Affinity Financial Awareness Limited is committed to protecting and respecting your privacy.
Any reference to “we”, “our” or “us” means Affinity Financial Awareness Limited trading as Affinity Financial Awareness, which is a private limited company with registered company number 05246999. Our registered office address is 5 Temple Square, Temple Street, Liverpool, L2 5RH.
This notice applies to personal data we process in connection with the provision of services to you.
Please read it carefully as it contains important information as to how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and what to do in the event you have a complaint.
We are a data controller and data processor in respect of your personal data and we are responsible for ensuring that we use your personal data in compliance with data protection law.
Under data protection law, we can only use your personal data if we have a proper reason for doing so. The following are the most likely reasons we will use your personal data:
Data received directly from you
When you make contact with us in relation to the services we offer we will ask you to provide personal information which will be restricted to the information required to provide whichever service you require.
This information may include (but not be limited to) one or more of your name, title, address, e-mail address, phone number, date of birth, national insurance number, bank account details, nationality, family circumstances, income, financial commitments, investments, pensions and sensitive information (such as health details).
Data will also include any other information or updates to your information that you provide when corresponding with us.
Data received from third parties or publicly available sources
We may request or receive information from external sources for the purpose of complying with legal requirements or where you have authorised third parties such as product providers to provide personal information to us.
Data may be collected in various ways which include (but are not restricted to):
The following are typical of the ways in which we use your data but are not exhaustive:
We may on occasion collect sensitive personal information about you. By way of example, where data in relation to your health is required for a particular service, we will obtain your explicit consent to process this special category data for such purposes.
We do not share your data with any third party for marketing purposes.
We may share your personal data within the Wealth at Work group.
We may share your data with the following third parties:
Your personal data may be shared in the circumstances described below:
Your personal information will normally be held at our offices and the offices of any third parties with whom we share data and in electronic files which may be held in secure servers in the UK or placed in the Cloud.
We will endeavour to ensure that your personal information will always be stored in the European Economic Area (“EEA”). However, from time to time, it may be transferred to, stored in, or accessed from a destination outside the EEA. It may also be processed by individuals operating outside of the EEA who work for us or for one of our suppliers.
Any transfer outside the EEA is subject to special rules under European and UK data protection law. Where your personal data is transferred outside the EEA, we will ensure it has an appropriate level of protection and that the transfer complies with data protection law.
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA by contacting us using the details set out in the “Contact us” section below.
We do not generally process personal data belonging to children and will only do so at your instruction.
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach when appropriate.
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Please note that there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it.
Object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.
Request restriction of processing of your personal data.
Request the transfer of your personal data to you or to a third party in certain situations. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Lodge a complaint with the Information Commissioner if you think that any of your rights have been infringed by us.
We hope that we can resolve any query or concern you may raise about our use of your information and you can make a complaint by writing to us at our registered office address, or contacting us by telephone on 0800 028 3200, or by contacting your Adviser if you are an existing client.
You can also contact the Information Commissioner at www.ico.org.uk/concerns or telephone 0303 123 1113 for further information about your rights and how to make a formal complaint.
Please contact us if you have any questions about this notice or personal data that we may hold about you. You can write to us at our registered office address for the attention of the Legal Department, Alternatively, you can email us at firstname.lastname@example.org.
This privacy notice may be updated from time to time and the most recent version can be found on our website, or we can provide you with a hard copy on request.