This policy summarises what personal details we may collect from you and what we will do with them. This includes the measures we take to keep your personal data secure, and how and why your personal data may be disclosed to other parties. We have included details dedicated to describing your rights, our contact information and how you can make a complaint.
When do we collect personal data?
What personal data do we collect?
We obtain information about your personal and financial situation so we may provide you with a service that meets your financial goals and objectives. This normally includes the following;
We may be provided with the information listed above by:
Special Categories of Personal Data
We may also collect and store special categories of personal data, including information about your health, such as medical conditions. An example of where we might do this is the completion of a Life Assurance application form where your health information is collected by an insurance company to undertake medical underwriting.
We may record information if you have confirmed to us that you should be considered ‘vulnerable’ or where we suspect that you may be vulnerable and the reasons for this. This data may be a ‘special category’ of personal data, such as personal data relating to your health. The purposes of collecting that personal data is to ensure that the service we provide to you is suitable.
Special categories of personal data is only processed where it is necessary to fulfil our client’s instructions. If we need any special categories of personal data, we will provide you with the full details of what is required and why we are requesting it. We will also let you know what will happen if you do not provide the requested personal data. Please note, if your consent is requested, you are under no obligation to provide your consent.
How and why do we use your personal data?
We have published this policy so that you understand what we do and why, and in order that, if you wish to challenge us, you have information about your rights. This policy is not detailed with respect to all aspects of our processing of personal data because so much depends on your needs and individual circumstances. We have given as much information as we can by way of default, and we supplement this where appropriate in other documentation.
The purposes are as follows:
Prospective client marketing
We believe genuine consent should put individuals in charge, meaning real choice and control. We communicate information about our services to existing and potential clients. We do not wish or intend to be intrusive and always respect the wishes of individuals once we are aware of them.
We use information you have provided us to:
In addition to any information you have provided us, we may also obtain personal data for marketing purposes from reputable sources, including:
Becoming and dealing with you as a Client
Once you have entered into a contract with us, we are able to act for you and carry out your instructions. We will gather personal data so we may provide you with a service that meets your financial goals and objectives. The nature of the information we need to provide our services depends on your instructions.
Our requirements are (often) reflected in the forms we ask you or others to fill in, and in questions we ask in correspondence and e-mail, or when meeting you or others in person or speaking on the telephone. We will not collect information for which we do not have a reasonable need in order to carry out your instructions.
Personal data relating to your health is only collected where it is necessary to fulfil your instructions. We will ask you to consent to our obtaining of such information and to its processing for that purpose.
We are also under legal obligations to:
Verification documentation is collected from you to assist us with verifying your identity and contact details. We need to verify the information you provide to us in order to fulfil our legal obligations, and for this purpose we commonly use public and privately available electronic information sources (we may use third party credit and identity check agencies for this purpose).
Unfortunately, if you do not consent or we are not provided with the information we need in full, we will not be able to fulfil your instructions adequately or at all.
From time to time we must repeat the steps we take when accepting you as a client, and the same considerations apply in relation to the processing of personal data relating to you.
Performing our services and processing information about others
It is in the legitimate interests of our business to process personal data relating to people other than our clients where necessary in order to provide services to our clients. In some cases, the processing is also in the interests of the third party.
The nature of the information we need to provide our services depends on your instructions. Our requirements are reflected in the forms we ask you or others to fill in, and in questions we ask in correspondence and e-mail, or when meeting you or others in person or speaking on the telephone. We will not collect information for which we do not have a reasonable need in order to carry out your instructions.
As above Personal data relating to health is only processed where it is necessary to fulfil our client’s instructions. We will ask you to consent to our obtaining of such information and to processing it for that purpose.
Operating our Business
This section is concerned with the systems we use to process personal data and our processing of personal data for internal purposes. It is not concerned with the nature of the data, the classes of individual on whom we process data, the classes of the data, the sources and disclosures of the data, nor the period of time which we hold data.
We process personal data using the following principal systems and networks:
Who we share your information with
The legal basis on which we deal with people who are not clients or associated with a client depends on the circumstances. In all cases we make sure that we have a legitimate reason to do so in connection with our business.
We communicate and deal with all manner of people in the ordinary course of our business, whether suppliers, regulators, other competent authorities, and others incidentally in connection with our business from time to time. In the course of doing so, having regard to the nature and purpose of those dealings, we will obtain and process personal data. We do not use the data for any purpose other than for which it was given to us.
The reasons why we disclose personal information and to whom depends on the services you have instructed us to provide and our legal obligations as a provider of financial coaching,
financial advisory and investment services. Where we are unsure whether or not you are aware of the disclosure to be made, we will inform you beforehand wherever possible. However, on occasion we disclose information to:
To fulfil our commitments to you, we share your information with several third party organisations who perform certain tasks on our behalf. Information is only shared with these third parties to the extent necessary in order to enable them to provide the services required on our behalf. These third parties act on our instructions and are processors of your information. These organisations:
How we protect information
The security and confidentiality of your information is extremely important to us.
All personal data that is collected and recorded, whether on paper or electronically, has appropriate safeguards applied in line with our legal obligations.
Data is protected by our internal policies and procedures designed to minimise loss or damage through accident, negligence or deliberate actions.
Our information security controls are aligned to industry standards and good practice. This provides a secure control environment that effectively manages risks to the confidentiality, integrity and availability of information. Additionally our controls ensure we can restore your data in situations where the data is corrupted or lost in a disaster recovery situation.
Where appropriate, we use encryption or other security measures that we deem appropriate to protect your information. We also review our security procedures periodically to consider appropriate new technology and updated methods. But, despite our reasonable efforts, no security measure can ever be perfect or impenetrable.
If you would like more details or are concerned about any particular issue, please contact us.
Where your information is processed
Your information is processed in the UK and European Economic Area (EEA).
Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as required by applicable data protection laws.
How long do we keep your information?
We have a legitimate interest to keep all records relating to our business for our internal purposes and to deal with queries or complaints that may arise.
As a regulated business we also need to keep records for 5 years or longer if required.
We keep personal data of clients only where and for so long as it is necessary to provide you with our products and services while you are a client and afterwards for so long as necessary to meet our legal or regulatory obligations or, if longer, for in relation to claims which could be made against us. Our normal practice is to keep Client information for at least 5 years after you cease to be a client.
Our website may contain links to other websites of interest. However, once you have used these links to leave our website, please be aware that we do not have any control over that website. This means that we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such websites, or which cookies are used. Such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Your rights in relation to Data Protection
You have several rights under data protection law in relation to how we process your information. These are identified below. More information can be obtained from the Information Commissioner’s website: www.ico.org.uk
Right to be informed
Right of access
You have the right to know what personal data we process and to be provided with access to the information. If you wish to receive a copy of the personal information we hold on you, you may make a subject access request.
Right to request that your personal information be rectified
If your personal data are inaccurate or incomplete, you can require that they are corrected.
Right to request erasure
You can ask for your information to be deleted or removed if there is not a compelling reason for us to retain it.
Right to restrict processing
You can ask to block or suppress the processing of your personal data for certain reasons. This means that we are still permitted to keep your information but only to ensure we do not use it in the future for those reasons you have restricted.
Right to data portability
You can ask for a copy of your personal data for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way; for example, if you were moving your pension to another pension provider.
Right to object or withdraw consent
You can object to us processing your personal data where it is based on our legitimate interests, in which case we can no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
You can object at any time to our use of personal data relating to you in connection with our direct marketing with a view attracting you as a client. Where you do so, the personal data shall not afterwards be processed for such purposes.
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where we are processing personal data about you with your consent you can withdraw it at any time. However, where you do it may not be possible for us to continue to fulfil your instructions adequately or at all.
Contact Information and Complaints
How to contact us
Murray Round Wealth Management Limited
2 Claremont Bank
Telephone: 01743 248108
How to make a complaint
If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) at:
Information Commissioner’s Office,
Telephone: 0303 123 1113
The Information Commissioner’s Office is the UK’s supervisory authority for data protection issues.