Credenda is committed to protecting and respecting your privacy. We are the data controller and will process your personal data in accordance with the Data Protection Act 1998 as amended or replaced by the General Data Protection Regulation 2016 and any national laws which relate to the processing of personal data (“data protection legislation”).
Please read the following carefully to understand our views and practices regarding Your Data and how we will treat it.
This policy applies to information we collect about:
Visitors to our website(s)
VISITORS TO OUR WEBSITEs
We may collect and process personal data about you in the following circumstances:
when you complete the online contact forms on our website (“Site”) providing us with your name, address, email address and contact number;
whenever you provide information to us when reporting a problem with our Site, making a complaint, making an enquiry or contacting us for any other reason. If you contact us, we may keep a record of that correspondence;
when you visit our Sites we will retain details such as traffic data, location data, weblogs and other communication data, and the resources that you access (see section 2.2.2 on Cookies below); and
whenever you disclose your information to us, or we collect information from you in any other way, through our Sites.
We may also collect data in the following ways:
We may collect information about your device, including where available your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
We may use your personal data for our legitimate interests in order to:
provide you with information, or services that you requested from us;
respond to an enquiry submitted via our online contact forms;
allow you to participate in interactive features of our Sites, when you choose to do so;
ensure that content from our Sites are presented in the most effective manner for you and for your device;
improve our Sites and services;
process and deal with any complaints or enquiries made by you; and
contact you for marketing purposes where you have signed up for these (see section 5 for further details).
Our Site may, from time to time, contain links to and from the websites of third parties. Please note that if you follow a link to any of these websites, such websites will apply different terms to the collection and privacy of your personal data and we do not accept any responsibility or liability for these policies. Please check before you submit your information to these websites.
We will collect details such as name, address, email address, contact number, date of birth, national insurance number and financial information in order to provide services to customers. We may also receive details of credit checks undertaken where you have supplied these to us.
We will share customer personal information with our employees to manage our relationship with you and we will retain customer personal data for a minimum of 6 years, or the lifetime of the policy or investment.
We will use your personal data provided to comply with our contractual obligations arising from the agreements we enter into with our Customers and share the data with financial institutions who can assist in the provision of financial services to customers including product providers, lenders, banks, insurers, fund managers, platform providers and third party para-planners
We will use customer personal data for our legitimate interests including:
sharing personal data with Tenet* as they provide compliance services to us Further details regarding how Tenet will use customer personal data can be found on it’s website at www.tenetgroup.co.uk or by contactingTenet on 01132390011;
with your consent, marketing our other products and services by mail and email; and
with your consent, obtaining your sensitive personal data from third parties including your health, ethnic origin, or criminal prosecutions from third parties such as employers and credit reference agencies, fraud prevention agencies and other similar organisations.
We will not transfer any customer personal data outside the European Economic Area (“EEA”).
*Tenet means Tenet Group Limited, Tenet Limited, TenetConnect Limited, TenetConnect Services Limited, TenetLime Limited, its associated companies.
We will collect details such as contact names, address, email address and telephone number in order to contact you about goods and/or services we have ordered from you, to comply with our contractual obligations and to place further orders. We may share your personal data with our employees to manage our relationship with you and we will keep your personal data for as long as we require your goods and/or services subject to a maximum of 6 years from the date of our last contact with you. We will not transfer your personal data outside the EEA.
We may use customer personal data to provide you with details about our services, products, business updats and events which we think may be of interest.
You have the right to opt-out of receiving the information detailed in section 5.1 at any time. To opt-out of receiving such information you can:
tick the relevant box situated in the form on which we collect your information;
clicking the unsubscribe button contained in any such communication received; or
email us at firstname.lastname@example.org call 01483 715823 providing us with your name and contact details.
Where you have subscribed to receive marketing correspondence from us we will keep your personal data until you unsubscribe from receiving such correspondence from us
LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
In accordance with data protection legislation we are required to notify you of the legal basis upon which we process your personal data. We process your personal data for the following reasons:
for performance of a contract we enter into with you;
where necessary for compliance with a legal obligation we are subject to; and
for our legitimate interests (as described within this policy).
We will also process your personal data including personal sensitive data where we have obtained your explicit consent.
DISCLOSURE OF YOUR DATA to third parties
In addition to the third parties mentioned previously in this policy, we may disclose your personal data to third parties for the following legitimate business purposes:
staff members in order to facilitate the provision of services to you;
IT software providers that host our website and store data on our behalf; and
to a prospective buyer of some or all of our business or assets, in which case personal data including Your Data will also be one of the transferred assets.
Outsourcing companies who manage e mail newsletter services on our behalf.
We may disclose your personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We will not sell or distribute your personal data to other organisations without your approval nor will any outsourced service companies do so
CROSS-BORDER DATA TRANSFERS
We do not transfer personal data outside the EEA. Where this is required in the future, we will ensure that safeguards are in place so that such transfers comply with data protection legislation.
Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk.
ACCESS TO, UPDATING, DELETING AND RESTRICTING USE OF YOUR DATA
It is important that the personal data we hold about you is accurate and current. Please keep us informed if the personal data we hold about you changes.
Data protection legislation gives you certain rights in relation to your personal data. You have the right to object to the processing of your personal data in certain circumstances and to withdraw your consent to the processing of your personal data where this has been provided.
You can also ask us to undertake the following:
update or amend your personal data if you feel this is inaccurate;
remove your personal data from our database entirely;
send you copies of your personal data in a commonly used format and transfer your information to another entity where you have supplied this to us, and we process this electronically with your consent or where necessary for the performance of a contract;
restrict the use of your personal data; and
provide you with access to information held about you and for this to be provided in an intelligible form.
We may request specific information from you to help us confirm your identity. Data protection legislation may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
Please send any requests relating to the above to our data privacy officer at email@example.com including your name and the action you would like us to undertake. Note that in relation to requests to access personal data, we reserve the right to charge a reasonable fee to comply with your request.
RIGHT TO WITHDRAW CONSENT
Where you have provided your consent to the collection, processing and transfer of your personal data, you may withdraw that consent at any time. This will not affect the lawfulness of data processing based on consent before it is withdrawn. To withdraw your consent please contact us at firstname.lastname@example.org
Last updated: 25/05/2018
Our Website Privacy statement
While we will use all reasonable endeavours to ensure the accuracy of any information placed on this website, we make no representations or give any warranties of any kind with respect to this site or its contents and we disclaim all representations, except where fraudulently made, and warranties.
This website is designed to provide you with general information only and does not attempt to give you advice on any particular investment or to recommend any particular investment to you. If you have any doubt as to whether a particular investment is suitable for you, you should contact IFA Direct for advice.
Where we have provided links to third party websites for further information, you should be aware that we are not responsible for the accuracy, availability or functionality of these sites, and thus cannot be held liable, directly or indirectly, for any loss however caused by your use of these linked sites.
INFORMATION HELD ABOUT YOU
Please note that we are not responsible for the accuracy or content of any sites linked from our own site, nor for the way in which those linked sites might handle any information that you choose to provide them with. We cannot be responsible or liable for any direct or indirect loss however caused by your use of these linked sites.
These Terms shall be governed by and construed in accordance with English law and the English courts shall have jurisdiction over any disputes between us.
The majority of this site may be accessed without your having to provide any personal or identification details whatsoever. However, in order to advise you properly, we must obtain certain information from you about your financial and personal circumstances, to assess the suitability for particular products and services for your needs. If you wish us to provide advice you can telephone us to arrange a meeting, or you will need to register through the secure area of our site, or complete an enquiry form, to provide us with basic personal and contact details, and in some cases further personal data such as health and medical conditions.
By providing us with your personal data:
1. You agree that the information we hold about you can be held on computer (whether local or web-based) and/or paper files.
2. Where stored on our secure web server, we undertake to password protect your data giving direct access only to yourself, ourselves, and third parties who may need to maintain the database e.g. PracticeWEB Ltd who manage our website.
3. You may at any time, either online or by phone, request that your username and/or password to access your personal information be changed to one of your choice.
4. You may access the information you have provided to us 24/7, for the purposes of viewing/ amending or updating it. Any changes you make will be stored on our secure database, and we will be notified that changes have been made.
6. We aim to take all reasonable and appropriate steps to protect the personal information that you provide to us from unauthorised access or disclosure.
7. You agree that any information which you give us, including sensitive personal data as defined by the Data Protection Act 1998 such as health and medical records, may be disclosed to third parties (e.g. credit reference agencies and medical practitioners, where relevant, product providers and anyone whom we may use to process your application on our behalf) for the purpose of processing your application and for the on-going administration of your investment or policy but for no other purpose. Your information may also be accessed by PracticeWEB Ltd for the purpose of web site maintenance and administration, and the Financial Conduct Authority for investigative work, and fraud prevention agencies if requested to do so in order to meet our responsibilities under the Financial Services and Markets Act 2000 and general United Kingdom law.
8. You agree that we may use the information that we hold about you to contact you from time to time by post, fax, email or telephone to bring to your attention additional products or services, which may be of benefit to you or comments and news features which may be of interest to you.
9. In accordance with the Privacy and Electronic Communications Regulations 2003 we agree that any consent given by you under paragraphs 7 and 8 above may be withdrawn by you at any time by contacting us.