This privacy notice explains how we use any personal information we collect about you. This Privacy Notice is intended to be read in conjunction with your Terms of Business, Client Agreement or Letter of Engagement with us. It sets out the way we collect and look after your personal data, in line with the General Data Protection Regulation (GDPR).
What information do we collect about you?
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
We collect information about you and your employees if required when you employ us for the purposes of financial planning, investment management services and employee benefits.
This information will relate to your personal and financial circumstances and also that of your employees when required. It may also include special categories of personal data such as information regarding yours or your employee’s health if this is necessary, for the provision of our services.
Information relating to usage of our website is collected using cookies when a warning will be issued automatically for any user of the site to agree or disagree before continuing.
We may also collect information when you voluntarily complete client surveys or provide feedback to us. Photographs may be taken at events and seminars and used for marketing purposes.
We may collect personal data about you for our work, or proposed work, either directly from you or sometimes from an Introducer or other Data Subject such as an employer or business partner. We may also collect personal data from other external third parties, such as references from former advisers, insurers or benefit providers, information from background checks and identity check providers, information from credit reference agencies and information from Companies House.
Information about connected individuals
We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
Why do we need to collect and use your personal data?
The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you.
The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.
Where special category data is required, we’ll obtain your explicit consent in order to collect and process this information. We will only collect and use special categories of personal data, when the law, regulatory requirements, professional governing bodies require us to do so or it is required to enable us to fulfil our contract with you or your employer.
How will we use the information about you?
We will collect information about you in order to provide you with the services for which you have engaged with us for. This personal data may be held by the on paper or in electronic format.
Who might we share your information with?
Your personal data is shared internally. We may share your personal data with third parties and Data Processors where it is necessary to administer the contract we have entered into with you, where we need to comply with a legal obligation, or where it is necessary for our legitimate interests (or those of a third party). Third parties may include IT and cloud service providers, other professional advisory firms, insurance and investment companies and HMRC.
We won’t share your information for marketing purposes with any other companies.
In order to deliver our services to you effectively, we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to arrange financial products for you.
Where third parties are involved in processing your data, we will have previously contracted with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they’ll only act in accordance with our written instructions.
Where necessary, your personal data will be forwarded to a third party who will have security measures in place at all times to protect your personal data in transit.
Where we are required to transfer Special Categories of Data for example health information, we will transfer this information via secure postal services or through the use of encryption software to ensure the safe and secure receipt by the intended product provider.
To fulfil our obligations in respect of prevention of money-laundering and other financial crime we may send your details to third party agencies for identity verification purposes.
How long do we keep hold of your information?
In principle, your personal data shouldn’t be held for longer than is required under the terms of our contract for services with you however, how long we hold your personal data will vary.
How long we keep hold of your information will be determined by various criteria, including the purposes for which we are using it (as it will need to be kept for as long as is necessary for any of those purposes) and legal obligations (as laws or regulations may set a minimum period for which we have to keep your personal data).
You have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as stated above.
How do we protect your personal data?
We have put measures in place to protect the security of your personal data. These are internal policies, procedures and controls which are there to minimise the risk of your personal data from being accidentally lost or destroyed, altered, disclosed or used or accessed in an unauthorised way.
We limit access to your personal data to those who have a clear business need. Where your personal data is shared with third-parties and Data Processors, we require all such third parties and Data Processors to take appropriate technical and organisational security measures to protect your personal data, and to treat it subject to a duty of confidentiality and in accordance with data protection law. We allow them to process your personal data only for specified purposes and in accordance with our written instructions.
We also have procedures in place to deal with a suspected data security breach and we will notify the Information Commissioner’s Office (and/or any other applicable supervisory authority or regulator) and you of a suspected breach where we are legally required to do so.
How can I access the information you hold about me?
You have the right to request a copy of the information that we hold about you. If you’d like a copy of some or all of your personal information, please email or write to us using the contact details noted below.
When your personal data is processed by automated means you have the right to ask us to move your personal data to another organisation for their use.
We have an obligation to ensure that your personal information is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.
We may like to send you information about our products and services, which may be of interest to you at some future date but only if you have agreed to receive marketing information from EBCam Ltd.
You may choose to opt out from receiving any marketing information at anytime. If you no longer wish to be contacted for marketing purposes, please contact us immediately by either post telephone or email.
For further information visit http://www.allaboutcookies.org/
You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser.
What can you do if you are unhappy with how your personal data is processed?
You also have a right to lodge a complaint with the supervisory authority for data protection. In the UK this is:
Information Commissioner’s Office
Phone: 0303 123 1113 (local rate)
How to contact us
By email: email@example.com
By telephone: 01223 297060
Or write to us at: EBCam Ltd, Fornham Business Park, The Drift, Fornham St Martin, Bury St Edmunds, Suffolk, IP31 1SL