Accrue Investment Management Limited welcome the introduction of the new European legislation including the General Data Protection Regulation (“GDPR”) which came into force on 25th May 2018, and applicable national acts implementing the GDPR such as the UK Data Protection Act 2018 (or such other UK laws implementing the GDPR in the UK), with the objective of establishing greater protection of personal data and enhancing your rights in respect of your personal data.
The Firm is committed to keeping your personal data safe and to ensuring the integrity and security of any personal data we may process. We ask you to read the Accrue privacy statement very carefully as it contains important information on the way in which we will process your personal data, in particular:
The personal information we collect about you;
Our legal bases for processing your personal data;
What we do with your personal information;
Who your personal data may be shared with;
Your rights as a data subject under the Data Protection regulations.
Personal data includes any information that directly or indirectly identifies an individual. We collect personal data relating to you and your use of our services from a variety of sources, which are detailed below.
We may collect certain data, such as personally identifiable information, contact information, financial information, employment and education data, other information gained during interactions or correspondence with you and, with your explicit consent, sensitive personal data (such as physical or mental health conditions).
We may collect your personal data directly from you, as well as from other parties (such as Clients). This includes personal data where you apply /supply for a joint product or service or where you agree to act as a Third Party Authority for a client of ours, as well as from third parties, such as credit reference agencies, fraud prevention agencies, electoral roll, financial advisors, court records of debt judgements and other publicly available sources.
Our legal basis for processing your personal data
We will only process your data where we have a legal basis for doing so. We may rely on the following legal bases for collecting and further processing your personal data:
Contractual necessity e.g. to fulfil our obligations in respect
of your account, policy or service;
Legal or regulatory obligation;
Legitimate interest; or
We do Not sell your personal data or other information to any third party and we cannot legally charge you for a report on any data we hold
- this is is commonly referred to as “subject access”.
- Individuals can make a subject access request verbally or in writing.
- We have one month to respond to a request.
- We cannot charge a fee to deal with a request in most circumstances.
We are required to gain your explicit consent prior to processing any sensitive information about you, for example information about your physical health or mental health but we can assure you we would have no need to collect such data other than to asses for health and safety reasons.
We may use your personal data for our combined interests in order to allow us to provide the best services and customer experience and to ensure our service remains relevant and tailored to your needs.
For example, we may rely on our legitimate interest to process your personal data for the following purposes:
To send you company updates, newsletters or other marketing communications; thou you will be made aware of the ability to opt out of marketing campaigns this is to enhance communications for your benefit.
Who we share your personal data with and why?
We share your data with approved third-party providers that have adequate data protection measures in place that align with the requirements of the data protection regulation.
Professional companies and other persons providing services to us including legal, professional advisers, auditors, tax and accountancy advisers and printing services;
Credit reference agencies, identity reference & fraud prevention agencies
Government bodies and agencies in Kinetics legal domicile e.g. HMRC.
Please note you have the right to object to any processing for which we rely on legitimate interest as the legal basis. You can do so by using the contact details set out at the end of this privacy statement.
Your rights in respect of your data are:
Access rights: You can request a copy of the personal information we hold about you.
Right to request rectification: We take reasonable steps to keep your information accurate, but you can also ask us to change any information we hold about you to keep it accurate, complete and current.
Right to request erasure (‘to be forgotten’): You have the right to ask us to delete the personal information we hold on you; however, please note that there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it.
Portability: You have the right to request that we send the personal data you provided to us to another data controller4 in a commonly used electronic format, where technically feasible.
Right to request restriction: You can request that we restrict our processing of your personal information.
Right to raise an objection to our processing: Where our processing of your information is performed on the basis of ‘legitimate business interest’, then you can request we stop.
Right to complain to a supervisory authority: If you are dissatisfied with our use or management of your personal information, you have the right to complain to an EU Data Protection Supervisory Authority. In the UK, the relevant Data Protection Supervisory Authority is the Information Commissioners Office (ICO)
you can contact them via their website: www.ico.org.uk also there is a link below
Personal data provided in respect of third parties
You acknowledge that you must have the authority to provide any third party’s personal data to us and agree to share this data protection statement with such third parties and inform them of the details you have advised us of.
We will regularly review our records to ensure that we do not retain your personal data longer than is necessary, unless there is a legal reason for extended retention.
We are a reputable FCA regulated firm and have more than adequate business continuity plans and systems and these are available to review on request
or by mail or phone need on 01225 303333
This report was prepared using data from the ICO, further information is available below