Privacy & GDPR
Effective date: 19 October 2020
At Flagstone Financial Management Limited (‘FFM’), we’re committed to protecting and respecting your privacy under the Data Protection Act 2018.
We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to The Compliance Officer, 10 Springfield Lyons Approach, Springfield, Chelmsford, Essex, CM2 5LB. Alternatively, you can telephone 01245 397474.
We use a company called The DPO Centre who are our Data Protection Officer and their details are:
The DPO Centre Ltd.
50 Liverpool Street
Phone: 0203 797 1289
How do we collect information from you?
We obtain information about you when you use our website and if you seek our advice.
What type of information is collected from you?
If you are visiting our website the personal information we collect might include your name, address, email address, telephone number, IP address, and information regarding what pages are accessed and when.
If you are seeking advice or other services from us, we will undertake a getting to know you process and you may complete an online enquiry form or you may talk to us via the ‘LiveChat’ facility. We use a third party called LiveChatInc to help with this (website: www.livechat.com). This may include obtaining information about your personal and financial circumstances and objectives. We will retain records of this information you provide us with in the LiveChatInc archive for three months. This information is stored securely by LiveChatInc and then deleted at the expiry of the three months.
Where we are providing an ongoing service we will update the information as part of our review process and note our records.
Information may be obtained from you face to face, over the telephone, on video call or through e mail or completion of online documentation. As the information is required to enable us to provide our services if you opt not to provide it we may not be able to continue to advise you.
We record our calls through the use of a company called Response Tap (website: www.responsetap.com). We record our calls for monitoring purposes. These call recordings are kept on our central database and we ensure the recordings are kept safe and secure through strict security measures. The recordings of these calls are kept for six months and are automatically deleted afterwards. If you have any questions or concerns you can contact our Compliance Officer.
There may be situations where the information we require is a special category of personal data under the Data Protection Act 2018. This situation most commonly occurs where we are arranging life assurance products and need to obtain medical information from you. If there are other instances where we may require your special category personal data we will be sure to discuss these situations with you.
How is your information used?
We will use your information to:
i. Monitor the use of our website
ii. Monitor telephone calls from our website
iii. Act as the basis for any advice we provide
iv. To carry out our obligations arising from any contracts entered into by you and us;
v. Provide information to mortgage providers or life assurance firms for the purposes of arranging products and services for you;
vi. Provide our ongoing service to you.
vii. Meet our regulatory obligations in the services we provide to you.
Booking an appointment through our website
We use a system called Timify which allows clients to book an appointment with our advisers directly through the website. More information about them can be found here: www.timify.com. You are also able to book calls through our phone line by contacting us on telephone by 01245 397474
Tailored Mortgage Rates
We use a system called Mortgage Brain which enables you to input some financial details (no name or address details) which will generate a tailored mortgage rate for you. More information about them can be found here: www.mortgage-brain.co.uk
How long is information retained?
We are required by legislation and the Financial Conduct Authority rules to retain records for specified periods. These vary dependent upon the nature of the service provided. We will not retain information for longer than the period laid down by the FCA unless we have a legitimate interest to do so. This includes, where we advise on mortgages for you, the term of the mortgage. Where we advise on life assurance policies, the term of the policy.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf: We may pass your information to our third party service providers (including mortgage providers and life assurance firms), agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf such as compliance support. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond the firm for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We will make appropriate contact with you to provide the agreed services. Where this includes our ongoing service we will contact you at the agreed intervals to undertake our review. We may also contact you in between the agreed intervals if we believe that you need to take action or be aware of changes in the economic situation (for example we may contact you before your mortgage fixed rate expires in order that you may consider better rates available to you).
We will not contact you for marketing purposes by post, email, phone or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us by email: email@example.com or by post 10 Springfield Lyons Approach, Chelmsford, Essex, UK, CM2 5LB. We use Mail Chimp to carry out our marketing activities and you can find more information about them here: www.mailchimp.com
Your rights in relation to your information
The accuracy of your information is important to us. Where we provide just an initial advice service the information will reflect your situation at that time and we will not normally update this (apart from a change of contact information). Where we are providing an ongoing service we will update the information as appropriate when we undertake a review with you. If between reviews you change your contact information please notify us and we will update our records.
Under the Data Protection Act 2018 you have a number of specific rights, these are summarised below:
Access – You may ask for a copy of the information hold about you and we will provide this within one month of receipt free of charge (we may charge a fee for subsequent or duplicate requests).
Rectification – You may ask us to correct any information that we hold that is inaccurate or incomplete.
Erasure – You may ask us to delete or cease processing data in certain situations. Please note that we will have regulatory obligations to retain information for certain time periods and we will retain such information as we believe is necessary to fulfil these obligations.
Restrict processing – You may ask us to cease processing information. This means that we will be able to retain it but no longer act upon it. In the event that you no longer need our services and terminate them we will automatically cease processing information.
Portability – You may have the right to have your data transferred to another service provider in an appropriate electronic format. Please note that we will have regulatory obligations to retain copies of the information as outlined previously.
Objection – You may have the right to object to us processing information or using it for marketing purposes.
This is a brief summary of your rights and there may be restrictions on some of them. If you wish to explore any of these rights at any time please contact us on the addresses above and we will be pleased to assist you.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it is retained securely and processed in a confidential manner. Your information may be accessed by your adviser and our support staff for the purposes of providing our services to you. In addition, it may be accessed by senior managers and our compliance consultants (or the FCA) for the purposes of ensuring compliance with our regulatory obligations and reviewing the quality of our advice.
Information may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information that passes between us, and you should consider the risk of this. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Use of ‘cookies’
It is possible to switch off cookies by setting your browser preferences. Turning cookies of may result in a loss of functionality when using our website. Please see the cookies policy.
When you visit our website we use a cookie to assign you a randomly generated unique identifier. We log your activity on our websites against this identifier in our databases. Once in our databases, this information will be added to your user profile and we use this data to monitor your activity on our website.
Links to other websites
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of the UK/Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the UK/European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the UK/EU. These countries may not have similar data protection laws to the UK/EU. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the UK/EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the UK/EU, your information may be transferred outside the UK/EU in order to provide you with those services.
Right to complain
If you believe that we are not holding your information correctly or are unhappy at any dealings with us regarding your information you may complain to the Information Commissioners Office. You can do this via their website https://ico.org.uk/concerns or by calling 0303 123 1113.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in October 2020.