Privacy notice

At Corfe Wealth Management we respect your privacy and the confidentiality of your personal information.

Who are we?

Corfe Wealth Management is an appointed representative of Lyncombe Consultants Limited who is part of the Adviser Services Holdings Limited (ASHL) group of companies.

This Privacy Notice explains:

Who we are
What personal information we collect
How we use your personal information
Who we share your information with and why
How we keep your information secure
Your rights
How to contact us

Who we are

Corfe Wealth Management provide financial planning solutions and advice through experienced and qualified advisers based in the UK.

Currently, Corfe Wealth Management and Lyncombe Consultants Ltd jointly determine the purposes and means of processing personal client data relating to giving advice. This means we’re joint data controllers for these core advice giving activities and therefore responsible for managing this client data and ensuring compliance.

However, Corfe Wealth Management is solely responsible for some activities, for example any direct marketing that we undertake.

What personal information we collect

Personal information includes your name, address, or phone number and other information that isn’t otherwise publicly available. We collect personal information about you when you contact us about products and services, visit a financial advisor, visit a website we may have or register to receive one of our newsletters (if applicable).

The type of personal information we collect will depend on the purpose for which it is collected and includes:

Contact details
Information to verify your identity
Family, lifestyle, health and financial information
Payment details

We collect personal information directly from you. For example, we ask for personal information at the start of our relationship and in subsequent communications, in order to check your identity and protect you from fraud. This is a legal requirement and is important to help safeguard you against potential crime.

Special category information

In some instances, it is necessary to collect more sensitive information (such as health or lifestyle information) which is called special category data. This is to allow us to provide our financial advice service to you. We will always obtain your consent during the advice process to gather this data and explain what information we require and why it is needed. Sensitive personal information will always be processed and stored securely. You can withdraw your consent at any time to us processing this data, however, this may mean that you can no longer access the service or product the information was gathered for.

Cookies

We also collect information about you from other sources. For example, our website automatically collects information from your computer using “cookies” which provides us with limited personal information. Cookies are small text files that are placed on your computer by websites that you visit. They’re widely used in order to make websites work, or work more efficiently, as well as to provide information to the website owners. For further information visit www.aboutcookies.org or www.allaboutcookies.org.

You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

Data retention

We keep your personal information only as long as is necessary for the purpose for which it was collected and to meet regulatory or legislative requirements. Personal information will be securely disposed of when it’s no longer required, in accordance with our Data Retention and Disposal Schedule. A copy of this is available using the contact details below.

On what basis do we collect data?

The processing of your personal data is allowed under a number of lawful bases. The data required for the provision of products and services is processed on the basis there’s a contract with you to do so. Any relevant marketing activity we undertake is done because, as a firm, we have a legitimate interest to do so. However, you have rights, as listed below, which impact how we can use and process your data.

How we use your personal information

We process your information in order to support and maintain our contractual relationship with you and to comply with legal and regulatory requirements. This includes the following:

Providing our advice, products or services to you
Carrying out transactions you have requested
Confirming and verifying your identity for security purposes
Credit scoring and assessment, and credit management (where applicable)
Detecting and preventing fraud, crime, money laundering or other malpractice.

We also process your data for specific business purposes to enable us to give you the best products and services and the best and most secure experience. For example, we process your information to send you marketing that is tailored to your interests.

Our business purposes include the following:

Enhancing, modifying, and personalising our services for the benefit of our customers
Providing communications which we think will be of interest to you
Market or customer satisfaction research or statistical analysis
Audit and record keeping purposes
Enhancing the security of our network and information systems.

You have the right to object to this processing if you wish, please see “YOUR RIGHTS” section below. Please bear in mind that if you object this may affect our ability to carry out the tasks above for your benefit.

We may also process your personal data as part of an acquisition or sale. Should this happen, you will be notified about any change to processing or data controller arising as a result of this activity.

Who we share your information with and why

We share your information with trusted third parties who perform tasks for us and help us to provide the services you require these include:

Lyncombe Consultants Limited;
Other adviser firms in the network for the purpose of providing you with advice (with your knowledge);
The ASHL Group of companies to enhance the services and products we can offer you;
Third parties to verify your identity, in line with money laundering or other requirements (this may involve carrying out checks with credit reference databases);
Third parties who perform tasks for us to help us set up or service your plan (these third parties may be based in countries outside the European Economic Area (EEA) but where they are, we’ll undertake an assessment of safeguards in place);
Other organisations, including regulatory bodies, the police and fraud prevention agencies, to prevent and detect fraud;
Third parties where required by law, court order or regulation; and
Third parties as part of an acquisition or sale.

How we keep your information secure

We’re committed to ensuring the confidentiality of the personal information that we hold and we continue to review our security controls and related policies and procedures to ensure that your personal information remains secure.

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information is kept secure.

If we work with third parties in countries outside the EU, we ensure these are countries that the European Commission has confirmed have an adequate level of protection for personal information, or the organisation receiving the personal data has provided adequate safeguards.

In limited circumstances, data may be accessed outside of the EEA i.e. by employees when they travel. In these circumstances, we ensure there are appropriate information security measures in place to safeguard your information.

Your rights

Corfe Wealth Management tries to be as open as it can be in terms of giving people access to their personal information and therefore have outlined your rights below. This privacy notice was drafted with brevity and clarity in mind, therefore further information can be gathered by contacting us using the details below, or more information about your data protection rights can be found here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Marketing

You have the right to opt out of receiving marketing information and tell us what your communication preferences are by contacting Corfe Wealth Management using the details provided at the end of this notice or by using the opt out option below or on any email marketing. You may opt out at any time if you don’t want to receive any further communications of this nature.

Individual data rights and requests:

The right to be informed – You can request that we provide ‘fair processing information’, typically through this privacy notice;
The right of access – You may request a copy of the personal information we hold about you using the contact details found on the end of this privacy notice;
The right to rectification – The accuracy of your personal information is important to us. You have the right to ask us to update or correct your personal information;
The right to erasure – You may request the deletion or removal of personal data where there’s no compelling reason for its continued processing;
The right to object – You may object to the processing of your data based on legitimate interests;
The right to restrict processing – You have a right to request we ‘block’ or suppress processing of your personal data;
The right to data portability – You may request to obtain and reuse your data; and
The right not to be subject to automated decision-making including profiling.

If you wish to correct, restrict, delete or make changes to your personal information, or any of the data subject rights listed above, please contact us at the number/address listed below.

How to contact us

If you have questions about this notice, need further information about our privacy practices, or wish to give or withdraw consent, exercise preferences or correct your personal information, please contact us using the following details.

6 Corfe Close

Ashtead

Surrey

KT21 2HA

How to complain

If you wish to raise a complaint about how we have handled your personal data, you can contact The Office of Data Protection who’ll investigate the matter.

If you’re not satisfied with our response, or believe we’re not processing your personal data in accordance with the law, you can complain to our regulator:

Information Governance Department

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

0303 123 1113

www.ico.org.uk/concerns

Consent to gather special category data

As detailed above, in some instances, it is necessary for us to collect more sensitive information (such as health or lifestyle information) which is called special category data. This is to allow us to provide our financial advice service to you. This is where we need to gather your consent to the collection and processing of this data. You can withdraw your consent at any time to us processing this data, however, this may mean that you can no longer access the service or product the information was gathered for.

Date……………………………………….…..

Print name………………………………….

Signature……………………………………

By signing this box, you are giving consent for special category personal data to be collected, stored and used in order for your adviser to provide you with a tailored advice service.

Electronic marketing

We may want to send you relevant marketing electronically from time to time. If you do not wish to receive electronic marketing, then please tick the box below to opt out.

I do not wish to receive electronic marketing of relevant marketing information

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our site. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Cookie	Name	Purpose	More information
Necessary	__cfduid	Used by the content network, Cloudflare, to identify trusted web traffic.	https://allaboutcookies.org/
Statistics	_ga	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
Statistics	_gat	Used by Google Analytics to throttle request rate
Statistics	_gid	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
Marketing	Collect (Google Analytics)	Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.
Unclassified	DYNSRV	Unclassified

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

Collecting and using your information

Types of information we collect and use

Depending on how you choose to interact with us, the information about you that we collect and use includes:

Information about who you are e.g. your name, date of birth and contact details
Information connected to your product or service with us e.g. your bank account and financial details
Information about your contact with us e.g. meetings, phone calls, emails / letters
Information that is automatically collected e.g. via cookies when you visit one of our websites (please see our section on cookies)
Information if you visit one of our offices e.g visual images collected via closed-circuit television (CCTV)
Information classified as special category personal information e.g. relating to your health, marital or civil partnership status. This information will only be collected and used where it’s needed to provide the products or services you have requested or to comply with our legal obligations
Information you may provide us about other people e.g. joint applicants or beneficiaries for products you have with us
Information on children e.g. where a child is named as a beneficiary on the policy taken out by a parent or guardian on their behalf. In these cases, we will collect and use only the information required to identify the child (such as their name, age, gender)
Demographic information such as postcode, preferences and interests
Other information relevant to customer surveys/and or offers

Where we collect your information

We may collect your personal information directly from you, or from a variety of sources, including:

application forms for a product or service
credit reference agencies
phone conversations with us
emails or letters you send to us
meetings with your IFA
registering for one of our events e.g. retirement events or webinars
participating in research surveys or feedback forms to help us understand you better and improve our products and services
our online services such as websites, newsletters, social media and mobile device applications (‘Apps’)

If you use one of our Financial Advisers, the information we collect and use will most likely have been provided by them on your behalf. We may also collect personal information on you from places such as business directories and other commercially or publicly available sources e.g. to verify your identity, to comply with our anti-money laundering and financial crime obligations, check or improve the information we hold (like your address) or to give better contact information if we are unable to contact you directly.

What we collect your information for

We take your privacy seriously and we will only ever collect and use information that is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only where:

you have given us your permission [consent] to send you information about products and services offered by Corfe Wealth and other parts of The Beaufort Group and / or selected third parties we have chosen to work with which we believe may be of interest and benefit to you, or;
it’s necessary to provide the products or services you have requested e.g. if you wish to take out any of the pensions, investments, mortgages, loans or insurances available through us. Typically to facilitate this we will require personal information including your name, address, date of birth, and bank account details, or;
it’s necessary for us to meet our legal or regulatory obligations e.g. to send you Annual Review Letters or Statements, tell you about changes to Terms and Conditions or for the detection and prevention of fraud, or;
it’s in the legitimate interests of Corfe Wealth and The Beaufort Group e.g. to deliver appropriate information and guidance so you are aware of the options that will help you get the best outcome from your product or investment;
we need to process your information to better understand you and your needs so we can send you more relevant communications about the products you have with us and to develop new products and services;
we use artificial intelligence or computer algorithms to improve the products and services offered to you, or;
it’s in the legitimate interests of a third party e.g. sharing information with the providers of products or services you have chosen through us.

If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our products or services. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

where we need to perform the contract we are about to enter into or have entered into with you. • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
where we need to comply with a legal or regulatory obligation such as anti-money laundering.

In order to process your application, we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.

For more information about CRAs, please visit https://www.experian.co.uk/crain/index.html or https://www.equifax.co.uk/ein.html

Click here to find out more about the types of lawful basis that we will rely on to process your personal data.

We rely on consent as a legal basis for processing your personal data only in relation to sending third party or direct marketing communications to you. You have the right to withdraw consent to marketing at any time by contacting us.

Automated decision making systems

We sometimes use systems to make automated decisions based on personal information we have – or are allowed to collect and use from others – about you. These automated decisions can affect the products, services or features we offer you now or in the future. We use automated decisions in the following ways:

to tailor products and services e.g. placing you in groups with similar customers to make decisions about the products and services we may offer you to help meet your needs
to design and enhance our online services to help meet your requirements for ongoing guidance and support.

For further information on your rights relating to automated decisions, please see the section on YOUR INDIVIDUAL RIGHTS.

Who we may share your information with

We may share your information with third parties for the reasons outlined in ‘What we collect and use your information for.’ These third parties include:

companies within The Beaufort Group
your Financial Adviser
companies we have chosen to support us in the delivery of the products and services we offer to you and other customers e.g. research, consultancy or technology companies; or companies who can help us in our contact with you
our Regulators and Supervisory Authority e.g. the Financial Conduct Authority (FCA), the Information Commissioner’s Office for the UK (the ICO)
law enforcement, credit and identity check agencies for the prevention and detection of crime
HM Revenue & Customs (HMRC) e.g. for the processing of tax relief on pension payments or the prevention of tax avoidance

We will never sell your details to someone else. Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.

Links to other websites

Our website may contain links to enable you to visit other websites of interest easily. Once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy notice. You should exercise caution and look at the privacy notice applicable to the website in question.

Processing, protecting and storing your information

Where your information is processed

The majority of your information is processed in the UK and European Economic Area (EEA).

However, some of your information may be processed by us or the third parties we work with outside of the EEA, including countries such as the United States and India.

Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. we will put in place legal agreements with our third party suppliers and do regular checks to ensure they meet these obligations.

Our security controls are aligned to industry standards and good practice; providing a controlled environment that effectively manages risks to the confidentiality, integrity and availability of your information.

How we protect your information

We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection responsibilities.

Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees are trained to protect sensitive or confidential information when storing or transmitting data in any medium including electronically and must undertake annual refresher exercises on this.

How long we keep your information

We will keep your personal information where it is necessary to provide you with our products or services while you are a customer with us.

We may also keep your information after this period but only where it is required to meet our legal or regulatory obligations. The length of time we keep your information for these purposes will vary depending on the obligations we need to meet.

Your individual rights

You have several rights in relation to how Corfe Wealth and The Beaufort Group uses your information. They are:

The right to be informed
You have a right to receive clear and easy to understand information on what personal information we have, why and who we share it with. This can be found in our Privacy Notices.

The right of access
You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR).

The right to request that your personal information be rectified
If your personal information is inaccurate or incomplete, you can request that it is corrected.

The right to request erasure
You can ask for your information to be deleted or removed if there is not a compelling reason for Corfe Wealth or The Beaufort Group to continue to have it.

The right to restrict processing
You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.

The right to data portability
You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way. For example, if you were moving your pension to another pension provider.

The right to object
You can object to Corfe Wealth and The Beaufort Group processing your personal information where: it’s based on our legitimate interests (including profiling); for direct marketing (including profiling); and if we were using it for scientific/historical research and statistics.

Rights related to automatic decision-making including profiling
You have the right to ask Corfe Wealth to:

give you information about its processing of your personal information
request human intervention or challenge a decision where processing is done solely by automated processes
carry out regular checks to make sure that our automated decision-making and profiling processes are working as they should.

How to make a complaint

We will always strive to collect, use and safeguard your personal information in line with data protection laws. If you do not believe we have handled your information as set out in our Privacy Notice, please write to us using the contact details above and we will do our utmost to make things right. If you are still unhappy, you can make a complaint to the Information Commissioner’s Office, who are the UK’s independent authority charged with upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals. You can contact them at: ico.org.uk/