Hammond Raggett & Company is committed to protecting your personal information. Replacing the previous Data Protection Act in the UK, GDPR is designed to harmonise data privacy laws across Europe. It covers the collection, recording, storage and disposal of personal information. Its aim is to enhance privacy for individuals through strengthened data security, increased obligations on organisations holding and processing it, and improved rights to access the data.
What information do we collect about you?
We collect information about you when you engage us for financial planning, financial advice or investment management services. This information will relate to your personal and financial circumstances. It may also include special categories of personal data such as data about your health, if this is necessary for the provision of our services. We may also collect information when you voluntarily complete client surveys or provide feedback to us and as part of the ongoing discussions we may have with you from time to time.
Information about connected individuals
We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
Why do we need to collect and use your personal data?
The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations. Where special category data is required we’ll obtain your explicit consent in order to collect and process this information, normally this will be part of our Client Agreement but it may take other forms.
How will we use the information about you?
We collect information about you in order to provide you with the services for which you engage us.
Who might we share your information with?
If you agree, we may email you about other products or services that we think may be of interest to you. We won’t share your information for marketing purposes with companies outside of Hammond Raggett Group Companies. Authorised and Regulated by the Financial Conduct Authority Registered in England 4087392. Registered Office: 5th Floor, Ship Canal House, 98 King Street, Manchester, M2 4WU In order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to arrange financial products for you and third party research services that enable us to provide advice to you, for example, providers of quotation services. Where third parties are involved in processing your data we’ll have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they’ll only act in accordance with our written instructions. Where it’s necessary for your personal data to be forwarded to a third party we’ll use appropriate security measures to protect your personal data in transit. Our electronic data is encrypted within Office 365 at rest and in transit using Transport Layer Security. To fulfil our obligations in respect of prevention of money-laundering and other financial crime we may send your details to third party agencies for identity verification purposes.
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations. Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this. Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.
How long do we keep hold of your information?
During the course of our relationship with you we’ll retain personal data which is necessary to provide services to you. We’ll take all reasonable steps to keep your personal data up to date throughout our relationship. We are subject to regulatory requirements to retain your data for specified minimum periods. These are, generally:
• Five years for investment business
• Three years for mortgage business
• Indefinitely for pension transfers and opt-out business
• Three years for insurance business
However, these are minimum periods, during which we have a legal obligation to retain your records. We reserve the right to retain data for longer where we believe it’s in our legitimate interests to do so. In any case, we’ll not keep your personal data for longer than 100 years with the exception of pension transfer business. You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
Your individual rights
You have several rights in relation to how Hammond Raggett & Company uses your information. They are:
1. Right to be informed
2. Right of access
You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR).
3. Right to request that your personal information be rectified
If your personal information is inaccurate or incomplete, you can request that it is corrected.
4. Right to request erasure
You can ask for your information to be deleted or removed if there is not a compelling reason for us to continue to have it, subject to the statements above.
5. Right to restrict processing
You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.
6. Right to data portability
You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way.
7. Right to object
You can object to Hammond Raggett & Company processing your personal information where it’s based on our legitimate interests (including profiling), for direct marketing (including profiling), and if we were using it for scientific/historical research and statistics.
8. Rights related to automatic decision making including profiling
You have the right to ask us to:
• give you information about its processing of your personal information.
• request human intervention or challenge a decision where processing is done solely by automated processes.
• carry out regular checks to make sure that our automated decision making and profiling processes are working as they should.
We’d like to send you information about our products and services which may be of interest to you. If you’ve agreed to receive marketing information, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please contact us by email or post.
What are cookies?
What can you do if you are unhappy with how your personal data is processed?
You also have a right to lodge a complaint with the supervisory authority for data protection. In the UK this is: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: 0303 123 1113 (local rate).
How to contact us
F.A.O Data Protection Officer
Hammond Raggett & Company Ltd
2nd Floor, Eagle Buildings 64 Cross Street Manchester M2 4JQ