Nexus IFA Limited & Nexus Financial Planning (Nexus) understand that your privacy is important to you and that your personal information (personal data) is used fairly and responsibly. We respect and value the privacy of all our clients and will only collect and use personal information in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Nexus has implemented systems and controls to ensure your rights and freedoms are protected and undertakes to meet its obligations under Data Protection Legislation, i.e. the Data Protection Act 2018 (DPA 2018), the UK General Data Protection Regulation (UK GDPR), and the Privacy and Electronic Communications Regulations (PERC).
WHAT PERSONAL DATA DO WE COLLECT?
Nexus will collect the following personal data, dependent upon the financial service required: Name, address, contact telephone numbers, email address, bank statements, passport, council tax and utility bills, driving licence, benefit statements, shotgun licence, payslips, criminal record information, existing pension information, life cover information, investment information, details of assets and liabilities, health information – life policies and long term care information – annual expenditure and any other existing relevant policy details, family situation & dependants.
Different variations of personal data are required for each product so we may not be required to collect all of the data listed above for all products or services.
HOW WE COLLECT YOUR PERSONAL DATA
You directly provide Nexus with the personal data we collect by the following methods: original physical copies, scanned certified email copies, scanned certified postal copies, of relevant documents.
WHO WILL PROCESS YOUR PERSONAL DATA?
Access to your personal data is permitted only for those Advisers & staff who require it to fulfil their responsibilities on your behalf. Your personal data will be initially processed by Nexus. Your personal data will be further processed by On-Line Partnership Group Limited on behalf of its subsidiary company The Whitechurch Network Limited who acts as our Principal for regulatory purposes. All parties will process your personal data in accordance with this Privacy Notice and the requirements of Data Protection Legislation. All parties are subject to information security training to enforce and communicate best practice when handling information.
WHAT HAPPENS IF WE WANT TO PROCESS YOUR PERSONAL DATA FOR OTHER REASONS?
Though there are some legal exceptions, if we wish to process your personal data for any other unrelated purpose than those we have informed you about we will notify you.
WHAT ARE THE CONSEQUENCES IF YOU DO NOT PROVIDE YOUR PERSONAL DATA?
Your personal data is essential to enable us to take steps (at your request) prior to entering into a contract or to perform a contract to which you are a party. Without this information we will not be able to proceed to provide any financial service. Processing will only occur whereby it is necessary to protect the vital interests of our client.
WHAT MAKES THE PROCESSING LAWFUL?
The lawful basis for the processing of your personal data as per Article 6(1) of the UK GDPR is:
- necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract
- for compliance with a legal obligation to which we are subject
- for the performance of a task carried out in the public interest
- for the purposes of the legitimate interests pursued by us
- you have given clear consent to process your personal data for a specific purpose.
KEEPING YOUR PERSONAL DATA UP TO DATE
We will record your information exactly as you provide it. You may ask us to update it at any time and we will action your request promptly and notify relevant third parties of any changes.
WHAT ABOUT SENSITIVE PERSONAL DATA?
Unless we are processing because it is necessary for reasons of substantial public interest, we will only process sensitive personal data, such as data concerning health, racial or ethnic origin, or sexual orientation, with your explicit and informed consent for specific purposes. In such cases you will be asked to sign a separate consent form to evidence this and that you understand the purpose(s) of the processing of such data. Your consent may be withdrawn at any time.
HOW WILL WE FURTHER USE YOUR PERSONAL DATA (OUR LEGITIMATE INTERESTS)?
- To contact you to ensure that our records of your personal information are correct and up to date;
- to respond to questions or complaints you may have about our services;
- to update you with changes in our terms;
- for statistical or research analysis relating to the performance of our business or that of our principal and understanding the changing needs of our clients;
- to review, improve and develop services we offer or to handle complaints;
- to pursue debts or unpaid fees;
- to evidence company practices;
- to evidence the standards and processes carried out conform to the company’s ethical standards and expectations;
- for direct marketing activities;
- to protect the business from risks which might be introduced by an individual.
You have the right to object to processing for these purposes and we shall cease unless we can show we have compelling legitimate grounds to continue.
PROCESSING WHEN PERFORMING A TASK CARRIED OUT IN THE PUBLIC INTEREST
We will use your personal data to protect members of the public against dishonesty, money laundering or fraudulent activities. This must necessarily be carried out without your explicit consent to ensure this function is not prejudiced. Part of this processing involves verifying your identity using third parties such as GB Group Plc or Creditsafe Business Solutions Ltd.
WHAT PERSONAL DATA IS REQUIRED?
We only collect data that is necessary to carry out the purposes listed above. This includes data you supply and data we receive from reference agencies. Where practical and lawful we will inform you about any of your personal data we receive from third parties that you may be unaware of.
HOW SECURE WILL YOUR PERSONAL DATA BE?
We will ensure that your data is only accessible to authorised people in our firm and will remain confidential at all times. Appropriate security measures are in place to prevent unauthorised access, alteration, disclosure, loss, damage or destruction of your information.
If we have a contract with another organisation to provide us with services or a service on our behalf to process your personal information, we’ll make sure they give reassurances regarding appropriate security measures in place and only process your data in the way we’ve authorised them to. These organisations won’t be entitled to use your personal data for their own purposes. If necessary, we will check them to make sure they meet the security requirements we’ve set. Please contact our Data Controller (see below) if you would like further information.
WILL WE SHARE YOUR PERSONAL DATA WITH ANYONE ELSE?
We may share your data with:
- We will use the information provided to protect members of the public against dishonesty, money laundering or fraudulent activities. This must necessarily be carried out without your explicit consent to ensure this function is not prejudiced. Part of this processing involves verifying your identity using third parties such as GB Group Plc or Creditsafe Business Solutions Ltd.
- Appropriate staff such as those who carry out financial or compliance functions.
- Organisations that need your data because we are required to provide it by law (e.g. The FCA, ombudsman services, HMRC, etc…)
- Organisations that carry out credit references or identity checks such as GB Group Plc or CreditSafe Business Solutions Ltd. These organisations may keep a record of the information and may disclose the fact that a search of its records was made to its other customers for the purposes of assessing the risk of giving credit, to prevent fraud and to trace debtors.
- Sometimes other authorised firms with specialist advisers, such as pension specialists, who assist us in providing suitable financial advice and services. You will be provided with their details if this applies.
- Organisations and individuals contracted by us to carry out specific administrative, financial, compliance or direct marketing functions. These contractors only act as data processors and will only process your information under our instructions and operate under the same obligations for data protection as we ourselves operate. Examples of such organisations would be to provide product research quotes; e-signature facilities; email marketing platform, or for direct marketing (see below).
- Law enforcement agencies, courts or other public authorities if we have to, or are authorised to, by law.
- Product providers we use to provide financial services.
- Where we or our Principal go through a business transaction, such as a merger, being acquired by another company or selling a portion of its assets, your data will, in most instances, be part of the assets transferred.
- Where you give clear consent for us to share your personal data with a specified third party.
AUTOMATED DECISION-MAKING PROCESSES
We may sometimes use automated processes when making decisions, but you will not be subject to a decision based solely on automated processing, including profiling.
TRANSFERRING YOUR PERSONAL DATA OUTSIDE THE UK / EUROPEAN UNION
We do not usually transfer any of your personal data outside of the EU except:
- When we need to perform pre-contractual measures (credit and identity checks) or because the checks we request are necessary for important reasons of public interest. Some companies, like Creditsafe Business Solutions Ltd, may transfer data outside of the EU to countries which do not, in the view of the EU Commission, offer an adequate level of protection. In such cases Creditsafe encrypts any data it sends to other agencies and only transfers information necessary to carry out checks.(A list of countries used to perform checks include Germany, Netherland, Belgium, France, Sweden, Norway, Finland, Luxembourg, Switzerland, Liechtenstein, Spain, USA, Estonia, Latvia, Lithuania, Poland, Slovakia, Czech Republic, Hungary, Slovenia, Bosnia, Serbia, Montenegro, Croatia, Macedonia, Kosovo, Albania, Bulgaria, Romania, Ukraine, Austria, Denmark, Moldova, Portugal, Italy, Canada, Brazil, Greenland, China, India, Australia, Russia, South Korea, Taiwan, Mexico, South Africa, New Zealand, Hong Kong, UK.)
- When we use a third party data processor contracted to perform direct marketing functions. The data they process is restricted to limited contact details (email address) only. Some companies, like Mailchimp, may transfer and process data outside of the EU. In such cases Mailchimp have agreed to provide an adequate level of protection for any data processed, in line & accordance with the requirements of EU Data Protection Regulations.
WHAT ABOUT DIRECT MARKETING?
We will use your personal data provided now and in the future to carry out direct marketing activities as these are legitimate interests pursued by us. Sometimes this includes, with your consent, sharing data with product providers for their marketing activities. You can choose which method you’d prefer us to use to contact you (by email, telephone, SMS or post) and you have the right to object at any time to the use of your personal data for this purpose and we will cease marketing activity. Contact our Data Controller (see below) to let them know about your preferences.
TELEPHONE CALL RECORDING
In line with The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 we may record incoming or outgoing telephone conversations for the following purposes:
- Establishing facts and evidence for business transactions;
- Ensuring compliance with regulatory or self-regulatory practices;
- Ascertaining and demonstrating that standards are being met;
- Preventing or detecting crime;
- Investigating or detecting the unauthorised use of that or any other telecommunication system;
- Safeguarding the effective operation of the telecommunications system.
VISITORS TO OUR WEBSITE & COOKIES
HOW LONG WILL WE KEEP YOUR PERSONAL DATA FOR?
The Financial Conduct Authority lays down rules relating to how long your personal data should be held for and we will keep your data to meet these requirements. We will not keep your personal data for longer than is necessary in light of the reason(s) for which it was first collected. The following factors will be used to determine how long your personal data is kept by us:
- Business requirements
- Legal requirements
- Regulatory requirements
REQUESTING A COPY OF YOUR PERSONAL DATA WE HOLD
You may at any time ask for a copy of the personal data we hold about you – it is your legal right. This is known as a “subject access request”. We prefer if all subject access requests are made in writing. There is not normally any charge for a subject access request. We will provide you with a copy of any non-exempt personal data within one month unless we ask you for an extension of time. To protect your personal data, we will ask you to verify your identity before we release any data. We may refuse your request if we are unable to confirm your identity. Please contact our Data Controller (see below) to request a copy of your data.
You have the right, on grounds relating to your situation, at any time to object to processing which is carried out as part of our legitimate interests or in the performance of a task carried out in the public interest. We will no longer process your personal data unless we can demonstrate there are compelling legitimate grounds which override your rights and freedoms or unless processing is necessary for the establishment, exercise or defence of legal claims.
You have the right to object at any time to processing your personal data for marketing activities. In such a case we must stop processing for this purpose.
WHAT ARE YOUR OTHER LEGAL RIGHTS? >
In addition to the rights above the additional following rights:
- Where you have given consent, you have the right to withdraw previous consent to processing your personal data at any time;
- You have the right to request from us access to and rectification or erasure of personal data or restriction of processing concerning your data;
- You have the right to receive data you have provided to us in a structured, commonly used and machine readable format;
- You have the right to object to processing of personal data;
- You have the right to lodge a complaint with the regulator (see below).
To exercise any of these rights please contact our Data Controller (details below).
HOW TO CONTACT OUR DATA CONTROLLER
Your trust is important to us. That is why you can contact our data controller about any data protection or marketing issues by:
- Writing to: Nexus Data Controller, 2-4 York Buildings, Cornhill, Bridgwater, Somerset, TA6 3BS
- Telephoning: 01278 439494
- Emailing: email@example.com
HOW DO YOU MAKE A COMPLAINT TO THE REGULATOR?
- By writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
- By telephoning: 0303 123 1113
- By emailing: firstname.lastname@example.org
- By using their website: https://ico.org.uk/make-a-complaint/your-personal-information-concerns
CHANGES TO THIS PRIVACY NOTICE
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business practices in a way that affects personal data protection.
The latest version of our Privacy Notice is always available this website.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Your consent applies to the following website: www.blog.nexusifa.co.uk
What are cookies ?
Cookies are small text files that are used to store small pieces of information. The cookies are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make the website more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.
The third-party cookies used on our websites are used mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.
What types of cookies might we use ?
Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to your basket and checkout securely.
Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit etc. These data help us understand and analyze how well the website performs and where it needs improvement.
Marketing: These cookies are used to personalise advertisements so that they are meaningful to you. These cookies also help us keep track of the efficiency of these ad campaigns.
The information stored in these cookies may also be used by the third-party ad providers to show you ads on other websites on the browser as well.
Functional: These are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing contents on the website on social media platforms.
Preferences: These cookies help us store your settings and browsing preferences like language preferences so that you have a better and efficient experience on future visits to the website.
The list below details the cookies used in our website.
|_ga, _gid||cookies asssociated with Google Universal Analytics – used to distinguish unique users, track amount of visits, and the time of the visit and keeps track of returning visits. No personal information is stored in the cookies.|
|eu_cn, external_referer, guest_id, personalization_id, tfw-exp||cookies set by Twitter – used to help display tweets on the site, monitor referral links, used to identify those logged into Twitter and collect data related to the Twitter platform.|
|eucookielaw||technical cookie which prevents the banner from being displayed to the same user again for 30 days|
|lang||used to store language preferences|
How can I control the cookie preferences ?
In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more out more on how to manage and delete cookies, visit www.aboutcookies.org or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
To find information relating to other browsers, visit the browser developer’s website.