Introduction

 

This notice provides you with information concerning our collection and use of personal data. If you have any queries regarding this statement, please do not hesitate to contact us. We are registered with the ICO in the UK and operate under the UK jurisdiction of the Data Protection Act 2018.

Sensitive or Special Category personal data:

 

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data
  • Data concerning health
  • Data concerning sex life or sexual orientation

None of the above type of information is normally necessary or collected by us nor is it normally required by the regulator.

 

We would discuss with you the need for the provision of any sensitive, criminal or other highly confidential data before you provide this information. The subsequent provision of personal data will be taken as consent to this processing. 

 

Where you have disclosed sensitive personal data about a client, we will assume that you have obtained informed consent to such sharing or obtained it for the lawful purpose of insurance underwriting consideration.

 

Where you share data about your staff you must ensure that your terms of employment or engagement include the sharing of data for regulatory compliance purposes.

 

It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.

 

We do not use your personal data for marketing purposes nor will we share your data with any other organisation for marketing purposes.

What data we collect & what do we do with it

 

Completing our initial enquiry form.

If you contact us via the web form on our website your data will be protected by a secure socket layer. This site is hosted at WordPress.com, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help to improve it. For more information about how WordPress processes data, please see Automattic’s privacy notice. If you enter details into our webform these will be transmitted to us via email and temporarily stored on a Microsoft Hosted Exchange. The site is secured by UKFast.

 

Calling our business line 0330 111 6161

This number will take you to our answering service provided by 08Direct, a service run by Core Telecom Ltd. Your message will be temporarily stored by Core Telecom Ltd in the UK. Their terms can be found here. Your message will then be transmitted to us via email and will be temporarily stored on a Microsoft Hosted Exchange.

 

What we will do with your enquiry

Once we have responded to your enquiry your data will be transferred to our local encrypted server located in the UK. Email details are also stored within our Apple Inc. iCloud account.

 

Doing business with us

In order to provide compliance support services we will require your contact details including personal email addresses. Your name and email and information relating to the work we undertake for you will be stored on our encrypted devices.

 

Wherever possible we will communicate and liaise with you on projects using end to end encrypted services on which we have done due diligence.

 

 

Esupport updates

We will store your name and email address with a data processor to enable us to communicate regulatory and service updates to you.  Mailchimp.

 

All support services

We collect and use information about your firm, which may include personal data to keep you informed and to have dialogue with you around regulatory compliance matters.

 

Additional information is needed to process applications to regulators, for example FCA Connect, FCA Gabriel or RegData and LSE.

 

Most of the information we hold about you is publicly available information and most of our processing involves electronic communications with you at your request.

Sharing your data

 

File audit work requires us to hold information about your clients; we generally delete this immediately after we have completed an audit.

 

In the course of our contracted work with you we may share or require you to share personal data related to your staff, contractors, controllers, directors and clients. Your agreements and terms need to cover this sharing of data with compliance support services.

 

The information you provide us with will be shared with contractors or consultants working with us, The Financial Conduct Authority (FCA) or occasionally another regulatory body in order to complete contracted work for you. Our external associates who may assist in the provision of some services are registered Data Controllers in the UK and we hold non-disclosure agreements with them.

 

We also use external data processors that will hold information for the following purposes:

 

  • Secure file sharing
  • Data backup
  • Dissemination of information/communication

 

All external processors are only permitted to process your data in line with our instructions, they do not have access to content.

 

Data processors

 

 

We may also invite you to participate in Appointly to arrange a meeting and Zoom for video conferencing and meetings. Data shared is limited to your name and email address.

 

 

Otherwise we will not share your personal information with other companies without your express authority except if the firm is sold or where we are required to do so by law.

Marketing

 

The information we collect about you is used solely for the purposes for which it was provided. We will never use your data or share it for marketing purposes. If recommend a product to you it will be for your benefit and not by way of marketing. We do not receive any remuneration from third party product providers for presenting their product information.

Your rights

 

Under data protection law you have the right to ask us for a copy of the information we hold about you, and to have any inaccuracies corrected or removed. You may also ask us to delete all personal data held by us or any controller or processor with which we have shared your data.

 

To do this, please either contact us in writing, by telephone or electronically.

Contact

 

For any queries about data protection please contact:

Contact name Karen Malin
Address 60 Cookridge Drive, Leeds LS16 7HW
Telephone 0330 111 6161
Web thegiconsultant.com

Where we store your Personal Data

 

All the data that we collect is stored on our encrypted server or back up drives in the UK or with our listed processors under contract.

IP Addresses and Cookies

 

Our website uses cookies purely to enhance your experience.

 

(A cookie is a piece of information that is stored on your computer’s hard drive which records how you have used a website. This means that when you go back to that website, it can give you tailored options based on the information it has stored about your last visit.)

 

Vital cookies!

Ones that are essential to the operation of the website. These cookies enable a site to remember text entered in a page within the same session or to remember whether a user is logged in or not, the site cannot function without them.

 

Performance cookies

Performance cookies, which collect information about website usage to enhance the web experience. Examples of these include website analytics (i.e. Google Analytics) and ad-response rates (where data is collected exclusively for calculating click-through rates). They don’t collect information that can identify a particular visitor. These cookies are usually persistent and have fairly long expiry rates.

 

Functionality cookies 

These remember the choices that users make within a web page, such as usernames, language or region to provide an enhanced, more personalised web experience. They cannot track your activity on other websites and are anonymous.

 

Advertising cookies

Targeting or advertising cookies collect information about your browsing habits to tailor third-party advertising to meet your interests. They are usually placed by advertisers with website operators’ permission. We do not use this type of cookie.

 

Any changes we may make to our privacy policy in the future will be posted on our websites where appropriate or may be notified to you by post or e-mail.