Protecting your personal information

The information you provide is subject to EU General Data Protection Regulation. In accepting our terms of service, you consent that we may process your data for the purposes of providing advice, and/or administration and management.

We deal with two types of customers, business customers and personal customers. If you are a personal customer (speaking to us about your own financial affairs) then we collect information about you, your family and your business and personal affairs; we obtain that information directly from you, and from third parties who you authorise to provide information. You provide this information in your meetings with us, (and by letter, emails and phone calls), and we record this information on our paper files and our computer databases. You may also provide us with copies of documents about your financial affairs which we retain. We also collect information from third parties about you, in paper and computer forms. E.g. information from providers about your existing investments, or information from your accountant about your financial position.

If you are a business customer (arranging employee benefits for your staff) then we collect information about you, your firm and your staff; we obtain that information directly from you, and from third parties who you authorise to provide information. You may provide us with information that is sensitive commercial data about your business and your market position (and any unique market proposition.) You provide this information in your meetings with us, (and by letter, emails and phone calls), and through your own data files containing information about your firm and your staff. We also collect information from third parties about you and your staff, in paper and computer forms. E.g. You may have a third part payroll supplier, or we may get information from your accountant.

Throughout this document we will use the phrase “your data” as a shorthand term for the information we hold about you, whether you are a business or a personal customer.

The word “Processing” includes obtaining, recording and holding information. Primarily, we use the above data to provide advice to you (or a non-advised service), and then to complete transactions on your behalf.  We analyse and assess your data to maintain and develop our relationships with you. The collection of data is necessary for us to perform our contractual responsibilities to you; i.e. the provision of the advice and administration services you have requested. If you limit the information you provide to us, or decline to answer certain questions, then we may not be able to advise you, or our advice may be limited by the lack of information. We would ask for your permission to pass your data to other professional advisers to provide advice most suited to your circumstances. E.g. local accountants, solicitors, tax advisers. With your permission we may sometimes pass your information to specialist advisers in the financial and insurance industry where we do not feel we have appropriate expertise.

When we undertake our research, or when we arrange a product for you, we will pass some of your information to the chosen bank, insurance company, pension provider, or platform service. These companies ask for your information in the form of an application document (which could be electronic). They may ask for other supporting data relevant to your transaction and copies of identification documents. These product providers and investment managers may administer your policies and provide services from centres outside Europe (E.g. India, USA); these countries may not always have the same standard of Data Protection laws as the UK and EU. However, the providers of these services are required to put a contract in place to ensure that your information is adequately protected, and they will remain bound by their obligations under GDPR even when your personal information is processed outside Europe.

“Processing” your data also includes transferring your data to other companies and agencies associated with us, who are part of the process. Those companies and agencies could be: (1) product providers - as explained above; (2) the FCA, FOS or any other statutory, governmental or regulatory body – if they request to see our files or you make a complaint; (3) solicitors and debt collection agencies – if we are involved in a dispute with you; (4) third-party suppliers who provide services to us for quality control purposes and administration. (E.g. business processing services, client database systems, report writing services, or compliance and regulatory advice services.) (5) RBIG Group because we share our resources with the group company I.e. database systems, I.T., staff and buildings. You agree that relevant personal information held by ourselves may be disclosed on a confidential basis, and in accordance with regulations, to any such parties. Under the rules of the EU GDPR, we are classed as the “data controller”, and we must fulfil certain legal responsibilities to you. By sharing your data with other organisations there will be multiple “data controllers” involved in the process who must equally fulfil these responsibilities to you.

We will ask you if you are willing to receive marketing information from us. We will ask your preferences for the methods by which we can contact you for marketing purposes. If you provide us with this consent then we may contact you (or pass your details to other companies associated with us) with details of any other similar products, promotions, or for other related marketing purposes. You can withdraw this permission at any time by contacting us.

The information you provide may also contain “special personal data.” This is defined as information about your health (or that of your family), any information related to your ethnic origin, criminal offence data, political opinions, religious or philosophical beliefs, sexual orientation, or your membership of a Trade Union. If you are a personal customer (speaking to us about your own financial affairs) you may share sensitive data with us like this: (1) Life insurance applications ask for data about health; (2) you may share your religious beliefs with us whilst discussing ethical investment; (3) you may share your political opinions whilst discussing the effect of governmental policy on the economy and markets. If you are a business customer (arranging employee benefits for your staff) you may share sensitive data with us like this: (1) Sharing the state of health of your employees for insurance applications.

We will retain your data for the purposes of providing our services, and for any contracted ongoing service, and for future administration. We will also retain your data according to the statutory requirements for regulatory products.  If you wish us or any company associated with us to cease processing your personal data or special personal data, please contact The Data Protection Officer at our office address.

Steps will be taken to ensure that the information we hold is accurate, kept up to date and not kept for longer than is necessary. We will correct any information when you tell us that we hold inaccurate data. Measures will also be taken to safeguard against unauthorised or unlawful processing and accidental loss, destruction or damage to the data. Subject to certain exceptions, you are entitled to have access to your personal and sensitive personal data held by us, and this will normally be free of charge. You would only be charged a fee to provide further copies of the same information already provided, or if your request is unfounded, excessive or repetitive. (The fee will be based on the administrative cost of providing the information.)

You may be assured that we and any company associated with us will treat all personal data and sensitive personal data as confidential and will not process it other than for legitimate purposes we have described. You have a right to complain to the Information Commissioners Office if you believe there is a problem with the way we handle your data. The ICO can be contacted on 0303 123 1113 or ico.org.uk/.