CUSTOMER PRIVACY NOTICE – VERBAL CONSENT
At Pendragon Protect we respect your privacy and the confidentiality of your personal information.
WHO ARE WE?
Pendragon Protect is a trading name of Lifetime Financial Management Limited who are Directly Authorised and regulated by the Financial Conduct Authority. Our FCA registered number is 448415.
This Privacy Notice explains:
- Who we are
- What personal information we collect
- How we use your personal information
- Who we share your information with and why
- How we keep your information secure
- Your rights
- How to contact us
WHAT PERSONAL INFORMATION WE COLLECT
Pendragon Protect provide life assurance and protection advice.
Currently, Pendragon Protect determine the purposes and means of processing personal client data relating to giving advice. This means Lifetime Financial Management Limited are data controllers for these core advice giving activities and therefore responsible for managing this client data and ensuring compliance.
However, Pendragon Protect is solely responsible for some activities, for example any direct marketing that we undertake.
SPECIAL CATEGORY INFORMATION
In some instances, it is necessary to collect more sensitive information (such as health or lifestyle information) which is called special category data. This is to allow us to provide our financial advice service to you. We will always obtain your consent during the advice process to gather this data and explain what information we require and why it is needed. Sensitive personal information will always be processed and stored securely. You can withdraw your consent at any time to us processing this data, however, this may mean that you can no longer access the service or product the information was gathered for.
We also collect information about you from other sources. For example, our website automatically collects information from your computer using “cookies” which provides us with limited personal information. Cookies are small text files that are placed on your computer by websites that you visit. They’re widely used in order to make websites work, or work more efficiently, as well as to provide information to the website owners. For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
We keep your personal information only as long as is necessary for the purpose for which it was collected and to meet regulatory or legislative requirements. Personal information will be securely disposed of when it’s no longer required, in accordance with our Data Retention and Disposal Schedule. A copy of this is available from the How to Contact Us address, below.
ON WHAT BASIS DO WE COLLECT DATA
The processing of your personal data is allowed under a number of lawful basis. The data required for the provision of products and services is processed on the basis there’s a contract with you to do so. Any relevant marketing activity we undertake is done because as a firm we have a legitimate interest to do so. However, you have rights, as listed below, which impact how we can use and process your data.
HOW WE USE YOUR PERSONAL INFORMATION
We process your information in order to support and maintain our contractual relationship with you and to comply with legal and regulatory requirements.
This includes the following:
- Providing our advice, products or services to you
- Carrying out transactions you have requested
- Confirming and verifying your identity for security purposes
- Credit scoring and assessment, and credit management (where applicable)
- Detecting and preventing fraud, crime, money laundering or other malpractice.
We also process your data for specific business purposes to enable us to give you the best products and services, and the best and most secure experience. For example, we process your information to send you marketing that’s tailored to your interests.
- Our business purposes include the following:
- Enhancing, modifying, and personalizing our services for the benefit of our customers
- Providing communications which we think will be of interest to you
- Market or customer satisfaction research or statistical analysis
- Audit and record keeping purposes
- Enhancing the security of our network and information systems.
You have the right to object to this processing if you wish, please see “YOUR RIGHTS” section below. Please bear in mind that, if you object, this may affect our ability to carry out the tasks above for your benefit.
We may also process your personal data as part of an acquisition or sale. Should this happen, you’ll be notified about any change to processing or data controller arising as a result of this activity.
WHO WE SHARE YOUR INFORMATION WITH AND WHY?
We share your information with trusted third parties who perform tasks for us and help us to provide the services you require these include:
- Other companies within the Lifetime Group
- Other adviser firms in the network for the purpose of providing you with advice (with your knowledge)
- Third parties who perform tasks for us to help us set up or service your plan (these third parties may be based in countries outside the European Economic Area (EEA) but where they are, we’ll undertake an assessment of safeguards in place)
- Other organizations, including regulatory bodies, the police and fraud prevention agencies, to prevent and detect fraud
- Third parties where required by law, court order or regulation
- Third parties as part of an acquisition or sale.
HOW WE KEEP YOUR INFORMATION SECURE
We’re committed to ensuring the confidentiality of the personal information that we hold and we continue to review our security controls and related policies and procedures to ensure that your personal information remains secure.
When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information is kept secure.
If we work with third parties in countries outside the EU, we ensure these are countries that the European Commission has confirmed have an adequate level of protection for personal information, or the organisation receiving the personal data has provided adequate safeguards.
In limited circumstances, data may be accessed outside of the EEA i.e. by employees when they travel. In these circumstances, we ensure there are appropriate information security measures in place to safeguard your
Pendragon Protect tries to be as open as it can be in terms of giving people access to their personal information and therefore have outlined your rights below. This privacy notice was drafted with brevity and clarity in mind, therefore further information can be gathered by contacting us using the details below, or more information about your data protection rights can be found here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
You have the right to opt out of marketing information and tell us what your communication preferences are by contacting Lifetime Financial Management Limited using the details provided at the end of this notice, or by using the opt out option below or on any email marketing. You may opt out at any time if you don’t want to receive any further communications of this nature.
INDIVIDUAL DATA RIGHTS AND REQUESTS
- The right to be informed – You can request that we provide ‘fair processing information’, typically through this privacy notice
- The right of access – You may request a copy of the personal information we hold about you using the contact details found on the end of this policy
- The right to rectification – The accuracy of your personal information is important to us. You have the right to ask us to update or correct your personal information
- The right to erasure – You may request the deletion or removal of personal data where there is no compelling reason for its continued processing
- The right to object – You may object to the processing of your data based on legitimate interests
- The right to restrict processing – You have a right to request we ‘block’ or suppress processing of your personal data
- The right to data portability – You may request to obtain and reuse your data
- The right not to be subject to automated decision-making including profiling.
If you wish to correct, restrict, delete or make changes to your personal information, or any of the data subject rights listed above, please contact us at the number/address listed below
HOW TO CONTACT US
If you have questions about this notice, need further information about our privacy practices, or wish to give or withdraw consent, exercise preferences or correct your personal information, please contact us using the following details. Intrinsic will liaise with Pendragon Protect on your behalf to affect your requests.
The Data Protection Officer
12-14 Upper Marlborough Road
Telephone: 01727 848412
HOW TO COMPLAIN
If you wish to raise a complaint about how we have handled your personal data, you can contact The Office of Data Protection who will investigate the matter.
If you aren’t satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to our regulator:
Information Governance department
Information Commissioner’s Office
0303 123 1113