbox uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) for data
transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption
Standard (AES) encryption. Where communications are ongoing we will store your details
within our Dropbox Inc and Wealthbox accounts.

Esupport updates

We will store your name and email address with a data processor to enable us to
communicate service updates to you. Mailchimp.

Our communication with you

We will generally communicate with you via email. This will be via Gmail, which is again
protected by single-factor authentication (SFA). There may also be times when it is required
for us to contact you by telephone which may be recorded. Calls are recorded through Eve,
which is protected by single-factor authentication (SFA) and can only be accessed by a
security user.

Communication between staff

Alongside emails through Gmail, staff members will also communicate with each other
through Slack, which is a secure instant messaging service where messages are encrypted
both in transit and at rest. We will also communicate through WhatsApp, which is protected
by end-to-end encryption.

Sharing your data

In the course of our work with you we will share your personal data with product and
service providers; we may also share you date with compliance monitoring & support
organisations and regulatory bodies who are also ‘Data Controllers’ and registered with a
supervisory authority in the EU unless otherwise indicated before we share any of your
data.

We also use external data processors that will hold information for the following purposes:

  • Secure file sharing
  • Data backup
  • Dissemination of information

Otherwise we will not share your personal information with other companies without your
express authority except if the firm is sold or where we are required to do so by law.

Data processors

  • Apple
  • Dropbox
  • Docusign
  • CashCalc
  • Para-sols
  • Wealthbox
  • Smartsearch
  • Google (Gmail, Sheets, Forms)
  • Mailchimp
  • Financial Express Analytics
  • The GI Consultant
  • Slack

Cross border transfer

All our data processing takes place within EU jurisdiction. Or should any processor hold any
data on our behalf outside of the EU we will take steps to ensure that it is held in a
satisfactory jurisdiction. In the case of the US we will ensure that the EU-US Privacy Shield
applies.

Marketing

The information we collect about you is used solely for the purposes for which it was
provided. We will never use your data or share it for marketing purposes.
If we have collected information from you for marketing purposes we will inform you and
specifically gain your consent.

Retention

We will keep your personal data throughout our business relationship. At the end of any
contractual relationship we are required to continue to hold personal data under current
legislation for varying periods and in some circumstances indefinitely. We may also consider
it necessary to keep data beyond thee timescales in order to defend any future legal action.
Where we no longer need regular access to your data we will transfer your data to a secure
archive in order to avoid any unnecessary processing.

Your rights

Under data protection law you have the right to ask us for a copy of the information we hold
about you, and to have any inaccuracies corrected or removed. You may also ask us to
delete all personal data held by us or any controller or processor with which we have shared
your data.

To do this, please either contact us in writing, by telephone or email.

Complaints

The UK Information Commissioner’s Office is our supervising authority where you can refer
any complaints about data protection. Click here for more information.
Contact

For any queries about data protection please contact:

Contact name Rohan Sivajoti
Address 26 Leconfield, Darlington, County Durham, DL3 8HL
Telephone 01325965300
Web Postcardplanning.co.uk
Email rohan@postcardplanning.co.uk
Where we store your Personal Data

All the data that we collect is stored on our encrypted server or back-up drives in the UK or
with our listed processors under contract.

Meet our clients

Our clients are at the heart of everything we do. Some of them were kind enough to sit down and chat about how working with us has changed their lives for the better.

Get in touch

We’d love to arrange a casual chat over a cuppa and cake to discuss how we might be able to help you. Just leave your details below and we’ll be in touch.