Blue Financial Group Ltd (referred to as ‘we’ or ‘us’) takes the privacy and security of your personal information seriously. This policy sets out the basis on which any personal data we collect from you or you provide to us, will be processed. Please ensure you understand our policy and practices in relation to holding your personal data and how we process it.
By visiting our website or engaging with us, you consent to the practices laid out in this policy.
DISCLOSURE OF YOUR INFORMATION
We may share personal data we hold about you with other parties. however, this will only be with companies who we work with on your behalf and for a legitimate purpose, which is necessary to ensure that we remain compliant with our legal and regulatory responsibilities. Steps will be taken to ensure that the information is accurate, kept up to date and not kept for longer than is necessary.
We will ensure your data is safeguarded against unauthorised or unlawful processing. The information you provide is subject to the Data Protection Act 1998 (the ‘Act’). By signing our Service Charter, you consent to us or any company associated with us processing your personal data. We will not share or sell personal information about you with third parties except to provide the information, products or services you have requested.
Under the Data Protection Act and General Data Protection Regulation individuals have a Right to Erasure (‘right to be forgotten’) which can be applied to personal data, in specific circumstances, and is a right that you may be able to exercise for the data that we hold for you. However, we can refuse to comply with a request for erasure where the personal data is being processed to comply with a legal obligation. Under FCA regulation we have a mandatory requirement to retain your data for specified periods (and for some products, such as occupational pension transfers, we are required to retain this data indefinitely) which may impact your Right to Erasure.
If at any time you wish us, or any company associated with us to cease processing your personal data or sensitive personal data, or contacting you for marketing purposes, please contact The Data Protection Officer on (01403 334455) or in writing at Best Practice IFA Group Ltd, Broadlands Business Campus, Langhurstwood Road, Horsham, West Sussex, RH12 4QP. Subject to certain exceptions, you are entitled to have access to your personal and sensitive personal data held by us.
We are required to follow procedures with regards to maintaining the confidentiality of your personal information. We will continually review these procedures to ensure your information remains safeguarded and will make changes as we deem it appropriate to do so.
However, when sharing information via the Internet, due to its open nature, we cannot guarantee the security of such information that you transmit via our website.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
• Information you provide – You may give us information about you by completing our contact form on our Website or by engaging with us via phone, email or in writing. The information would likely include your name, address, email address and any other contact information. It will also include other detailed financial and personal information about you if you engage with our services.
• Information we collect – When you visit our website we may collect the following information:
o Technical information including your IP address, browser type and version, pages visited, geographic location and your device information.
HOW WE MAKE USE OF THE INFORMATION
We may use your personal information in the following ways:
• To provide you with any services/products you request from us and notify you of any changes. This includes carrying out our ongoing obligations/service to you that arise from any contracts entered between you and us.
• To meet our compliance, regulatory and legal requirements as defined by the varying bodies that regulate us.
STORING YOUR PERSONAL DATA
We take appropriate measures to ensure that any personal data are kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Keeping your personal data up to date
If your personal details change you may update them by accessing this data through the wealth platform portal, or by contacting us using the contact details below. If you have any questions about how we use data collected which relates to you, please contact us via phone or email.
We will endeavour to update your personal data within seven working days of any new or updated personal data being provided to us, in order to ensure that the personal data We hold about you is as accurate and up to date as possible.
How long we keep your personal data
• We will hold personal data (e.g. name, address, date of birth and contact details) in line with our regulatory and legal obligations as set out by our regulator – currently a minimum of 5 years for investment business and indefinitely for occupational pension transfer or opt-out business.
Where we store your personal data
All of the information that we hold about you is stored on secure servers that comply with the GDPR requirements. They also comply with the most widely accepted standards and regulations like ISO27001, 27017, 27018 and SOC 1, 2 and 3.
If you would like further information please contact us or the Compliance Director at Best Practice IFA Group Limited, of which we are an Appointed Representative (see ‘Contact’ below).
WHERE WE STORE YOUR PERSONAL DATA
All of the information that We hold about you is stored on our secure servers within the EEA.
The data that We collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is held securely and in accordance with this Policy. Countries outside the EEA do not have the same data protection laws as the United Kingdom and EEA and We have therefore ensured that any of our suppliers who may transfer your personal data outside the EEA has put in place appropriate measures to protect your data, either by being a member of the US-EU Privacy Shield, or by entering into a European Commission approved contract (as permitted under Article 46(5) of the General Data Protection Regulation).
If you would like further information, please contact Us or the Compliance Director at Best Practice (see ‘Contact’ below). We will not otherwise transfer your personal data outside of the United Kingdom or EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
• Access to your personal data and to certain other supplementary information that this policy is already designed to address
• Require us to correct any mistakes in your information which we hold
• Require the erasure of personal data concerning you in certain situations
• Receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
• Object at any time to processing of personal data concerning you for direct marketing
• Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
• Object in certain other situations to our continued processing of your personal data
• Otherwise restrict our processing of your personal data in certain circumstances
• Claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation
HOW TO COMPLAIN
We have that we or our Compliance Director can resolve any query or concern you raise about our use of your information. The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone 0303 1231113.
Cookies are on almost every website. They are small text files that are placed on your computer (or any other device used to connect to the internet) by websites that you visit. They are saved on your computer to help the website perform differing functions and are used for several reasons. This is purely statistical data about our users’ browsing actions and patterns and does not identify any individual. We may, however, use such information in conjuction with the data we have about you in order to track your use of our services.
TYPES OF COOKIES USED
We use all or some of the following categories of cookies on our website:
- “Analytical” cookies. They allow Us to recognise and count the number of visitors and to see how visitors move around the Website when they are using it. This helps Us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.
- “Strictly necessary” cookies. These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website, use a shopping cart or make use of e-billing services.
- “Functionality” cookies. These are used to recognise you when you return to our Website. This enables Us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- “Targeting” cookies. These cookies record your visit to our Website, the pages you have visited and the links you have followed to our affiliates websites. We will use this information to make our Website, offers e-mailed to you and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
At any time, you can prevent cookies from being received by your browser. By deleting cookies, this may affect the experience via our website. Please refer to your browser Help guide for details on how to block or delete any cookies.
All questions, comments and requests regarding this Privacy and Cookies Policy should be addressed to Robert Bowers email@example.com or write to us at 3 Westbury Mews, Westbury-on-Trym, Bristol, BS9 3QA. Alternatively, please contact our Compliance Director at Best Practice IFA Group Ltd, Broadlands Business Campus, Langhurstwood Road, Horsham, West Sussex, RH12 4QP. Tel 01403 334455 or via email at firstname.lastname@example.org