Privacy Policy
At BpH Wealth, we are committed to protecting your privacy and data, which is why we hold certification for Cyber Essentials Plus. In addition, we fully respect your privacy and this policy is outlined below.
This Policy explains when and why we collect personal information about people who visit our website or seek our services, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may make changes to this policy from time to time, with the latest version being held on our website. By using our website, you’re agreeing to be bound by this Policy. This version was updated in April 2023.
Any questions regarding this policy and our privacy practices should be sent by email to balance@bphwealth.co.uk, or by writing to Data Protection Officer, Oddstones House, Thompsons Close, Harpenden, AL5 4ES. Alternatively, you can telephone 01582 461122.
How do we collect information from you?
We obtain information about you when you use our website, and if you seek our advice or other services.
What information do we collect about you?
If you are visiting our website the personal information we collect might include your name, address, email address (only if you input these), IP address, and information regarding what pages are accessed and when.
We collect information about you when you request us to provide you with quotes for our services and engage us for financial planning services. This information may include:
- Personal Information – Your name, marital status, details of your children and close relationships, national insurance number, tax details, date of birth
- Contact details – your home and work address, phone and email information, and how you would prefer us to use them, including preferences for marketing from us and third parties
- Financial details – your income, expenditure, savings, investments, debts, cashflow analysis, policy information, and ambitions. For investments, we will hold your attitude towards investment risk as well as your capacity for loss
- Transactional data – details of transactions in your investments
- Official documents – Copies of your passport, driving licence, birth certificate, marriage certificate, wills, Lasting powers of attorney
- Your other advisers – Accountants, solicitors, trustees, beneficiaries and powers of attorney
- Special categories of data – Some data is particularly sensitive and has specific treatment in the data protection law. Due to the nature of providing an appropriate financial planning service, we are likely to need to collect data that falls within this category.
Where we are providing an ongoing service, we will update the information as part of our review process and note our records.
Information may be obtained from you face to face or through e-mail or completion of online documentation. As the information is required to enable us to provide our services, if you opt not to provide it we may not be able to continue to advise you.
We may also collect information when you voluntarily complete client surveys or provide feedback to us.
Information relating to usage of our website is collected using cookies. These are text files placed on your computer to collect standard internet log information and visitor behaviour information. We’ll use your information collected from the website to personalise your repeat visits to the site.
We try at all times to keep all personal data collected and processed, accurate and up-to-date. We check the accuracy of data when it is collected and at regular intervals thereafter. Where any inaccurate or out-of-date data is found, all reasonable steps will be taken to amend or erase that data, as appropriate.
Information about connected individuals
Where we gather personal information about your close family members and dependants in order to provide our service to you effectively, it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
Why do we need to collect and use your personal data?
The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.
How will we use the information about you?
- We collect information about you in order to:
- provide you with the services for which you engage us
- act as the basis for any advice we provide
- carry out our obligations arising from any contracts entered into by you and us
- provide information to investment providers or life assurance firms for the purposes of arranging products and services for you;
- provide our ongoing service to you.
- meet our regulatory obligations in the services we provide to you.
Who might we share your information with?
We will not sell or rent your information to third parties.
Third Party Service Providers working on our behalf: We may pass your information to our third-party service providers (including investment houses and life assurance firms), agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf such as paraplanning and compliance support. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We will not release your information to third parties beyond the firm for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Where third parties are involved in processing your data we’ll have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they’ll only act in accordance with our written instructions.
Where it’s necessary for your personal data to be forwarded to a third party, where possible we’ll use appropriate security measures to protect your personal data in transit such as encrypted data file transfers and password protected documents.
To fulfil our obligations in respect of prevention of money-laundering and other financial crime, we may send your details to third party agencies for identity verification purposes.
How long do we keep hold of your information?
During the course of our relationship with you, we’ll retain personal data which is necessary to provide services to you. We’ll take all reasonable steps to keep your personal data up to date throughout our relationship.
We are also subject to regulatory requirements to retain your data for specified minimum periods. These are, generally:
- Six years for investment business
- Indefinitely for pension transfers and opt-out business
- Three years for insurance business
These are minimum periods, during which we have a legal obligation to retain your records.
We reserve the right to retain data for longer where we believe it’s in our legitimate interests to do so. You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
How can I access the information you hold about me?
You have the right to request a copy of the information that we hold about you. If you’d like a copy of some or all your personal information, please email or write to us using the contact details noted above.
You may make a subject access request (“SAR”) at any time to find out more about the personal data which we hold about you. We are usually required to respond to SARs within one month of receipt (this can be extended by up to two months in the case of complex and/or numerous requests, and in such cases the data subject shall be informed of the need for the extension).
All subject access requests must be sent to our Data Protection Officer.
We do not charge a fee for the handling of normal SARs. The Company reserves the right to charge reasonable fees for additional copies of information that has already been supplied to a data subject, and for requests that are manifestly unfounded or excessive, particularly where such requests are repetitive.
You also have the following rights in respect of your personal data:
- The right to be informed of the processing – you may ask for a copy of the information BpH Wealth holds about you and we will provide this within one month of receipt free of charge (we may charge a fee for subsequent or duplicate requests).
- The right to rectification – you may ask us to correct any information that we hold that is inaccurate or incomplete:
- The right of erasure – you may ask us to delete or cease processing data in certain situations. Please note that we will have regulatory obligations to retain information for certain time periods and we will retain such information as we believe is necessary to fulfil these obligations;
- The right to restrict processing – you may ask us to cease processing information. This means that we will be able to retain it but no longer act upon it. In the event that you no longer need our services and terminate them we will automatically cease processing information;
- The right of data portability – You may have the right to have your data transferred to another service provider in an appropriate electronic format. Please note that we will have regulatory obligations to retain copies of the information as outlined previously;
- The right to object to processing – You may have the right to object to us processing information or using it for marketing purposes;
- The right to understand automated decision making and profiling – when your personal data is processed by automated means you have the right to ask us to move your personal data to another organisation for their use.
For more details on how to exercise these rights please contact us.
We have an obligation to ensure that your personal information is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.
Marketing
We’d like to send you information about our products and services which may be of interest to you. If you’ve agreed to receive marketing information, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing. If you no longer wish to be contacted for marketing purposes, please contact us by email or post.
Security precautions in place to protect the loss, misuse or alteration of your information.
When you give us personal information, we take steps to ensure that it is retained securely and processed in a confidential manner. Your information may be accessed by your adviser and our support staff for the purposes of providing our services to you. In addition, it may be accessed by senior managers and our compliance consultants (or the FCA) for the purposes of ensuring compliance with our regulatory obligations and reviewing the quality of our advice.
Information may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information that passes between us, and you should consider the risk of this. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access, documents or the Personal Finance Portal certain you are responsible for keeping this password confidential. We ask you not to share your password with anyone. When using the Personal Finance Portal, Two-factor authentication needs to be enabled to improve your security.
Cookies
We use cookies to track visitor use of the website and to compile statistical reports on website activity. Please visit our website cookies page
For further information visit http://www.allaboutcookies.org/
You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
Other websites
Our website contains links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the United Kingdom European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the UK. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the UK in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the UK, your information may be transferred outside the UK in order to provide you with those services.
What can you do if you are unhappy with how your personal data is processed?
If you believe that we are not holding your information correctly or are unhappy at any dealings with us regarding your information you may complain to the Information Commissioners Office. You can do this via their website https://ico.org.uk/concerns or by calling 0303 123 1113 (local rate) or write to them at:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Changes to our privacy policy