What is the purpose of this document?
Our website address is: https://www.advancedasset.co.uk.
Advanced Asset Consultants Limited (AAC) is committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use personal information about you, in accordance with the Data Protection Act 2018 (DPA).
AAC is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.
Advanced Asset Consultants Ltd company registration number is SC362302 and its registered office is: Tay House (Spaces), 300 Bath Street, Glasgow G2 4JR.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information. We may update this notice at any time.
The kind of information we hold about you
Unless otherwise agreed with you, we will only collect basic personal data about you, which does not include any special categories of personal information about you (often known as “sensitive personal data”). This information does, however, include the likes of your name, address, email address, identity documents, professional qualifications and financial details.
How is your personal information collected?
We collect personal information about you either directly from you as part of our anti-money laundering obligations. We will collect additional personal information in the course of providing financial advice services to you.
We may also collect information when you voluntarily complete client surveys or provide feedback to us or provide information to us via our website. (https://www.advancedasset.co.uk).
How we use particularly sensitive personal information
In limited circumstances, it may benefit you to notify us of any health condition or disability you have, so that we are aware of these conditions and how they affect you and your financial circumstances. This will allow us to take reasonable steps to accommodate specific needs or requirements you have when providing our services to you and may be relevant to the advice we give. This type of information is known under the law as “special category information” (you may also know this as “sensitive personal data”) and we require your explicit consent to process this information.
Version 1 – November 2020
Advanced Asset Consultants Limited is authorised and regulated by the Financial Conduct Authority (No. 506651). Registered in Scotland at
Tay House (Spaces), 300 Bath Street, Glasgow G2 4JR
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
There are “special categories” of more sensitive personal data which require a higher level of protection.
This kind of information will only be collected from you and used by AAC to assist you, it will not be shared with any third parties except where necessary to provide our advice to you and will only be kept as long as it is required for this purpose, or until such time as you notify us you no longer consent to its processing.
Why we need your personal data and what we will do with it
We need to know basic personal data in order to provide you with the financial advice you have engaged us to provide, and to assert our right to be recompensed in return for these services, as per the engagement letter or contract we have with you. If you do not provide this information, then we will not be able to provide the advice you have requested. We will not collect any personal data from you that we do not need in order to provide and oversee the services we have agreed to provide you with under our engagement.
Your information may be stored on a cloud-based system whose servers are located within the European Union. We take reasonable steps to ensure that your personal data is processed securely.
Information about connected individuals
We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Why might you share my personal information with third parties?
We will need to share your personal information with financial institutions, insurance companies, credit reference agencies, banks/finance providers and pension/investment providers, or with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
On request we will provide you with a list of our third-party service providers. “Advanced Asset Consultants Limited employs third party suppliers to provide services including utilising the services of a credit reference agency (https://www.transunion.co.uk/legal-information/bureau-privacy-notice
We also engage the services of DropBox whose servers are located within non-EU countries and who work in line with a number of recognized methods, including standard contractual clauses and frameworks such as the EU-US Privacy Shield.
No other third parties will have access to your personal data unless you have provided your consent for us to share your personal data or there is a legal obligation for us to provide them with this.
How secure is my information with third-party service providers?
We may have to share your data with third parties, including third-party service providers. We require third parties to respect the security of your data and to treat it in accordance with the law.
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
What about other third parties?
We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal information with a regulator or to otherwise comply with the law.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long do we keep hold of your information?
During the course of our relationship with you we’ll retain personal data which is necessary to provide services to you. We’ll take all reasonable steps to keep your personal data up to date throughout our relationship.
We’re also subject to regulatory requirements to retain your data for specified minimum periods. These are, generally:
- Indefinitely for pension transfers, pension conversion, pension opt-out, or FSAVC;
- Five years for life policy, personal pension scheme, stakeholder pension scheme or benefits in a defined contribution occupational pension scheme (unless otherwise falling in (1) above;
- Three years in any other case.
These are minimum periods, during which we have a legal obligation to retain your records.
We reserve the right to retain data for longer where we believe it’s in our legitimate interests to do so. In any case, we’ll not keep your personal data for longer than 10 years after our relationship with you has ended.
You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
Rights of access, correction, erasure, and restriction Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information (note that this only provides you with the right to raise your objections, not a blanket right to have any and all processing cease). You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact Kevin Lynch in writing.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to withdraw consent (RWC)
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Kevin Lynch.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you have any questions about this privacy notice or how we handle your personal information or wish to raise a complaint about how we have handled your personal data, please contact Kevin Lynch of AAC who will investigate your concerns.
If you are not satisfied with our response, or believe we are processing your data unfairly or unlawfully, you can make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
Changes to this privacy notice
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information. This privacy notice was last updated in November 2020.
If you have any questions about this privacy notice, please contact Kevin Lynch at email@example.com
What we would also like to do with your data
We would like to send you information about our own products and services, by post, telephone, email and SMS. Please note that if you consent to being sent our marketing information via email then your data will also be shared with and you will be contacted by the third-party organisation MailChimp, who will make this contact on our behalf.
You also have the right to withdraw your consent to receiving marketing contact, and the associated processing of your data, at any time and you can do this via telephone (01413312434) or email (firstname.lastname@example.org).