(From 25th May 2018)
Financial Companion is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
It is the intention of this privacy statement to explain to you the information practices of Financial Companion in relation to the information we collect about you.
For the purposes of the GDPR the data controller is:
22 Avondale, Wheaton Hall, Drogheda, Co. Louth.
Please read this Statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Who are we?
Dave Kavanagh T/A Financial Companion, is a QFA (Qualified Financial Adviser) who is authorised and regulated by the Central Bank of Ireland, to provide financial advice and arrange for financial products to be put in place from registered and authorised product providers.
Our Data Protection Officer can be contacted directly by writing to the above address, by calling the above telephone number or by emailing firstname.lastname@example.org
Purpose for processing your data
- In order to advise you appropriately, Financial Companion is required to gather certain information from you, to ensure that any advice is correct and most appropriate for your circumstances. The Financial Companion website does not gather information from you. The information is gathered either from talking to you by telephone, in person or by information you may provide by email or post. The information gathered will include financial information, such as income, expenditure, assets, liabilities, existing plans in place and intentions for the future. In the event that you require protection products, such as life cover, specified illness cover or income protection, we will also gather relevant medical information so that the product providers can underwrite applications and provide you with acceptance terms.
- Once your relevant information has been received, it is used as the basis for any advice or recommendations that are given to you. Only in the event that you choose to apply for any of the financial products available from the product providers (the Life, Pension & Investment Companies) will any of your data be further processed, to enable the product providers to provide you with the relevant products.
- Only information relevant to the product being applied for is given to the product provider and this is done by keying it onto their secure, encrypted systems, only after you have signed a declaration authorising us to do so.
Why we are processing your data? Our legal basis.
In order for us to provide you with advice and recommendations, Financial Companion needs to collect personal data to ensure that any advice or recommendations are the most appropriate for your circumstances, needs and affordability. Our reason for processing your data under the GDPR is that we are obliged by the Central Bank’s Consumer Protection Code (CPC) to not only ensure that any advice and recommendations given to you are the most appropriate, but also to provide you with a “Statement of Suitability” (also referred to as a “Reasons why letter”) which will outline why the product(s), levels and companies chosen are most appropriate for you.
Legal basis – Financial Companion needs to process your data as this is necessary in relation to a contract of insurance to which you have entered into or because you have asked for something to be done so you can enter into a contract. This could be in the form of a life insurance policy, a specified illness policy or an income protection policy, but can also be pension or savings/investment related. The contract formed between you and the product provider is done so on the bases of the information that we have securely provided to the product provider.
In any event, Financial Companion is committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
How will Financial Companion use the personal data it collects about me?
Financial Companion will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.
Special Categories of personal data
If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) – we will ensure that we only do so with your explicit consent.
Who are we sharing your data with?
Unless you choose to apply for a product from one or more of the product producers, Financial Companion will not share any of your data with third parties. In any respect, Financial Companion will not share your information with any third party for marketing purposes, or any purpose not related to you applying for a product provided by that third party.
We will only pass your relevant personal data on to third-party service providers contracted to Financial Companion, when you apply through us to commence one or more of their products. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with the Central Bank’s CPC procedures.
If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your explicit consent, unless we are legally required to do otherwise.
The third parties that we may pass your personal data to (only with your permission) are:
- Irish Life
- New Ireland
- Royal London
- Zurich Life
- Friends First
We have confirmed that all our third party processors are fully compliant with GDPR.
If we transfer personal data to a third party or outside the EU we as the data controller will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you the data subject are available.
Data Subjects Rights:
Financial Companion facilitates our clients’ rights in line with our data protection policy and the subject access request procedure. This is available on request.
Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records, unless there is a legal basis for it to be retained.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review – in the event that Financial Companion refuses your request under rights of access, we will provide you with a reason as to why.
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
Additional information we are providing you with to ensure we are transparent and fair with our processing
Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. Financial Companion will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body, the Central Bank of Ireland and our internal governance. As Financial Companion is obliged under the Consumer Protection Code, to make sure that the most appropriate advice is based on the information you have provided, it is necessary to retain this information in order to illustrate how appropriate advice was, if inspected by the Central Bank of Ireland. This will usually be a period of 7 years following either your last transaction with Financial Companion or the end of the term of the product that you commenced.
Your data is collected in writing, when provided by you either in person, by phone, email or post. It is then stored securely in locked filing cabinets that have no access by other persons. When appropriate, your data is destroyed by cross-cut shredding on site with no external persons involved.
Any data that needs to be scanned in order to be uploaded to product producers systems, such as signed declarations, is done on a secure computer not accessible by any other persons. This is then stored on a secure hard drive not accessible by internet.
In the event that you wish to make a complaint about how your personal data is being processed by Financial Companion or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Financial Companion’s Data Protection Officer – Dave Kavanagh.
Failure to provide further information
If we are collecting your data for a contract with a product provider and you cannot provide this data the consequences of this could mean the contract cannot be completed or details are incorrect. When we collect data from you for the purpose of providing advice, any omissions or errors by you may compromise the quality and accuracy of the advice given.
Profiling – automatic decision making
Financial Companion may use an automated decision making system.
The two areas where this would occur are:
- Risk analysis profiling. This is where a system will use your answers to financial risk related questions, to ascertain your level of acceptable investment risk. This is compulsory under the Consumer Protection code before recommendations can be made for selection of fund(s) for pension, savings or investment products.
- Medical Underwriting. When applying for a protection product, the life company’s system can reach an underwriting decision based on the answers input into their automated underwriting system.
If we intend to further process your personal data for a purpose other than for which the data was collected, we will do so only with your consent.
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087-6414570 or email email@example.com