Complete Financial Advice Limited Privacy Notice/Statement
[ Version 2 23rd May 2018 ]
Complete Financial Advice Limited t/a Complete Financial is committed to protecting and respecting your privacy. We wish to be fully transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
It is the intention of this privacy statement to explain to you the information practices of Complete Financial in relation to the information we collect about you.
For the purposes of the GDPR the data controller and the data processor is:
- Complete Financial
- Contact details of Complete Financial Advice Limited 82 South Mall Cork 021 4271687 email@example.com / completefinancial.ie
- When we refer to ‘we’ it is Complete Financial Advice Limited
Please read this Statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Who are we?
- Complete Financial is a multi-award winning Financial Planning firm that adheres to a structured and transparent advice process centered on our core pillar of
CLARITY CONSISTENCY TRUSTWORTHY
- We are regulated by the Central Bank of Ireland Ref C 29893 and are licensed to advise and arrange Pensions, Investments, Protection (Insurance) and Business Protection. We work closely with PAYE, Self Employed, Business Start Ups and Professionals.
Our Data Protection Officer / GDPR Owner and data protection representatives can be contacted directly here:
- Mary Murphy
- 021 4271687
- 82 South Mall Cork
Purpose for processing your data
Why we are processing your data? Our legal basis.
In order for us to provide you with financial services and related products Complete Financial need to collect personal data for arranging and providing our financial planning and services products such as Pensions, Investments, Savings, Protection (Insurance) and Group Protection. Our reason (lawful reason) for processing your data under the GDPR is:
- Legal basis – Complete Financial needs to process your data as this is necessary in relation to a contract of insurance to which the individual has entered into or because the individual has asked for something to be done so they can enter into a contract. Services provided to an individual client such as Pensions, Investments, Savings and Life Insurance Protection and with regards to Group Pensions and Group Life Products we may collect your personal data from your Employer.
In any event, Complete Financial are committed to ensuring that the information we collect, and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
How will Complete Financial use the personal data it collects about me?
Complete Financial will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary.
Special Categories of personal data
If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) – we will ensure the below
- we will obtain your explicit consent
Who are we sharing your data with?
We may pass your personal data on to third-party service providers contracted to Complete Financial in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with Complete Financial procedures.
If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your explicit consent, unless we are legally required to do otherwise.
The third parties that we pass your personal data to are listed below
- Zurich Life Assurance – https://www.zurich.ie/privacy-policy/
- New Ireland Assurance – https://www.newireland.ie/utilities/privacy-statement/
- Standard Life Assurance – https://www.standardlife.ie/privacy
- Irish Life Assurance – https://www.irishlife.ie/privacy-policy
- Aviva Life & Pensions Ireland – http://www.aviva.ie/lifeandpensions/lpprivacy/
- BlackBee Investments – http://blackbee.ie/privacy-policy-documents/
- BCP Asset Management – http://www.bcp.ie/privacy-policy
- Friends First Life Assurance – https://www.friendsfirst.ie/privacy/
- Royal London Ireland – https://www.royallondon.ie/legal-cookies-/privacy/
- Merrion Solutions – http://www.merrionprivate.com/application-forms/ Scroll down to Data Protection Notice Form
- Wealth Options – http://www.wealthoptions.ie/pillar-3-disclosure.asp#page
- Quintas Wealth Management – http://quintaswealthmanagement.ie/
- Bespoke Investments – http://www.bespokeinvestments.ie/privacy.html
- MoneyCorp Ireland – https://www.moneycorp.com/ireland/privacy/
- Broker Information Systems. Our Data & CRM system.
- With regards to the destruction, deletion and shredding of our client’s data Complete Financial use the services of Cork Confidential Shredding Cork (CCS CORK) Registered as Confidential Recycling Ltd. http://www.ccscork.com/support.html. CCS (Cork) provides a Secure Shredding Service to Complete Financial for the disposal of our Confidential Waste. We have confirmed with CCS Cork that they are fully compliant with regards to GDPR and hold a copy of their Data Protection Policy Statement on file for review.
- Your legal or Tax Advisor
- Your Employer/ HR Department
- Scheme Trustees and or Registered Administrator for Group Schemes
We have issued all our third-party processors with a Data Processor checklist asking them GDPR specific questions.
If we transfer personal data to a third party or outside the EU, we as the data controller and data processor will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you the data subject are available.
Note: Complete Financial currently DOES NOT transfer personal data outside the EU.
Data Subjects Rights:
Complete Financial facilitate you, our clients, rights in line with our data protection policy and the subject access request procedure. This is available on request.
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that Organisation Name refuses your request under rights of access, we will provide you with a reason as to why.
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
Additional information we are providing you with to ensure we are transparent and fair with our processing
Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. As a general rule, we keep your information for a specified period of time from the date of when your contact ceases and/or you cease to be a client. Typically, this period is 7 years however it may be held for a longer or shorter period depending on a number of factors including the;
- The type of data
- The purpose for which it was collected
- Regulatory rules
- The type of product we have provided
Complete Financial will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body (Central Bank of Ireland) and our internal governance.
In the event that you wish to make a complaint about how your personal data is being processed by Complete Financial or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Organisation Name’s data protection representatives Data Protection Officer / GDPR Owner
Failure to provide further information
If we are collecting your data for a contract such as Life Protection/Investment/Savings or Pension and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
Profiling – automatic decision making
We as Financial Advisors use profiling in our business. The main categories are
- Risk profiling – To establish a customer’s attitude to investment risk (relates to pensions and investments). We have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
- Profiling for marketing purposes – When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
- Establishing affordability and providing quotations for financial services products.
If we intend to further process your personal data for a purpose other than for which the data was collected, we will provide this information prior to processing this data.
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 021 4271687 or email firstname.lastname@example.org
This statement relates to our privacy practices in connection with our website. We are not responsible for the content or privacy practices of other websites. Any external links to other websites are clearly identifiable as such. Some technical terms used in this statement are explained at the end of this page.
Collection and use of Technical Information:
Technical details in connection with visits to this website are logged by our Internet service provider for our statistical purposes. No information is collected that could be used by us to identify website visitors. The technical details logged are confined to the following items:
- The IP address of the visitor’s web server
- The top-level domain name used (for example .ie, .com, .org, .net)
- The previous website address from which the visitor reached us, including any search terms used
- Search engine data which shows the traffic of visitors around this web site (for example pages accessed and documents downloaded)
- The type of web browser used by the website visitor.
Complete Financial will make no attempt to identify individual visitors, or to associate the technical details listed above with any individual. It is the policy of Complete Financial never to disclose such technical information in respect of individual website visitors to any third party (apart from our Internet service provider, which records such data on our behalf and which is bound by confidentiality provisions in this regard), unless obliged to disclose such information by law. The technical information will be used only by Complete Financial and only for statistical purposes to help us to increase the usability and accessibility of our website. You should note that technical details, which we cannot associate with any identifiable individual, do not constitute “personal data” for the purposes of the Data Protection Act 2018.
Web browser: The piece of software you use to read web pages. Examples are Microsoft Internet Explorer, Netscape Navigator and Opera.
IP address: The identifying details for your computer (or your Internet company’s computer), expressed in “internet protocol” code (for example 192.168.72.34). Every computer connected to the web has a unique IP address, although the address may not be the same every time a connection is made.
Cookies: Small pieces of information, stored in simple text files, placed on your computer by a web site. Cookies can be read by the web site on your subsequent visits. The information stored in a cookie may relate to your browsing habits on the web page, or a unique identification number so that the web site can “remember” you on your return visit. Generally speaking, cookies do not contain personal information from which you can be identified, unless you have furnished such information to the web site.