We will be the data controller of any personal data we collect about you in connection with your use of our products and services.
We will be the data controller of any personal data we collect about your clients, in connection with the provision of the quarterly IBOSS Limited Portfolio Management Service.
We will be the data processor of any personal data we collect about your clients, in connection with the provision of the IBOSS Limited pre-sales service.
We will be the data processor of any personal data we collect about your clients, in connection with mailing services offered by IBOSS Asset Management Limited.
This Policy sets out the terms on which we will hold and process personal data that we hold as a data controller.
Please contact us if you have any queries about this Policy or how we use your/your clients’ data.
Please read this Policy carefully. By applying/continuing to use our services, you acknowledge that your personal data, and that of your clients, will be used in accordance with this Policy.
When do we collect information about you?
We will collect information from you when you register with us, apply to use any of our services, become our client, follow us on twitter, or contact us in person, by telephone, by e-mail, by post or by social media. We also collect information from you when you voluntarily complete customer surveys, enter a competition or promotion, provide feedback or complete a contact form on our website.
We may collect information about you from credit reference agencies, fraud protection agencies and other organisations when we undertake checks such as credit and identity checks.
Information may also be collected about you when you visit our website (for example via cookies), such as your IP address and other browser-generated information.
Information that we collect about you can include;
> Information about who you are e.g your name and contact details, including email address.
> Details of the services you request from us
> Information about your contract with us
> Information that is automatically collected e.g cookies when you visit our website
When do we collect information about your clients?
We will collect information about your clients when it is provided in the form of a New Business Input Sheet, supplied to us (by you) when your client begins investing in the Portfolio Management Service or agrees to receive the quarterly update supplied by IBSOS Asset Management Limited. We may also collect information about your clients when they access their quarterly review/update emails and the eSwitch site (for example via cookies) such as browser-generated information.
Where we collect your (or your clients) information?
We may collect personal information about you and your clients, from a variety of sources including;
– New business input sheets sent to us
– Phone conversations with us
– Emails or letters you send us
– Meetings with us
– Registering for one of our events
– Our online services, such as our website and social media pages.
You must have permission from your clients before providing any of their personal data to us for processing.
What information will we collect?
We may collect the following information;
– Information about who you are: your company and employee contact details, such as name, address, telephone number, and email address, company number and fca registration number;
– Information that is automatically collected: for example, via cookies when you visit our website;
– Information connected to your service with us;
– Information about your clients: contact details, such as name, address, telephone number, and email address, date of birth, nationality, country of birth, country of residence, employment status and tax identification number (i.e. National Insurance Number);
– Details of your clients’ investments, including provider, policy number and initial valuation.
All services are provided on the basis that you have obtained certain information about your clients to verify their identity under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (the “Money Laundering Regulations 2017”) and any other applicable legislation and for the purposes of crime prevention, fraud prevention and credit risk reduction.
How we will use your information, and that of your clients?
We will use information held about you and your clients in the following ways;
– to process your/your clients’ application to use our services;
– to provide you/your clients with the services that you request from us and to comply with our contractual and other obligations to you;
– to help protect your information and prevent unauthorised access to it;
– to deal with any queries, complaints or problems reported by you;
– for payment verification, debt tracing and debt recovery;
– to enable you to participate in the interactive features of our website and to ensure that content from our website is presented in the most effective manner for you and your computer/device;
– to generate statistics relating to use of our website, such as the popularity of certain features or services;
– to provide you with information about other services we offer that are similar to those that you have already engaged us to provide, or enquired about. You may opt out of receiving this information when we collect your details or at any time by contacting us using the contact details below;
– to add you to the mailing list of our monthly newsletter, which you can opt out of if you no longer wish to receive.
– to add your email address to our target audience on social media platforms, where we periodically pay to advertise our services, events and products.
– if required to do so by law and to the extent necessary for the proper operation of our systems, to protect us/our customers, or to enforce the terms of any contract that we have entered into with you;
– to notify you of changes to our services; and
– to help improve the services we provide to you.
Our use of your personal data will be for one or more of the legitimate interests described above.
Disclosure of your information, and that of your clients.
We may disclose your information:-
• to businesses that are part of the same group of companies as us, or that become part of that group;
• to our brokers, dealers, IT providers, service providers and agents who provide us with support services so that we can provide the services that we have agreed to provide to you;
• to our appointed accountants, lawyers and other professional advisers, to the extent that they require access to the information in order to advise us;
• where the investments we manage on your behalf are held via a pension, offshore bond, onshore bond, trust, investment platform or other such product or service, to the providers of such products or services. We may also be required to share information with auditors appointed by the providers of such products or services;
• if required to do so by the FCA or any other regulatory authority where they are entitled to require the disclosure of that information;
• if required to do so by any legal requirement, the order of a Court or the rules and codes of practice of any recognised investment exchange;
• to investigate or prevent fraud or activities believed to be illegal or otherwise in breach of applicable laws;
• to HMRC if obliged to do so by law, who may pass this on to tax authorities in other jurisdictions; or
• if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our clients may be one of the transferred assets.
We will not disclose your information to third parties other than as outlined above.
Where your information is processed
Your information is currently processed in the UK and European Economic Area (EEA).
We may transfer, or allow access to, your information internationally including to countries outside the European Economic Area (EEA) such as the United States of America when providing the services. We will ensure that your personal data is adequately protected when it is transferred outside the EEA in accordance with applicable data protection laws.
Storage of Your Personal Data
We will only keep your/your clients’ personal data for as long as we need to in order to fulfil the purpose(s) for which it was collected, as set out above in this Policy, and for as long as we are required to keep it by law.
We shall keep personal information about your clients only where it is necessary to provide our products and services.
With regards to the clients of the Portfolio Management Service, we shall retain records of policy numbers, portfolios, letter returns and switch transactions for as long as necessary to ensure that we can meet our legal and/or regulatory obligations.
Where applicable, we will keep records of pension transfers, pension conversions, pension opt-outs or Free Standing Additional Voluntary Contributions indefinitely.
We take appropriate security measures (including physical, electronic and procedural measures) to help safeguard your personal information from unauthorised access and disclosure.
You can update your personal data, or that of your clients, by contacting us.
A cookie is a small file, saved to your computer or device when you visit a website. They store small pieces of information, such as whether you’ve visited a website before.
You have the following rights which can be exercised by contacting us using the details provided below:-
• to ask us not to process your/your clients’ personal data for marketing purposes;
• to access personal information held about you/your clients and to obtain a copy of it
• to prevent any processing of personal data that is causing or is likely to cause unwarranted and substantial damage or distress to you or another individual;
• to obtain the rectification or completion of personal data which are inaccurate or incomplete;
• to restrict or object to the processing of your/your client’s personal data and to request its erasure under certain circumstances;
• in certain circumstances, to receive a copy of your personal data in a structured, commonly- used and machine readable format and the right to require us to transmit that data to another data controller where technically feasible;
• to be informed about any use of your personal data to make automated decisions about you, and to obtain meaningful information about the logic involved, as well as the significance and the envisaged consequences of this processing; and
• to lodge a complaint about the way in which your personal data is being used.
Where we rely on your consent to use your personal data, you have the right to withdraw that consent at any time.
We reserve the right to amend this Policy at any time. Any substantive changes we make to our Policy in the future will be notified to you in writing, but we would advise you to check our website regularly to ensure that you are familiar with the most up-to-date version.
If you have any queries, comments or requests regarding this Policy or would like to exercise any of your rights set out above, you can contact us at:-
Post: IBOSS, 2 Sceptre House, Hornbeam Square North, Harrogate, HG2 8PB
If we cannot resolve your concerns, you may report a concern to the Information Commissioner at ico.org.uk/concerns or telephone (0303) 123 1113 for further information about your rights.