1.1 Cheam Financial Planning Limited (“we” “us” “our”) is committed to protecting and respecting your privacy. We are the data controller and will process your personal data in accordance with the Data Protection Act 1998 as amended or replaced by the General Data Protection Regulation 2016 and any national laws which relate to the processing of personal data (“data protection legislation”).
1.2 Please read the following carefully to understand our views and practices regarding Your Data and how we will treat it.
This policy applies to information we collect about:
· Visitors to our
VISITORS TO OUR WEBSITEs
2.1 We may collect and process personal data about you in the following circumstances:
2.1.1 when you complete the online contact forms on our website (“Site”) providing us with your name, address, email address and contact number;
2.1.2 whenever you provide information to us when reporting a problem with our Site, making a complaint, making an enquiry or contacting us for any other reason. If you contact us, we may keep a record of that correspondence;
2.1.3 when you visit our Sites we will retain details such as traffic data, location data, weblogs and other communication data, and the resources that you access (see section 2.2.2 on Cookies below); and
2.1.4 whenever you disclose your information to us, or we collect information from you in any other way, through our Sites.
2.2 We may also collect data in the following ways:
2.2.1 We may collect information about your device, including where available your Internet Protocol
address, for reasons of fraud protection. We may also collect information about
your device’s operating system and browser type, for system administration and
to report aggregate information to our advertisers. This is statistical data
about our users' browsing actions and patterns, and does not identify any
2.3 We may use your personal data for our legitimate interests in order to:
2.3.1 provide you with information, or services that you requested from us;
2.3.2 respond to an enquiry submitted via our online contact forms;
2.3.3 allow you to participate in interactive features of our Sites, when you choose to do so;
2.3.4 ensure that content from our Sites are presented in the most effective manner for you and for your device;
2.3.5 improve our Sites and services;
2.3.6 process and deal with any complaints or enquiries made by you; and
2.3.7 contact you for marketing purposes where you have signed up for these (see section 5 for further details).
Our Site may, from time to time, contain links to and from the websites of third parties. Please note that if you follow a link to any of these websites, such
websites will apply different terms to the collection and privacy of your personal data and we do not accept any responsibility or liability for these policies.
Please check before you submit your information to these websites.
We will collect details
such as name, address, email address, contact number,
date of birth, national insurance number and financial information in order to provide
services to customers. We may also receive details of credit checks
undertaken where you have supplied these to us.
We will share customer
personal information with our employees to manage our relationship with you and
we will retain customer personal data for 80 years.
We will use your personal
data provided to comply with our contractual obligations arising from the
agreements we enter into with our Customers and share the data with financial
institutions who can assist in the provision of financial services to customers
including product providers, lenders, banks, insurers, fund managers, platform
providers and third party para-planners ( including Tenet* paraplanners).
We will use customer
personal data for our legitimate interests including:
data with Tenet* as they are responsible for the services we provide to our
clients and have a legal obligation to monitor our compliance with the FSMA and
Financial Conduct Authority rules. Further details regarding how Tenet will use
customer personal data can be found on it’s website at www.tenetgroup.co.uk or by contacting Tenet on 01132390011;
with your consent,
marketing our other products and services by mail and email; and
with your consent,
obtaining your sensitive personal data from third parties including your
health, ethnic origin, or criminal prosecutions from third parties such as
employers and credit reference agencies, fraud prevention agencies and other
We will not transfer any customer
personal data outside the European Economic Area (“EEA”).
*Tenet means Tenet Group Limited, Tenet Limited,
TenetConnect Limited, TenetConnect Services Limited, TenetLime Limited, its
will collect details such as contact names, address, email address and telephone
number in order to contact you about goods and/or services we have ordered from
you, to comply with our contractual obligations and to place further orders. We
may share your personal data with our employees to manage our relationship with
you and we will keep your personal data for as long as we require your goods
and/or services subject to a maximum of six years from the date of our last contact with
you. We will not transfer your personal data outside the EEA.
We may use customer personal
data to provide you with details about our services and products which we think may be of
You have the right to
opt-out of receiving the information detailed in section 5.1 at any time. To
opt-out of receiving such information you can:
tick the relevant
box situated in the form on which we collect your information;
unsubscribe button contained in any such communication received; or
email us at email@example.com
or call 0208 624 0616 providing
us with your name and contact details.
Where you have
subscribed to receive marketing correspondence from us we will keep your
personal data for six
years from when you subscribed to receiving marketing information from
us or until you unsubscribe from receiving such correspondence from us
(whichever is earlier).
BASIS FOR PROCESSING YOUR PERSONAL DATA
with data protection legislation we are required to notify you of the legal
basis upon which we process your personal data. We process your personal data
for the following reasons:
performance of a contract we enter into with you;
for compliance with a legal obligation we are subject to; and
legitimate interests (as described within this policy).
We will also
process your personal data including personal sensitive data where we have obtained your explicit consent.
DISCLOSURE OF YOUR DATA to third parties
In addition to the third
parties mentioned previously in this policy, we may disclose your personal data
to third parties for the
following legitimate business purposes:
staff members in
order to facilitate the provision of services to you;
providers that host our website and store data on our behalf; and
to a prospective
buyer of some or all of our business or assets, in which case personal data
including Your Data will also be one of the transferred assets.
We may disclose your
personal data to the police, regulatory bodies, legal advisors or similar third
parties where we are under a legal duty to disclose or share your personal data
in order to comply with any legal obligation, or in order to enforce or apply our
agreements; or to protect our rights, property, or safety of our customers, or
others. This includes exchanging information with other companies and
organisations for the purposes of fraud protection and credit risk reduction.
We will not sell or
distribute your personal data to other organisations without your approval.
CROSS-BORDER DATA TRANSFERS
do not transfer personal data outside the EEA. Where this is required in the future, we will
ensure that safeguards are in place so that such transfers comply with data
Information you provide
to us is shared on our secure servers. We have implemented appropriate
physical, technical and organisational measures designed to secure your
information against accidental loss and unauthorised access, use, alteration or
disclosure. In addition, we limit access to personal data to those employees,
agents, contractors and other third parties that have a legitimate business need
for such access.]
Where we have given you
(or where you have chosen) a password which enables you to access certain parts
of our Sites, you are responsible for keeping this password confidential. We
ask you not to share a password with anyone.
transmission of information via the internet is not completely secure. Although
we will do our best to protect your personal data, we cannot guarantee the
security of your information transmitted to our Site; any transmission is at
your own risk.
10. ACCESS TO, UPDATING,
DELETING AND RESTRICTING USE OF YOUR DATA
It is important that the
personal data we hold about you is accurate and current. Please keep us informed if the personal data we
hold about you changes.
legislation gives you certain rights in relation to your personal data. You have the right to object to the processing
of your personal data in certain circumstances and to withdraw your consent to
the processing of your personal data where this has been provided.
You can also ask us to
undertake the following:
update or amend your
personal data if you feel this is inaccurate;
remove your personal
data from our database entirely;
send you copies of
your personal data in a commonly used format and transfer your information to
another entity where you have supplied this to us, and we process this
electronically with your consent or where necessary for the performance of a
restrict the use of
your personal data; and
provide you with
access to information held about you and for this to be provided in an
We may request specific
information from you to help us confirm your identity. Data protection legislation may allow or
require us to refuse to provide you with access to some or all the personal data
that we hold about you or to comply with any requests made in accordance with
your rights referred to above. If we cannot provide you with access to your personal
data, or process any other request we receive, we will inform you of the
reasons why, subject to any legal or regulatory restrictions.
Please send any requests
relating to the above to our Privacy Officer at firstname.lastname@example.org
specifying your name and the action you would like us to undertake. Note that
in relation to requests to access personal data, we reserve the right to charge
a reasonable fee to comply with your request.
11. RIGHT TO
Where you have provided
your consent to the collection, processing and transfer of your personal data,
you may withdraw that consent at any time. This will not affect the lawfulness
of data processing based on consent before it is withdrawn. To withdraw your
consent please contact us at email@example.com.
12. CHANGES TO OUR PRIVACY
page. We will notify you if there are any changes to this policy that
materially affect how we collect, store or process your personal data. If we
would like to use your previously collected personal data for different
purposes than those we notified you about at the time of collection, we will
provide you with notice and, where required by law, seek your consent, before
using your personal data for a new or unrelated purpose. We may process your
personal data without your knowledge or consent where required by applicable
law or regulation.
13. CONTACT US
We have appointed a Privacy
questions, comments or requests regarding this policy or how we use your
personal data please contact our Privacy Officer on 0208 624 0616. This is in
addition to your right to contact the Information Commissioners Office if you
are unsatisfied with our response to any issues you raise at https://ico.org.uk/global/contact-us/