Blevins Franks Group takes the security and privacy of our contacts about which we hold personal information seriously. The purpose of this notice is to describe to you the information we may hold about you, explain what we use it for, explain your rights in relation to it and who you can contact if you need further clarification.
Who We Are
This Privacy Notice is provided for all of the Blevins Franks entities listed below. Any of these entities can act as controllers of your personal data and information:
In the UK, the following Companies are registered as Data Controllers with the Information Commissioner`s Office (ICO). These are as follows…
Blevins Franks Financial Management Ltd
ICO REGISTRATION NUMBER
In France, the following Companies are registered as Data Controllers with the Commission Nationale de l’Informatique et des Libertés (CNIL)
Blevins Franks France SASU
In Malta, the following Companies are registered as Data Controllers with the Information and Data Protection Commissioner (IDPC). These are as follows:
Blevins Franks Wealth Management Ltd
Blevins Franks Trustees Ltd
Blevins Franks Malta Ltd
Blevins Franks Gamma Ltd
Controllers Contact Details
Blevins Franks Group, Gasan Centre, Triq il-Merghat, Mriehel CBD1020, Malta
Data Protection Officer
Our Data Protection Officer is Alex Miller.
You can contact him at [email protected] or via our postal address.
Please mark the envelope ‘Data Protection Officer’.
Purpose for procession personal information
We use your personal information in the following ways:
- To provide you with services and information that you request from us.
- To get quotations or arrange investments for you with regulated entities.
- To comply with our legal and regulatory obligations, co-operate with our regulators and law enforcement agencies and to prevent and detect crime.
- To keep you updated about your investments during regular reviews.
- To improve the quality of our services and to train our staff.
- To check instructions you’ve given us or to resolve disputes.
- To process any job application you submit, or that an agency submits for you.
- To collect references in relation to a job application.
- To tell you (by mail, email, telephone or otherwise) about products and services we think you may be interested in, based on products or services you have shown interest in or may already have. You can opt out of these communications at any time.
- To invite you to events or provide information or news that you may be interested in. You can opt out of these communications at any time.
- To confirm your identity and address.
- Gathering data to provide management information or other services.
- To administer our sites and for internal operations, including troubleshooting, data analysis, load management, testing, research, statistical and survey purposes.
- To improve our sites to make sure that our content is as effective as we can for you and for your computer.
- As part of our efforts to keep our sites safe and secure and to prevent and detect money laundering, financial crime and other crime.
- To monitor, record, store and use any telephone, email or other communication with you. We’ll update your records with any new information you or a third party give us, and we’ll add it to any information we already have.
- When you call us we will keep a copy of the call for training and security purposes.
- To deal with any enquiries or issues you have about how we collect, store and use your information, or any requests made by you for a copy of the information we hold about you.
- To maintain the client relationship. For instance if you transfer from one jurisdiction to another your original Blevins Franks adviser may still be able to view your details although no longer provide advice.
Sources of personal data
Blevins Franks Group process data from a number of sources for the purposes detailed above. The following sources of data apply:
- When you use our website;
- Where you attend one of our events or visit a stand at a show or seminar;
- When you speak to the advisers at one of our offices;
- When you complete a fact find or financial planning questionnaire (FPQ);
- When you phone one of our offices;
- When you are referred to us by your financial adviser;
- From a product provider when you transfer a pension or investment;
- From an existing product provider when they send regular updates on your investments;
- From a product provider via their own client relationship management (CRM) systems or through integration with Blevins Franks CRM systems;
- When we act on your behalf to transfer an existing pension to an advised scheme, in this case data will be compiled by our partners (Equinity/Hazell Carr)
- When you apply for a job with any Blevins Franks Group company or office;
- When we receive a reference for you relating to a job application.
- Legal basis for processing your data
Our legal basis for collecting, holding and processing your personal information depends on the information that we are collecting and the purpose of use of that information. We will normally only collect personal information from you, your employer, or another third party where one of the following applies:
- You have given us your consent to hold your data and to send you information that we feel may be of interest to you. You have the right to withdraw your consent and or to opt out of marketing information.
- We need your personal information to perform our legal obligations (for instance where you have received advice from us or are a client of ours we have responsibilities to maintain your information).
- We need to process your data for performance of a contract (for instance where you are a permanent or temporary employee of the Company).
- It is in our, or your legitimate interest. These legitimate interests include:
- To provide client services
- To provide relevant advice to clients and prospective clients
- To market and develop our business
- For internal administrative purposes
- To locate, contact and verify beneficiaries
- To clarify aspects relating to a technical tax guide or book
- If we rely on our legitimate interests for using your personal information, we will balance this to ensure that our legitimate interests are not outweighed by your personal interests or fundamental rights and freedoms which require protection.
Categories of personal data
The data we process for the purposes outlined above is generally personal data however there are some controlled and specific areas where we may process special categories of data.
Health information is a special category of data under GDPR and we will take particular care to restrict access to this data to those who need it, to protect the data and to ensure that this data is not kept for longer than required. We may process ‘special categories’ of data in the following ways:
- We may process health information in order to fulfil our obligations to support vulnerable clients. This is detailed in our vulnerable clients policy;
- In order to provide appropriate advice to our clients we may need to process information about their health;
- We may need to process health data relating to our staff;
- As part of our recruitment process we may hold a health declaration against an employee record.
In both these cases we will ask for specific consent before processing this data and access to this data will be restricted to those people who need access to it.
Cookies (also known as web cookies, browser cookies or internet cookies) are widely used on websites and are basically text files that contain small amounts of information downloaded to your device relating to your visit to that website. The cookies are then resent to the original website on each subsequent visit or to another website which recognises the cookie.
They can be very useful in recognising your device and potentially enhancing your website experience by remembering your preferences and helping your navigation on that website. The cookie itself will not identify you as the individual user, just the device you have used, but can be used to enhance your experience on the website, that your requests and preferences are acted upon and that adverts you see are more relevant to your interests.
You can disable cookies at any time by going into the ‘history’ section of your browser and clearing your browsing history (there is usually a specific option relating to cookies).
There are different types of cookies and at Blevins Franks we use ones which help us to analyse how visitors use our website and to provide the best possible experience for users.
In addition, ‘anonymous data’ on usage of different parts of the website is collated so that we can see what users are more interested in or find easy to access and by using cookies we can then make changes to improve the user journey and experience. We may use ‘anonymous data’ to forward relevant adverts to your device from time to time which may appear when browsing on other websites, and again this can be disabled by you clearing your browsing history.
Retention period of data
Data will be retained if it is still required to support clients or our legal obligations. Pensions data will be retained indefinitely. All other required data will be retained while the data subject is still a client. For a data subject who ceases to be a client of the Company, data will be retained for 10 years following the date that the clients leaves. Where an employee leaves the Company data will be retained for 10 years.
Transferring personal data
We may transfer data between the companies within the Blevins Franks Group of companies in order to provide you with a service.
Blevins Franks Group may disclose your information to the following third parties:
- auditors, credit reference agencies and professional advisers in relation to the professional services which they provide to us;
- governmental, regulatory, tax and crime enforcement agencies where we are required by applicable law or regulation or a court order to do so;
- product providers and other parties with whom we arrange transactions or who hold custody of your assets; and
- and third-party suppliers and contractors who perform administrative or support related functions to us.
- Any personal information shared with such third parties will be treated confidentially and in accordance with Data Protection Law.
- For applicants for jobs at Blevins Franks we may share your details for the purpose of collecting references from previous employers. Where these previous employers are based outside of the EEA we may therefore need to transfer your data outside of the EEA for that purpose.
The data that we collect from you may be transferred to or accessed from other countries (including those outside the European Economic Area (‘EEA’), which may not have data protection requirements deemed equivalent to those prevailing in the UK and/or EEA. In such cases we will ensure the transfer or access complies with Data Protection Law and all personal information will be kept secure.
Your data protection rights
You have a number of rights concerning your personal data that we hold. If you have any questions in relation to these please contact the Data Protection Officer at [email protected]
- Right to be informed: This privacy notice highlights information about how and why we will process your data, if you have any further questions please contact our Data Protection Officer.
- Right to access: You have the right to request your personal data from us in a ‘Subject Access request’. If you would like to do so, please request a Subject Access request form from [email protected] We may ask you for verification of your identity at this stage however once that has been confirmed we will respond to your request with the data you have asked for within 1 month for a standard request or within 3 months where a request is more complex. If the request for data involves a number of different systems and may be complex then we will inform you within the first month.
- Right to rectification: You have the right to request that any errors in the data we hold for you are corrected. You can make a request by contacting the Data Protection Officer.
- Right to erasure: You have the right to request that we delete your personal data and if we don’t have a legal obligation or other legal basis to process your data then we will delete it. You can make a request through the Data Protection Officer.
- Right to restrict processing: In certain circumstances, for instance in the case of a dispute, you may ask us restrict data processing. In this case we will not delete the data but will limit the use of the data and restrict access internally, this may take the form of archiving the data on our IT systems.
- Right to data portability: You may request that we send you your data in a usable format, for instance. You may also ask us to send your data to a 3rd party. When you exercise this right we may need to assess other factors, such as our regulatory responsibilities and the technical feasibility of the request. If you would like to make a request, please contact the Data Protection Officer.
- Right to object: You have the right to object to our processing of your personal data, this includes where we are processing under a legal basis of legitimate interest. If you make an objection we will respond to you within one month.
- Rights in relation to automated decision making and profiling: You have the right to know if we are using any automated decision making or profiling using your personal data and we will inform you if that is the case.
Automated decision making and profiling
- The data that you supply to us in attitude to risk surveys will be checked through a system which uses algorithms to benchmark attitude to risk so that investment choices can be viewed in the most appropriate manner.
- We will check your data to ensure that we and you are protected under anti money laundering legislation. This may involve some automated checking.
Lodging a complaint
If you would like to make a complaint concerning our processing of your data. Please in the first instance contact the Data Protection Officer at the email address: [email protected]
You also have the right to complain about use or collection of your personal data to the supervisory authority. In the UK this is the Information Commissioner’s officer (ICO). In Malta this is the office of the Information and Data Protection Commissioner (IDPC) and in France this is the Commission Nationale de l’Informatique et des Libertés (CNIL)
You may also complain to the supervisory authority in the country where you usually work or live or where an alleged infringement may have taken place.
In the UK, you can contact the ICO at:
Information Commissioner’s Office, Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, UK
Telephone +44 (0)303 123 1113.
In Malta you can contact the IDPC at:
Information and Data Protection Commissioner
Level 2, Airways House, High Street, Sliema SLM 1549, Malta
Telephone +356 2328 7100
In France you can contact CNIL at:
Commission Nationale de l’Informatique et des Libertés
3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, France
Telephone +33 (0)1 53 73 22 22 Fax +33 (0)1 53 73 22 00
From time to time we may update this privacy notice. This may be to comply with new regulations. Please review this notice on a periodic basis to ensure that you are updated with the most current version, how we use it and under what circumstances we disclose it.