In collecting and using your data as described herein, Smith & Pinching and its staff (“we”, “us” or “our”) are acting as a “data controller” of your personal information.
When we provide our services to you, we will collect personal information about you (and others). We want to be open and transparent with you as to the types of information we collect, why we collect it, how we use it and with whom we may share it and your rights.
If you have any questions or concerns about our use of your personal information, please contact us via the details provided in the “How to contact us” section of this Notice.
The General Data Protection Regulation (GDPR) is European legislation that was designed to achieve the following:
You have more control of your data under GDPR and we have to be more transparent in our dealings with you and more accountable in terms of how we manage your data.
We respond to all requests we receive from individuals wishing to exercise their rights in accordance with applicable laws.
No. We have always taken our data protection responsibilities very seriously and have always collected and processed your data for the same purposes. Primarily, this means obtaining data from you and sharing it with certain trusted third parties in order to provide you with appropriate financial advice and recommendations and to deliver any agreed ongoing services to you.
We have tried to provide lists and examples that are accurate and representative of the business that we conduct with you, whether that is in your capacity as an individual client, a corporate client or a member of staff of a corporate client. However, any such lists and examples are unlikely to exhaustive – we may require more, less or different data in order to provide you with appropriate and agreed advice, products and services.
We may ask you to provide personal information by the following means:
You may also choose to ask us a question or send us your CV through our website.
We may ask for copies of identity documents, in which case we may collect details including your place of birth and residential address.
Other personal details, including your title, marital status, date of birth and job title/description.
Details of the fund/asset to be left to the dependant/death beneficiary.
If you require advice in such a capacity, we require sight of the original or a legally-verified copy of the form, deed or will.
Details of services you have received.
Information about complaints, breaches and similar incidents in which you may express feelings of dissatisfaction.
Recordings of calls we receive or make.
Depending on the types of products and services you require, we may also need to collect information from and about you which the law considers to be sensitive, which we refer to as special category personal data. The special category personal data that we may ask you to provide, and the reasons why we ask you to provide it, are as follows:
We only collect and process special category personal data with your explicit consent. You may choose not to provide us with this consent, but if you do not, the following may apply (especially when considering life and/or health insurance):
In some circumstances, we may receive the following information about you from third parties:
This type of information is most commonly associated with – but not limited to – mortgage/equity release advice.
This will help us make the best possible assessment of your financial situation before we decide whether we can provide you with our services and/or recommend any specific products and services. It is in our legitimate interests to process your personal information for this purpose. We may also ask you to provide Letters of Authority to allow us to receive information about you from providers.
We, and persons or organisations acting on our behalf, may record and/or monitor communications between our staff and you. This may include telephone conversations over landlines and mobile phones, emails, instant messaging, fax, other electronic communications and face-to-face (via meeting notes).
We only record communications between us in order to comply with our legal and regulatory requirements – as a regulated financial adviser, the law requires us to record them.
We may disclose your personal information to the following categories of recipients:
Our legal basis for collecting and using your personal information will depend on the personal information concerned and the specific context in which we collect it.
We have confirmed the legal basis for the various types of personal information in the “What types of personal information will be processed and why?” section of this Notice.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you or with your explicit consent, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information,please contact us using the contact details provided under the “How to contact us” heading below.
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
We store some client information on the servers at our offices in the UK.
Our back office client management system (Intelligent Office) stores client information on its own servers, which are located in the UK. Intelligent Office backs up to cloud storage via Amazon Web Services (AWS), which uses servers located in the European Economic Area (EEA).
Documents we produce and save on Intelligent Office are saved to AWS on servers located within the EEA.
Location in the EEA ensures that your personal information will remain protected in accordance with our own standards, this Notice and applicable law.
We retain personal information we collect from you where we have an ongoing legitimate need to do so, for example:
When we have no ongoing legitimate need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
We have a regulatory obligation to retain data for specified minimum periods, but there are no specified maximum retention periods. We therefore reserve the right to retain data indefinitely for the reasons given above.
We may change or update this Notice in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. When we update our Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.
If you would like to contact us in relation to this Notice or if you have any other questions in respect of our processing of your personal information, please contact Scott Pinching at: