Compliance Matters UK Limited is committed to protecting your personal information.
How to contact us:
Information we collect and use:
Information about you that we collect and use includes:
Information about who you are e.g. your name, date of birth and contact details
Information connected to your service with us e.g. your bank account details
Information about your contact with us e.g. meetings, phone calls, emails / letters
Information that is automatically collected e.g. via cookies when you visit our website
Information classified as ‘sensitive’ personal information e.g. relating to your health
Information you may provide us about other people e.g. joint applicants or beneficiaries for services you have with us or products we advise on
Children are not able to buy products and services from us. However, a parent or guardian can, and a child can also be named as a beneficiary on some funds. In these cases, we collect and use limited personal information to identify the child (such as their name, age, gender).
Where we collect and use sensitive personal information, this information will only be collected and used where it’s needed to provide the product or service you have requested or to comply with our legal obligations, and where we have also obtained your explicit consent to process such information.
Where we collect your information:
We may collect your personal information directly from you, from a variety of sources, including:
Meetings with one of our associates
An application form for a product or service
Phone conversations with us
Emails or letters you send to us
Registering for one of our events
Participating in research surveys to help us understand you better and improve our services
Our online services such as websites, social media and mobile device applications (‘Apps’)
We may also collect personal information on you from places such as business directories and other commercially or publicly available sources e.g. to check or improve the information we hold (like your address) or to give better contact information if we are unable to contact you directly.
Why we collect and use your information:
We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only if are able to satisfy one of the lawful processing conditions set out in the data protection laws. This will be the case where:
It’s necessary to provide the product or service you have requested.
It’s necessary for us to meet our legal or regulatory obligations
It’s in the legitimate interests of Compliance Matters UK Limited i.e.
to deliver appropriate information and guidance
where we need to process your information to better understand you and your needs so we can send you more relevant communications about the services you have with us;
to develop new services.
Where the processing is in our legitimate interests, we will always conduct an assessment to ensure that this use of your personal information is not excessive or unnecessary or otherwise more intrusive than it needs to be.
You have given us your permission [consent] to use your information. You can withdraw your consent at any time by writing to our postal address, emailing: email@example.com or by using our contact us form
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our services.
Who we may share your information with:
We may share your information with third parties for the reasons outlined in ‘Why we collect and use your information’.
We will share your information with:
Companies we have chosen to support us in the delivery of the products and services we offer to you and other customers
Our regulators; including the the Information Commissioner’s Office for the UK (the ICO)
Law enforcement and other appointed agencies who support us (or where they request the information) in the prevention and detection of crime;
Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.
Where your information is processed:
The majority of your information is processed in the UK and European Economic Area (EEA).
However, some of your information may be processed by us or the third parties we work with outside of the EEA.
Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. we will put in place legal agreements with our third-party suppliers and do regular checks to ensure they meet these obligations.
How we protect your information:
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this.
Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.
How long we keep your information:
To provide you with the service agreed and meet our legal and regulatory obligations, we keep your personal information and copies of records we create (e.g. calls with us) while you are a client of ours.
Even when you no longer have a relationship with us, we are required to keep information for different legal and regulatory reasons. The length of time will vary and we regularly review our retention periods to make sure they comply with all laws and regulations.
Your individual rights:
You have several rights in relation to how Compliance Matters UK Limited uses your information. They are:
Right to be informed
Right of access
You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR).
Right to request that your personal information be rectified
If your personal information is inaccurate or incomplete, you can request that it is corrected.
Right to request erasure:
You can ask for your information to be deleted or removed if there is not a compelling reason for Compliance Matters UK Limited to continue to have it.
Right to restrict processing:
You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.
Right to data portability:
You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way. For example, if you were moving your pension to another pension provider.
Right to object:
You can object to Compliance Matters UK Limited processing your personal information where: it’s based on our legitimate interests (including profiling); for direct marketing (including profiling); and if we were using it for scientific/historical research and statistics.
How to make a complaint:
While we hope that we can resolve any complaints for you, you do have the option to complain to the ICO (whether or not you have exhausted our complaints procedure). The ICO's contact details are: https://ico.org.uk