Privacy Information Notice

Privacy information notice

This is an important document describing how Connor Broadley Limited collects your personal information, what we do with it, who we share it with and why. It also explains your rights in relation to your personal information.

Expressions used

In this document we use a number of expressions, these are described in the table below:

Who we are

Connor Broadley Limited is a financial planning and investment management firm. Our registered address is Connor Broadley, 7 Curzon Street, London, W1J 5HG. Our company registration number is 6254078, our FCA registration number is 468321.

We are registered as a Data Controller by the Information Commissioners Office (ICO). Our ICO Registration Number is Z997088X.

How to contact us

If you have any questions or concerns about how your personal information is being

collected or used, or are aware of any unauthorised disclosure, please contact our Data Protection Officer (DPO).

Address: Data Protection Officer, Connor Broadley, 7 Curzon Street, London, W1J 5HG

Email: DPO@connorbroadley.co.uk

Phone: 020 7647 8810

Data protection principles

These principles set out our main data protection responsibilities. We must make sure your personal data is:

Processed lawfully, fairly and in a transparent manner
Collected for specified, explicit and legitimate purposes
Adequate, relevant and limited to what is necessary
Accurate and, where necessary, kept up to date
Kept for no longer than is necessary
Processed in a manner that ensures appropriate security of the personal data

What personal data we collect and use

To provide you with our services, we will collect and use personal data which may include:

When we collect your personal data, you may also provide us with the personal data of other individuals, for example your spouse or financial dependents. You are responsible for ensuring that you can provide this information and have informed those individuals of who we are, how we collect, use and process personal data as detailed in this privacy notice.

How we collect personal data

Usually we collect personal data directly from you. This can be through meetings, telephone conversations, email exchanges, letters or other correspondence with our employees. Personal data may also be on application forms you complete for a product or service.

In some circumstances personal data may be obtained from third parties. This may include data from electronic identification checks, searches in the public domain (for example the electoral roll or Companies House), where you have given us authority to access existing policy information, data provided by your representatives or your employer or Government agencies (such as the Police or HMRC) who contact us.

Our website uses cookies to help us analyse how content is accessed, and to make improvements to it. Please see our website terms and conditions for more information about the cookies we use.

How we use your personal data

Your personal data may be recorded and stored in paper files, mobile devices and on our computer systems – including websites, emails, hard drives, and cloud facilities. Stored information can only be accessed by employees and consultants within our firm to provide our service or another task /obligation associated with or incidental to that service.

We may use your personal data to:

Research, make and review recommendations based on your personal and
financial circumstances
Obtain projections, illustrations or quotations from product providers (including pension, investment, protection and annuity providers). These may be obtained in paper form or online via the product provider’s secure portal, or via comparison sites
Submit new business (online or on paper) or answer any additional questions raised by new business providers
Deal with existing product providers and administer existing arrangements
Respond to your queries or instructions or inform you of any developments in relation to your existing arrangements
Meet our contractual obligations including notifying you of a change to our services
Comply with legal or regulatory requirements
Carry out internal compliance, governance and risk management functions or for internal research, statistical analysis or customer profiling purposes
Undertake identity verification checks so we comply with our anti money
laundering obligations
Detect, prevent and investigate crime
Protect our legal rights

Why we collect and use your personal data

We can only collect personal data where it is necessary, fair and lawful to do so. We will only collect and use your information for the following lawful reasons:

We can only collect and use your sensitive personal data where we have additional lawful reasons to do so:

Sharing your personal data

We may share your personal data with third parties. We share information to ensure we can adequately fulfil our responsibilities to you, or for the reasons detailed in this privacy notice.

These third parties may include:

Pension and investment providers, fund managers, and insurance providers to enable us to obtain a quote or illustrations for you or provide you with related transactional or initial and ongoing services
Third parties we have chosen to support us with your enquiry, application or delivery of the service we offer to you for example research, product specialists, insurers and underwriters, professional advisers, providers of legal services or technology companies
Third parties we have chosen to support us with our regulatory and legal obligations such as compliance consultants, insurers or professional advisers
Our Regulator
The ICO
Government agencies
Law enforcement, credit and identity check agencies for the prevention and detection of crime
Your representatives

We require third parties to act in accordance with relevant data protection laws, on the basis your data will be kept confidential and will only be processed for the purpose it was obtained.

We will never sell your details to someone else. Whenever we share your personal

information, we will do so in line with our obligations to keep your information safe and secure. Sharing of your ‘personal data’ does not entitle such third parties to send you marketing or promotional messages.

Connor Broadley uses SmartCredit Limited for anti-fraud and anti-money laundering checks and verification purposes. As such, we share information with, and obtain information from, SmartCredit Limited for these purposes. More information about SmartCredit Limited can be found at https://www.smartsearchsecure.com/dpa/dpajdc

Transfers outside of the European Economic Area

The European Economic Area (EEA) is made up of EU countries plus Norway, Iceland and Liechtenstein. We do not expect to transfer personal data outside the EEA when providing you

with our services.

However, product and service providers or other third parties we share your data with may process data outside the EEA. We take steps to ensure appropriate measures and controls are in place to protect that information in accordance with applicable data protection laws and regulations in the UK.

Protection of your personal data

Your privacy is very important to us. We will take reasonable steps to safeguard your personal data against it being accessed unlawfully or maliciously by a third party. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied.

The personal information we collect from you is stored by us on secure servers, protected by a combination of physical and technical access controls, network security (including firewalls) and other security measures. Our mobile devices (laptops, tablets, smartphones etc) which may be used to access and process personal information are encrypted using secure technology.

When we transfer personal information electronically to product providers and other third parties, this is done using secure means. We also expect you, or the representatives you have authorised to share data, to take reasonable steps to safeguard your privacy when transferring information to us.

If you (or your representative) contact us to request information or to give us instructions, we will take steps to establish your (or your representative’s) identity. We will not disclose any personal information unless we are satisfied that you (or your representative) are who you claim to be.

Retention of your personal data

Your personal data will be held for as long as required to meet our legal, regulatory or fraud prevention requirements and will be retained by us either electronically or in paper format for a minimum of six years, or if longer than six years, the duration of this firm’s relationship with you or, where required, to meet our legal and regulatory obligations which may be for an indefinite period.

Where we retain your personal data, it will be safeguarded and used only for the purposes detailed in this privacy notice.

Your data and your rights

You have several rights in relation to your personal data:

To be informed about the personal information we collect, why we collect it, what we do with it and who we share it with
To request copies of your personal data under our control, via a data subject

access request

To rectify, erase or restrict processing
To request us to send an electronic copy of the data you have provided to us to
another organisation
To object to the processing of information
Where processing is based on consent, the right to withdraw your consent at

any time

Please contact us if you wish to exercise any of these rights. There will not ordinarily be a fee for this.

If you choose to exercise any of your rights, we will let you know if we cannot deal with your request, if we must deal with it differently or if it has implications on our services.

How to make a complaint

If you do not believe we have handled any concerns or complaint in respect of your personal data as detailed in this privacy notice, you may lodge a complaint with the UK’s data protection regulator, the Information Commissioner’s Office (ICO).

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Website: https://ico.org.uk/global/contact-us/

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_790KWBFVX8	2 years	This cookie is installed by Google Analytics.

Privacy Information Notice