Privacy Policy
Introduction
This policy sets out the different areas where user privacy is concerned and outlines when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. We take your privacy seriously and will only use your personal information to provide you with the services that have been agreed.
Personal Information
We will ensure that all personal information supplied is held securely in accordance with the General Data Protection Regulation (“GDPR”), as adopted into law of the United Kingdom in the Data Protection Act 2018. Further, by providing telephone and email details, you consent to Torevell & Partners contacting you using that method. You have the right at any time to request a copy of the personal information we hold on you.
Who is responsible for your data?
Our privacy policy applies to the personal data that Torevell & Partners collects and uses. References in this Privacy Policy to “us”, “we” or “our” mean Torevell & Partners, a company registered in England and Wales with Reg. No. 3279315 and authorised and regulated by the Financial Conduct Authority (FRN 183210).
We control the ways your personal data is collected, the purposes for which your personal data is used by Torevell & Partners and we are the “data controller” for the purposes of the GDPR.
When using the term “personal data” in our Privacy Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information we may hold.
How we collect your data
We collect some personal data from you when you meet, or are in contact with, an employee of Torevell & Partners, when you upload information via our online client portal, or when you use our website’s “contact us” form to enquire about products or services.
Types of data we collect
The personal data we collect from you might include your name, address and information about your health, lifestyle and finances to provide you with suitable financial advice. We may also obtain some of your personal data directly from a third-party, such as an investment provider, following your explicit consent.
We will also ask you to provide evidence of your identity such as passport, driving licence, together with proof of residence and also of your assets and income. We may also collect details of your bank account or payment information. We are required to ask for this information to satisfy legal obligations such as money laundering regulations and the Financial Services Act.
Sensitive personal data
In the course of providing services to you, we may collect information that could reveal your racial or ethnic origin, physical or mental health, religious beliefs, commission or alleged commission/conviction of criminal offences. Such information is considered “sensitive personal data” under the GDPR and other data protection laws. We will only collect this data where you have given your explicit consent, it is necessary or you have deliberately made it public. By providing any sensitive personal data you agree that this may be used in order to provide our services and in accordance with this Privacy Policy.
How and why we use your personal data
We understand that you trust us with your personal information and we are committed to ensuring you can manage the privacy and security of your personal information yourself. The legal basis of our holding your personal data is for the performance of a contract. We collect and use the personal data about you for the following purposes:
Provision of services and investment management
- To provide you with the information, products and services that have been agreed
- To manage and operate your account with us, including sending you information relating to your account/investments.
- To meet legal or regulatory obligations
Service improvement & administrative duties
- To improve our internal business processes, including troubleshooting, data analysis, systems testing, maintenance and improvement.
- Billing and auditing, fraud screening, safety, security and legal purposes.
- To notify you about changes to our service.
Marketing
- Providing you have given explicit consent for marketing material, we will use your personal data to contact you in relation to products and services that we feel would be appropriate for you circumstances.
- If you wish to revoke any consent based permissions previously granted, please contact us using the details at the top of this Privacy Policy.
Sharing your personal data
We will keep information about you confidential. We will only pass your information on to third-parties for the purpose of meeting contractual objectives and legal obligations in providing services to you. Third parties may include investment platforms, fund managers, insurers and insurance brokers to enable us to obtain quotes for you or to enable you to use the services of those third-parties.
We work closely with various third-party product and service providers to allow you access to a range of suitable wealth management solutions. When you enquire, apply or invest in one of the solutions, the relevant third-party provider will use your details to carry out their obligations arising from any contracts you have entered with them. These third-party providers will share your information with us which we will use in accordance with this Privacy Policy. The data we collect may also be shared with other Data Processors engaged by us under service contracts to provide back office and analytical services in respect of the data, for example our online client portal powered by Moneyinfo.
When we use third-party providers, we disclose only the personal data that is necessary to deliver the service required and we have a contract in place that requires them to keep your data secure and not to use it for their own direct marketing purposes. We require such third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Security of your personal data
At Torevell & Partners we take our responsibility to look after your personal information and privacy seriously. We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. We educate and train our employees on their information security, fraud awareness and prevention and privacy obligations on a regular basis. We also educate our employees in identifying potential financial crime and internal fraud with any suspicious activity reported to Phil Bennett, our Data Protection Officer (DPO).
If we become aware that a personal data breach has occurred and is likely to result in a high risk to the rights and freedoms of our clients or employees we will inform them without undue delay.
The information you provide to us will be held in our systems, which are located on our premises or those of an appointed third-party. We also may allow access to you information by other third-parties who act for us for the purposes described in this Privacy Policy or for other purposes approved by you.
We do not expect to transfer your data outside the European Economic Area and if we do so it will be on the terms of a data transfer agreement incorporating standard contractual clauses in a form approved for such purposes.
We will retain your personal data for as long we need it in order to fulfil our purposes set out in this Privacy Policy or in order to comply with any legal or compliance requirements.
Accuracy of data
We believe that is in both our clients’ and our own interests that the data we hold is accurate. If you believe any personal data we hold about you is inaccurate please contact us at Torevell & Partners, 5 Oxford Court, Manchester, M2 3WQ or by e-mail at dataprotection@torevellpartners.co.uk or on 0161 281 6400.
Rights of access
Under current GDPR data regulations, you are entitled to access any personal data we hold about you and to be made aware of the lawfulness of processing. To protect our clients’ personal information we would require proof of identity before disclosing such information. We shall respond promptly and certainly within one month from the point of receiving the request and all of the necessary information from you.
Raising a complaint
If you have a complaint regarding the use of your personal data or sensitive information then please contact our Data Protection Officer at Torevell & Partners as set out above, who will then investigate the matter.
If you are not satisfied with our response or believe that we are not processing your data in accordance with the law, you may complain to the Information Commissioner’s Office (ICO) – details can be found here http://ico.org.uk
Updates to our privacy policy
We may make changes to this Privacy Policy from time to time in order to comply with any new legislation. We will update the Privacy Policy and publish any new version to our website.
Contact information
Any questions, comments or requests which are not answered by this Privacy Policy should be addressed to dataprotection@torevellpartners.co.uk or by writing to Torevell & Partners, 5 Oxford Court, Manchester M2 3WQ. Alternatively, you can call us on 0161 281 6400.