Protecting your personal information
As you may be aware, the UK is one of the most highly regulated financial centres in the world. This legislation has been enacted to safeguard the interests of consumers and other persons purchasing and being advised about investments, insurance and other financial products and in use of their personal data. Against this backdrop, we are required to make certain regulatory and statutory declarations to you.
How do we define ‘personal data’?
Your personal data is data which, by itself or with other data available to us, can be used to identify you. We are Thomas Heald Ltd, the data controller. This data protection statement sets out how we’ll use your personal data. You can contact our Data Protection Officer (DPO) at:
Data Protection Officer
Thomas Heald Ltd.
11 Napier Court
if you have any questions.
Under what circumstances do we collect information about you?
If instructed by you, we collect data during our initial and other meetings with you about you and your family. We collect the data through note-taking and filling in of questionnaires about you and your family’s circumstances.
We may make checks with credit rating agencies to authenticate and verify your identity and credit status. We may also make checks with institutions with whom you have existing pensions, investments and insurance policies, as well as with your mortgage provider.
These checks are to help us with our obligations at law and generally to ensure that we provide you with advice that suits your circumstances.
The scope and extent of the gathering of information from third parties depends on what type of service you are taking from us.
We may also collect information about you if you voluntarily complete customer surveys or provide feedback, for example. If and when we use our website to collect information about you the information may be collected using cookies (see ‘cookies’ section below for more information on these).
What types of personal data do we collect and use?
Whether or not you become a customer, we’ll use your personal data for the reasons set out below. If you become a customer, we’ll use it to manage the account, policy or service you’ve applied for. We’ll collect most of this directly during the application journey. The sources of personal data collected indirectly are mentioned in this statement. The personal data we use may be about you as a personal or business customer, and may include:
- Full name and personal details including contact information (e.g. home and business address and address history, email address, home, business and mobile telephone numbers);
- Date of birth and/or age;
- Financial details (e.g. salary and details of other income, and details of accounts held with other providers);
- Records of products and services you’ve obtained or applied for, how you use them and the relevant technology used to access or manage them (e.g. mobile phone location data, IP address);
- Medical data, for example in the process of long-term care planning, advising on life or critical illness insurance; retirement planning; or any other advisory service that takes into account your physical and/or mental health both now and in the future;
- Information from government bodies regarding your national insurance and state pension records, and any statutory pension schemes (for example, Local Government Pension Schemes [LGPS], Teachers’ Pension Schemes, NHS Pensions, etc.) you may have;
- Information from credit reference or fraud prevention agencies, electoral roll, court records of debt judgements and bankruptcies and other publicly available sources as well as information on any financial associates you may have;
- Family, lifestyle or social circumstances if relevant to the product or service (e.g. the number of dependants you have);
- Education and employment details/employment status;
- Personal data about other named applicants. You must have their authority to provide their personal data to us and must share this data protection statement with them beforehand together with details of what you’ve agreed on their behalf.
How is your information used?
We’ll process your personal data as necessary to perform our contract with you for the relevant account, policy or service.
Primarily, we use your data and data about your family’s circumstances to provide advice to you and complete transactions on your behalf. We analyse and assess your data to maintain and develop our relationships with you.
Depending on the instructions we receive from you, we may pass your data to other professional advisers to enable us to provide advice most suited to your circumstances. Usually, this would be referrals to local accountants, solicitors, tax advisers and sometimes to specialist advisers in the financial and insurance industry where you may benefit from the expertise of such third parties. We will not do this however without initially obtaining your permission to do so.
We, and any third-party specialist advisers to whom we introduce you, will, of course, pass your data onto the third-party product or service providers we recommend if you agree to purchase or amend policies and products as part of the sales and advice process.
We may be required to share your data with our regulator, the Financial Conduct Authority, and other third parties, including:
- Compliance consultants
- Fraud prevention agencies (including for tax and anti-money laundering purposes)
- Providers of:
- Financial planning software services
- General IT and back office administration services (including cloud storage)
- Payment processing services
- Marketing and communications services
- Financial products and/or services
- Telecommunications and recording services
Our third-party suppliers are subject to change from time to time, and each time a new supplier is contracted we carry out full due diligence checks to ensure that they are compliant with current data security legislation. A full list of the third parties we may use to process and/or store your data in the normal process of business is available on request.
Your data is held in our offices in computer-based and paper-based filing systems.
Keeping you informed about our products and services
As fully independent, whole-of-market financial advisers, we have a wide range of financial and insurance products (including mortgages) available to us. If you are an existing customer, we would like to be able to contact you so that we can further advise you of developments of new products that might be suited to you.
We also might advise you of legal developments that might make it appropriate for us, or for third parties, to give you proactive advice about the investments, insurance and other financial products of which we are aware.
We stress that your information would only be used in this way to help us to provide a proactive service to you.
Marketing and communications
If you choose to become a client, there may be times when we feel that a service or product may be of interest to you. In order to make you aware of these services or products, we may wish to contact you by email, post, fax, telephone or SMS so that you can make informed choices about your finances. We do not pass your data onto third parties for marketing purposes under any circumstances.
We also offer – for our clients and for those who subscribe via our website – a monthly eNewsletter, a quarterly wealth management magazine, and various ad hoc PDF financial guides.
We will, as required by law, allow you to unsubscribe from any service provided through e-communications at any time. You can also subsequently opt out of any marketing communications at any time after initially opting in. The easiest way to do this is to send us an email at email@example.com notifying us of your wishes. You can also write to:
Data Protection Officer
Thomas Heald Ltd.
11 Napier Court
Monitoring of communications
In the interests of security, efficiency and completeness of information, we electronically record and may monitor your telephone conversations with us. Copies of relevant telephone recordings are available on request, for a period of 5 years after the recording was made.
Subject to applicable laws, we also monitor and record emails, text messages, social media messages and other communications in relation to your dealings with us. We’ll do this for regulatory compliance, self-regulatory practices, crime prevention and detection, to protect the security of our communications systems and procedures, to check for obscene or profane content, for quality control and staff training, and when we need to see a record of what’s been said. We may also monitor activities on your account where necessary for these reasons and this is justified by our legitimate interests or our legal obligations.
How long will we hold the information about you?
If we acquire information about you before we agree services, we will retain that information for a reasonable time (usually a year) in case you change your mind.
If you choose to become a client, then the length of time that we retain your data depends on the type of advice you receive. For example, if you are given specialist pension advice, the data will be retained indefinitely. If you want details of the statutory retention periods for various product types please contact us and we will obtain the latest legal position on your behalf.
Once we have formally agreed services, we will retain your information for the duration of those services and for a period beyond that, which will broadly be in line with the period we will be legally at risk. This is usually 15 years except in specific and exceptional circumstances.
You can ask us to delete information we hold about you at any time, and, unless we have a legal reason not to do so, we will ensure that this request is met promptly and fully.
Your right to a copy of your personal data
Under GDPR you have a right to obtain a copy of the personal information we hold about you. If you believe that any information held is incorrect or incomplete, you should contact the Data Protection Officer at our usual address. Any information that is found to be incorrect or incomplete will be amended promptly.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information.
This information is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser.
However, in a few cases some of our website features may not function as a result.
Data anonymisation and aggregation
Your personal data may be converted into statistical or aggregated data which can’t be used to identify you, then used to produce statistical research and reports. This aggregated data may be shared and used in all the ways described above.
Your home may be repossessed if you do not keep up repayments on your mortgage. There will usually be a fee for mortgage advice. The precise amount will depend upon your circumstances but we estimate that it will be £750.
Please also note that, all forms of investing involve risk to your capital. Past performance is no guarantee of future performance, and the value of your investments can fall as well as rise. Upon disinvestment, it is possible to get back less than you originally invested.