Legal & Privacy Policy

Last updated 27th October 2020
Website disclaimer

The purpose of this website is to provide information to the clients of Broadoak Financial Planning Ltd and those seeking our advice. Broadoak Financial Planning Ltd accept no responsibility whatsoever for the use made of information contained within this website. Nothing stated in this website constitutes advice, the material is purely for information purposes and its accuracy cannot be guaranteed. We cannot assume legal liability for any errors or omissions.

Broadoak Financial Planning Ltd (an appointed representative of Hood Financial Planning Limited who) are authorised and regulated by the Financial Conduct Authority – number 928771. Please click here to see our entry on the Financial Conduct Authority’s Register. (LINK HERE)

For information about the company or for a copy of our Client Agreement, please contact us on 0161 6768100 or at 23 Broad Road, Sale, Cheshire, M33 2AW. You can e-mail us at hello@broadoakfp.com

Introduction

This notice provides you with information concerning our collection and use of personal data. If you have any queries regarding this statement, please do not hesitate to contact us.

Legal basis

We collect, control and process your personal information because this is necessary to provide you with information, answer any queries you may have and for the provision of our services to you. Contractual necessity is therefore the lawful basis for collecting, controlling and processing your personal details and those of your employees and service providers other than sensitive personal data for which we require individual consent. We do not normally request or process any sensitive personal data.

Sensitive personal data:

  • Racial or ethnic origin.
  • Political opinions.
  • Religious or philosophical beliefs.
  • Trade union membership.
  • Genetic data.
  • Biometric data.
  • Data concerning health.
  • Data concerning sex life or sexual orientation.

 

In the unlikely event we do need to request it, we would discuss with you the need for the provision of sensitive data before you provide this information. The subsequent provision of sensitive personal data will be taken as consent to this processing.

It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.

We do not use your personal data for marketing purposes nor will we share your data with any other organisation for marketing purposes.

What data we collect & what we do with it

In order to provide financial/insurance/mortgage advisory services we will obtain personal information from you concerning your finances, circumstances, objectives and other relevant details. We will collect, store and process this information.

Completing our data capture form

Once you complete the data capture form your data will be stored on CashCalc.co.uk and will be protected by two-step verification. You will require a PIN to access the data capture form which has been set up for your safety and security. CashCalc has taken appropriate action to ensure your data is secure and is required to let you know of any breaches. Their privacy policy can be accessed here.

Completing our Attitude to Risk Questionnaire

Once you have completed our Attitude to Risk Questionnaire on Financial Express Analytics your responses will be stored and protected by single-factor authentication (SFA). Their privacy policy can be found here.

What we will do with your data

Once your data has been processed it will be transferred to Microsoft Office 365. With Office 365, your data is encrypted at rest and in transit, using several strong encryption protocols, and technologies that include Transport Layer Security/Secure Sockets Layer (TLS/SSL), Internet Protocol Security (IPSec), and Advanced Encryption Standard (AES). Where communications are ongoing we will store your details within our Microsoft Office 365 and Wealthbox accounts.

Esupport updates

We will store your name and email address with a data processor to enable us to communicate service updates to you. Mailchimp’s Privacy Policy can be found here.

Our communication with you

We will generally communicate with you via email. This will be via Microsoft Outlook, which is again protected by single-factor authentication (SFA). There may also be times when it is required for us to contact you by telephone which may be recorded. Calls are recorded through TeamsLink, which is protected by double-factor authentication (DFA) and can only be accessed by a security user.

Communication between staff

Alongside emails through Microsoft Outlook, staff members will also communicate with each other through (Wealthbox/Slack), which is a secure instant messaging service where messages are encrypted both in transit and at rest.

Sharing your data

In the course of our work with you we will share your personal data with product and service providers; we may also share you date with compliance monitoring & support organisations and regulatory bodies who are also ‘Data Controllers’ and registered with a supervisory authority in the EU unless otherwise indicated before we share any of your data.

We also use external data processors that will hold information for the following purposes:

  • Secure file sharing
  • Data backup
  • Dissemination of information
  • Otherwise we will not share your personal information with other companies without your express authority except if the firm is sold or where we are required to do so by law.

 

Data processors:

  • AJ Bell
  • Aviva
  • Old Mutual Wealth
  • Prudential
  • Other various Investment Providers and Insurance Companies
  • Docusign
  • Calendly
  • CashCalc
  • Wealthbox
  • Smartsearch
  • Microsoft Office 365
  • Mailchimp
  • Financial Express Analytics
  • The GI Consultant
  • Slack
Cross border transfer

All our data processing takes place within EU jurisdiction. Or should any processor hold any data on our behalf outside of the EU we will take steps to ensure that it is held in a satisfactory jurisdiction. In the case of the US we will ensure that the EU-US Privacy Shield applies.

Marketing

The information we collect about you is used solely for the purposes for which it was provided. We will never use your data or share it for marketing purposes.

If we have collected information from you for marketing purposes we will inform you and specifically gain your consent.

Retention

We will keep your personal data throughout our business relationship. At the end of any contractual relationship we are required to continue to hold personal data under current legislation for varying periods and in some circumstances indefinitely. We may also consider it necessary to keep data beyond these timescales in order to defend any future legal action. Where we no longer need regular access to your data we will transfer your data to a secure archive in order to avoid any unnecessary processing.

Your rights

Under data protection law you have the right to ask us for a copy of the information we hold about you, and to have any inaccuracies corrected or removed. You may also ask us to delete all personal data held by us or any controller or processor with which we have shared your data.

To do this, please either contact us in writing, by telephone or email.

Complaints

The UK Information Commissioner’s Office is our supervising authority where you can refer any complaints about data protection. Click here for more information.

Contact

For any queries about data protection please contact:

Contact name: Mark Anderson
Address: 23 Broad Road, Sale, Cheshire, M33 2AW
Telephone: 0161 6768100
Web: www.broadoakfp.com
Email: mark@broadoakfp.com