How do we collect your data and for what purpose?
We collect Personal Data from you when you use the Website and process this Personal Data for the purposes of providing you with access to the Website. You may also choose to provide us with additional Personal identification information such as name, email and contact number via email or the contact form available on the Website, including via the self-certification form, which we will process for the purposes of responding to your queries including any investment proposals. Responding to these queries is necessary for the purposes of our legitimate business interests.
What personal data do we process?
Typically, we may need to process your name, business name (where relevant), address, email address and contact telephone number and date of birth. What we process will depend on the nature of the query. For enquiries relating to investment opportunities, we will require more detailed information about you.
On what grounds do we process your data?
We collect your data either on the legal basis of legitimate interest, in so much as it is necessary for the purpose of our legitimate interests to collect and process Personal Data, and also where it is necessary for the performance of a contract as detailed below:
- To provide you with any services and/or information you request from us;
- Responding to queries you may submit to us via email or in other formats;
- To administer our sites and for internal operations, including troubleshooting, data analysis, load management, testing, research, statistical and survey purposes;
- To improve our Website to ensure that content is presented in the most effective manner for you and for your computer
We may also share your Personal Data with certain third parties for contractual purposes or with regulatory and law enforcement agencies if we are required by law to do so.
Who do we share your Personal Data with?
We will never sell, trade, or rent your personal data to others, however, we may disclose your Personal Data to some or all of the following recipients:
- Members, shareholders and businesses with which we have a contractual relationship
- External advisors such as lawyers, accountants and auditors
- Regulatory authorities and law enforcement agencies (where we are under a duty to disclose or share your Personal Data in order to comply with any legal or regulatory obligation or request)
Where do we store your data?
Safeguarding the privacy of your information is important to us, whether you interact with us personally, by phone, by mail, over the internet or any other electronic medium.
We hold personal data in secure computer storage facilities and take steps to protect the personal data we hold from misuse, loss, unauthorised access, modification or disclosure.
The internet is an open medium and we cannot guarantee that any information you send to us by email or via our sites will not be intercepted or tampered with; any transmission is at your own risk. To help protect your personal data and minimise the risk of it being intercepted by unauthorised third parties our secure servers employ Secure Socket Layer v3 (SSL) or Transport Layer Security v1 (TLS) encryption when you submit information to us through our sites. This security is signified by the “https” and the padlock on the URL bar. Some older browsers do not allow the use of current SSL technology and we therefore recommend that you use an up-to-date browser. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long do we store your data?
We will keep your personal data for as long as is necessary for the purposes for which it was obtained from the date of collection or, where you enter into a contractual arrangement with us, following the end of the performance of our contract. This may be up to 6 years in the case of data which falls under prevailing financial regulations.
Transfers of personal data outside the EEA
Your data may be transferred to, stored at, and processed at a destination outside the European Economic Area by our service providers. The predominant destination will be the UK. Data transfers are appropriately safeguarded between the EEA and the UK on basis of adequacy. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the GDPR or other relevant laws.
We will not transfer data outside the EEA without first ensuring that one of the appropriate safeguards under Article 46 GDPR is present. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the GDPR or other relevant laws.
Statutory Information in relation to data not provided by the data subject
In some circumstances, we will have obtained data from sources other than the data subject, for example by searching for an individual’s email address online or through the use of LinkedIn and similar resources.
Where personal data has been obtained in this way we are obliged to provide the following information:
- the data controller is Fortified Advisory and can be contacted at firstname.lastname@example.org;
- the data protection officer is Christopher Bilmes of Fortified Advisory and can be contacted at email@example.com;
- the data is processed for the purpose of marketing which, in our view, is a legitimate interest;
- the personal data that we process is that set out above;
- there are no recipients of the personal date and we do not intend to transfer the data to a third country;
What are your data protection rights?
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to request copies of your personal data.
- The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request we complete the information you believe is incomplete.
- The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request we restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email firstname.lastname@example.org
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
For further information, visit www.allaboutcookies.org.
How to contact us
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact the relevant supervisor authority. The contact details can be accessed here: https://ico.org.uk/make-a-complaint/