white-branch

Privacy Policy

white-branch

Introduction

This notice provides you with information concerning our collection and use of personal data. If you have any queries regarding this statement, please do not hesitate to contact us.

Legal basis

We collect, control and process your personal information because this is necessary to provide you with information, answer any queries you may have and for the provision of our services to you. Contractual necessity is therefore the lawful basis for collecting, controlling and processing your personal details and those of your employees and service providers other than sensitive personal data for which we require individual consent. We do not normally request or process any sensitive personal data.

Sensitive personal data:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data
  • Data concerning health
  • Data concerning sex life or sexual orientation

We would discuss with you the need for the provision of sensitive data before you provide this information. The subsequent provision of sensitive personal data will be taken as consent to this processing.

It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.

We do not use your personal data for marketing purposes nor will we share your data with any other organisation for marketing purposes.

What data we collect & what we do with it

In order to provide financial/insurance advisory services we will obtain personal information from you concerning your finances, circumstances, objectives and other relevant details. We will collect, store and process this information.

Completing our data capture form

Once you complete the data capture form your data will be stored on CashCalc.co.uk and will be protected by single-factor authentication (SFA). You will require a PIN to access the data capture form which has been set up for your safety and security. CashCalc has taken appropriate action to ensure your data is secure and is required to let you know of any breaches. Their privacy policy can be accessed here.

Completing our Attitude to Risk Questionnaire

Once you have completed our Attitude to Risk Questionnaire on Parmenion your responses will be stored and protected by single-factor authentication (SFA). Parmenion’s guide to UK GDPR can be found here.

What we will do with your data

Once your data has been processed it will be transferred to Dropbox, a file-hosting system. Dropbox files at rest are encrypted using 256-bit Advanced Encryption Standard (AES). To protect data in transit between Dropbox apps (currently desktop, mobile, API, or web) and our servers, Dropbox uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) for data transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. Where communications are ongoing we will store your details within our Dropbox Inc and Wealthbox accounts.

Esupport updates

We will store your name and email address with a data processor to enable us to communicate service updates to you. Mailchimp.

Our communication with you

We will generally communicate with you via email. This will be via Gmail, which is again protected by single-factor authentication (SFA). There may also be times when it is required for us to contact you by telephone which may be recorded. Calls are recorded through Eve, which is protected by single-factor authentication (SFA) and can only be accessed by a security user.

Communication between staff

Alongside emails through Gmail, staff members will also communicate with each other through Slack, which is a secure instant messaging service where messages are encrypted both in transit and at rest. We will also communicate through WhatsApp, which is protected by end-to-end encryption.

Sharing your data

In the course of our work with you we will share your personal data with product and service providers; we may also share you date with compliance monitoring & support organisations and regulatory bodies who are also ‘Data Controllers’ and registered with a supervisory authority in the UK unless otherwise indicated before we share any of your data.

We also use external data processors that will hold information for the following purposes:

  • Secure file sharing
  • Data backup
  • Dissemination of information

Otherwise we will not share your personal information with other companies without your express authority except if the firm is sold or where we are required to do so by law.

Data processors

  • Apple
  • Dropbox
  • Docusign
  • CashCalc
  • Apricity
  • Parmenion
  • Wealthbox
  • Smartsearch
  • Google (Gmail, Sheets, Forms)
  • Mailchimp
  • Financial Express Analytics
  • The GI Consultant
  • Slack

 Cross border transfer

All our data processing takes place within UK jurisdiction. Or should any processor hold any data on our behalf outside of the UK we will take steps to ensure that it is held in a satisfactory jurisdiction. In the case of the US we will ensure that the UK-US Privacy Shield applies.

Marketing

The information we collect about you is used solely for the purposes for which it was provided. We will never use your data or share it for marketing purposes.

If we have collected information from you for marketing purposes we will inform you and specifically gain your consent.

Retention

We will keep your personal data throughout our business relationship. At the end of any contractual relationship we are required to continue to hold personal data under current legislation for varying periods and in some circumstances indefinitely. We may also consider it necessary to keep data beyond thee timescales in order to defend any future legal action. Where we no longer need regular access to your data we will transfer your data to a secure archive in order to avoid any unnecessary processing.

Your rights

Under data protection law you have the right to ask us for a copy of the information we hold about you, and to have any inaccuracies corrected or removed. You may also ask us to delete all personal data held by us or any controller or processor with which we have shared your data.

To do this, please either contact us in writing, by telephone or email.

Complaints

The UK Information Commissioner’s Office is our supervising authority where you can refer any complaints about data protection. Click here for more information.

Contact

For any queries about data protection please contact:

 

Contact name Rohan Sivajoti
Address 26 Leconfield, Darlington, County Durham, DL3 8HL
Telephone 01325965300
Web postcardplanning.co.uk
Email rohan@postcardplanning.co.uk

Where we store your Personal Data

All the data that we collect is stored on our encrypted server or back-up drives in the UK or with our listed processors under contract.

Meet our clients

Our clients are at the heart of everything we do. Some of them were kind enough to sit down and chat about how working with us has changed their lives for the better.

Get in touch

We’d love to arrange a casual chat over a cuppa and cake to discuss how we might be able to help you. Just leave your details below and we’ll be in touch.