PRIVACY NOTICE
Active Money
Solutions Ltd understands its obligations in regards to your fundamental right
to a private life and has implemented systems and controls to ensure your
rights and freedoms are protected.
Active Money
Solutions Ltd undertakes to meet its obligations under the Data Protection Act,
the Privacy and Electronic Communications Regulations and the EU General Data
Protection Regulation (GDPR).
|
WHAT PERSONAL DATA DO WE COLLECT? |
Active Money Solutions Ltd will
collect the following data, dependent upon the financial service required: Name, address, contact telephone numbers, email
address, bank statements, passport, council tax and utility bills, driving
licence, benefit statements, shotgun licence, payslips, criminal record
information, existing pension information, life cover information, investment
information, details of assets and liabilities, health information – life
policies and long term care information - annual expenditure and any other
existing relevant policy. Different variations of data are required for
each product so we may not be required to collect all of the data listed
above for all products. |
|
HOW WE COLLECT YOUR PERSONAL DATA |
You directly provide Active Money Solutions Ltd with the
personal data we collect by the following methods: Original physical
copy, scanned certified email copy, scanned certified postal copy. |
|
|
|
|
WHO WILL PROCESS YOUR PERSONAL DATA? |
Access to your
personal data is permitted only for those employees who require it to fulfil
their responsibilities on your behalf. Your personal data will be initially
processed by Active Money Solutions Ltd. Your personal data will be further processed by
On-Line Partnership Group Limited on behalf of its subsidiary company The
On-Line Partnership Limited who acts as our Principal for regulatory
purposes. All parties will process your personal data in accordance with this
Privacy Notice. All parties are
subject to information security training to enforce and communicate best
practice when handling information. |
|
|
|
|
WHAT HAPPENS IF WE WANT TO PROCESS YOUR PERSONAL
DATA FOR OTHER REASONS? |
Though there are some
legal exceptions, if we wish to process your personal data for any other
unrelated purpose than those we have informed you about we will notify you. |
|
|
|
|
WHAT ARE THE CONSEQUENCES IF YOU DO NOT PROVIDE YOUR PERSONAL DATA? |
Your personal data is
essential to enable us to take steps at your request prior to entering into a
contract or to perform a contract to which you are a party. Without this
information we will not be able to proceed to provide any financial service.
Processing will only occur whereby it is necessary to protect the vital
interests of our client. |
|
|
|
|
WHAT MAKES THE PROCESSING LAWFUL? |
The lawful basis for the
processing of your personal data as per Article 6(1) of the GDPR is: ·
Necessary for
the performance of a contract to which you are a party or in order to take
steps at your request prior to entering into a contract ·
for
compliance with a legal obligation to which we are subject ·
for the
performance of a task carried out in the public interest ·
for the
purposes of the legitimate interests pursued by us. |
|
|
|
|
KEEPING YOUR PERSONAL DATA UP TO DATE |
We will record your
information exactly as you provide it. You may ask us to update it at any
time and we will action your request promptly and notify relevant third
parties of any changes. |
|
|
|
|
WHAT ABOUT SENSITIVE PERSONAL DATA? |
|
|
|
|
|
HOW WILL WE FURTHER USE YOUR PERSONAL DATA (OUR LEGITIMATE INTERESTS)? |
·
To contact
you to ensure that our records of your personal information are correct and
up to date ·
To respond
to questions or complaints you may have about our services ·
To update
you with changes in our terms ·
For statistical or research analysis relating to the performance of
our business or that of our principal and understanding the changing needs of
our clients ·
To review, improve and develop
services we offer or handle complaints ·
To pursue debts or unpaid fees ·
To evidence company practices ·
To
evidence the standards and processes carried out conform to the company's
ethical standards and expectations ·
For direct marketing activities ·
To protect the business from risks
which might be introduced by an individual. You have the right to object to processing for
these purposes and we shall cease unless we can show we have compelling
legitimate grounds to continue. |
|
|
|
|
PROCESSING WHEN PERFORMING A TASK CARRIED OUT IN
THE PUBLIC INTEREST |
We will use your
personal data to protect members of the public against dishonesty, money
laundering or fraudulent activities. This must necessarily be carried out
without your explicit consent to ensure this function is not prejudiced. Part
of this processing involves verifying your identity using third parties such
as GB Group Plc or Creditsafe Business Solutions Ltd. |
|
|
|
|
WHAT PERSONAL DATA IS REQUIRED? |
We only collect data
that is necessary to carry out the purposes listed above. This includes data
you supply and data we receive from reference agencies. Where practical and
lawful we will inform you about any of your personal data we receive from
third parties that you may be unaware of. |
|
|
|
|
HOW SECURE WILL YOUR PERSONAL DATA BE? |
We will ensure that your
data is only accessible to authorised people in our firm and will remain
confidential at all times. Appropriate security measures are in place to
prevent unauthorised access, alteration, disclosure, loss, damage or
destruction of your information. If we have a contract with another
organisation to provide us with services or a service on our behalf to
process your personal information, we’ll make sure they give reassurances
regarding appropriate security measures in place and only process your data
in the way we’ve authorised them to. These organisations won’t be entitled to
use your personal data for their own purposes. If necessary, our security
teams will check them to make sure they meet the security requirements we’ve
set. Please contact our Data Protection below if you would like further information. |
|
|
|
|
WILL WE SHARE YOUR PERSONAL DATA WITH ANYONE
ELSE? |
We may share your data
with: ·
Appropriate
staff such as those who carry out financial or compliance functions. ·
Organisations
that need your data because we are required to provide it by law (e.g. The
FCA, ombudsman services, HMRC, etc... ·
Organisations
that carry out credit references or identity checks such as GB Group Plc or CreditSafe
Business Solutions Ltd. These organisations may keep a record of the
information and may disclose the fact that a search of its
records was made to its other customers for the purposes of assessing the
risk of giving credit, to prevent fraud and to trace debtors. ·
Sometimes other authorised firms with
specialist advisers, such as pension specialists, who assist us in providing
suitable financial advice and services. You will be provided with their
details if this applies. ·
Law
enforcement agencies, courts or other public authorities if we have to, or
are authorised to by law. ·
Product
providers we use to provide financial services or for direct marketing (see
below). ·
Where we or
our Principal go through a business transaction, such as a merger, being
acquired by another company or selling a portion of its assets, your data
will, in most instances, be part of the assets transferred. |
|
|
|
TRANSFERRING YOUR PERSONAL DATA OUTSIDE THE UK /
EUROPEAN UNION |
We do not
usually transfer any of your personal data outside of the UK or EU except
when we need to perform pre-contractual measures (credit and identity checks)
or because the checks we request are necessary for important reasons of
public interest. Some companies, like Creditsafe Business Solutions Ltd, may
transfer data outside of the EU to countries which do not, in the view of the
EU Commission, offer an adequate level of protection. In such cases
Creditsafe encrypts any data it sends to other agencies and only transfers information
necessary to carry out checks. (A list of countries
used to perform checks include Germany, Netherland, Belgium, France,
Sweden, Norway, Finland, Luxembourg, Switzerland, Liechtenstein, Spain, USA,
Estonia, Latvia, Lithuania, Poland, Slovakia, Czech Republic, Hungary,
Slovenia, Bosnia, Serbia, Montenegro, Croatia, Macedonia, Kosovo, Albania,
Bulgaria, Romania, Ukraine, Austria, Denmark, Moldova, Portugal,
Italy, Canada, Brazil, Greenland, China, India, Australia, Russia, South
Korea, Taiwan, Mexico, South Africa, New Zealand, Hong Kong, UK.) |
|
|
|
|
WHAT ABOUT DIRECT MARKETING? |
We will use your
personal data now and in the future to carry out direct marketing activities
as these are legitimate interests pursued by us. Sometimes this includes,
with your consent, sharing data with product providers for their marketing
activities. You can choose which method you’d prefer us to use to contact you
(by email, telephone, SMS or post) and you
have the right to object at any
time to the use of your personal data for this purpose and we will cease
marketing activity. Just let the person who gave you this form know about
your preferences. |
|
|
|
|
AUTOMATED DECISION-MAKING PROCESSES |
We sometimes use
automated processes when making decisions but you will not be subject to a
decision based solely on automated processing, including profiling. |
|
|
|
|
TELEPHONE CALL RECORDING |
In line with
The Telecommunications (Lawful Business
Practice) (Interception of Communications) Regulations 2000 we may record incoming or outgoing telephone
conversations for the following purposes: ·
Establishing
facts and evidence for business transactions ·
Ensuring
compliance with regulatory or self-regulatory practices ·
Ascertaining
and demonstrating that standards are being met ·
Preventing
or detecting crime ·
Investigating
or detecting the unauthorised use of that or any other telecommunication
system ·
Safeguarding
the effective operation of the telecommunications system. |
|
|
|
|
HOW LONG WILL WE KEEP YOUR PERSONAL DATAFOR? |
The Financial Conduct
Authority lays down rules relating to how long your personal data should be
held for and we will keep your data to meet these requirements. We will not
keep your personal data for longer than is necessary. |
|
|
|
|
REQUESTING A COPY OF YOUR PERSONAL DATA WE HOLD |
You may at any time
ask for a copy of the personal data we hold about you – it is your legal right. We will provide you with a copy of any
non-exempt personal data within one month unless we ask you for an extension
of time. To protect your personal data, we will ask you to verify your
identity before we release any data. We may refuse your request if we are
unable to confirm your identity. |
|
|
|
IMPORTANT
RIGHTS |
You have the right, on grounds relating to your situation,
at any time to object to processing which is carried out as part of our
legitimate interests or in the performance of a task carried out in the
public interest. We will no longer process your personal data unless we can
demonstrate there are compelling legitimate grounds which override your
rights and freedoms or unless processing is necessary for the establishment,
exercise or defence of legal claims. You have the right to object at any time to
processing your personal data for marketing activities. In such a case we
must stop processing for this purpose. |
|
|
|
WHAT ARE YOUR
OTHER LEGAL RIGHTS? |
In addition to the rights above the additional following
rights: ·
Where you
have given consent, you have the right to withdraw previous consent to
processing your personal data at any time ·
You have
the right to request from us access to and rectification or erasure of
personal data or restriction of processing concerning your data ·
You have
the right to receive data you have provided to us in a structured, commonly
used and machine readable format ·
You have
the right to object ·
You have
the right to lodge a complaint with the regulator (see below). To exercise any of these rights please contact
our Data Protection representative. |
|
|
|
|
HOW TO
CONTACT OUR DATA PROTECTION OFFICER |
Your trust is important to us. That is why you
can contact our data protection officer about any data protection or
marketing issues by: • Writing to:
The Data Protection Officer, Active Money Solutions, 411 Lisburn Road,
Belfast, BT9 7EW |
|
[ |
|
HOW DO YOU
MAKE A COMPLAINT TO THE REGULATOR? |
• By writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF https://ico.org.uk/for-organisations/report-a-breach/ |