What information do we collect about you and why?
We collect and use personal data where we have a legitimate reason to do so. This includes keeping records of transactions and providing a service to our clients. We collect information via the account application process provided to you by one of our customers (who may be wealth managers or other investment service providers) and throughout our relationship with you in order to comply with regulation and for the purpose of performing our contract with you. The provision of your personal data is required in order to enter into a contract with us. We record and may monitor phone calls made to or by us in order to comply with regulatory obligations.
How long do we keep this information?
We will keep your personal information for as long as it’s considered necessary for the purpose for which it was collected and to comply with our legal and regulatory requirements. This will involve keeping your information for a reasonable period of time after your relationship with us has ended – typically 5 years.
Who do we share your information with?
- our IT and service providers in order to provide and maintain the provision of our services;
- our appointed auditors, accountants, lawyers and other professional advisers, to the extent that they require access to the information to provide advice;
- fraud prevention agencies and other organisations to allow us to undertake the relevant checks;
- the Financial Conduct Authority, the Information Commissioner’s Office, or any relevant regulatory authority where they are entitled to require disclosure;
- if required to do so to meet applicable law, the order of a Court or market rules and codes of practice applicable to the circumstances at the time;
- relevant authorities to investigate or prevent fraud or activities believed to be illegal or otherwise in breach of applicable law;
- if tax regulations require us to collect information about tax residency, then in certain circumstances (including if we do not receive a valid self-certification from you), we may be obliged to share information about your account with the relevant tax, payments and customs authority, who may pass this on to tax authorities in other jurisdictions.
We will not lend or sell your information to third parties.
Your personal information may need to be shared with our service providers, which may involve transferring it to countries outside the European Economic Area (EEA). Where we do so, we will ensure that we do this in accordance with current data protection legislation by only transferring your data to jurisdictions in respect of which there is a European Commission adequacy decision or, where this is not the case, by using model clauses which have been approved by the European Commission.
You have certain rights in respect of the data we hold relating to you. Details of these rights can also be found on the Information Commissioner's Office website. You are entitled to a copy of the information we hold about you in a portable format or otherwise, to request rectification, erasure, or restriction of processing of the information we hold about you, and to object to processing or to automated decision making. Please note that the application of these rights vary according to the legal basis used to process your data. In certain circumstances we are required to retain copies of information we hold about you by other regulations. In this instance we will not be able to erase or modify the data. In order to exercise these rights or if you have any concerns about our use of your personal information, please contact the Data Protection Officer using the information at the end of this notice. We will endeavour to keep your information accurate. If, however, at any time after giving us this information it becomes out of date, we ask you to notify us directly and we shall remove or amend the information within a reasonable time frame and in accordance with legislative requirements.
Internet communication, which includes email, is not secure. The protection of data by encryption is possible provided that the encryption method (protocol) used is current and the correct procedure for encryption and decryption is followed at all times. We cannot accept any responsibility for unauthorised access by a third party or for the loss, theft or modification of data while it is being sent to us by email. For security purposes we may monitor emails received or issued by us.
Changes to our Privacy Notice
We keep our privacy notice under regular review. This privacy notice was last updated in June 2019. We reserve the right to update this privacy notice at any time.
Third Financial, ‘we’ or ‘us’
Third Financial, a limited company incorporated in England and Wales, registration number 09588254. Our registered offices are at Birchin Court, 20 Birchin Lane, London, EC3V9DU.
User or you
Any third party that may access the website who is not an employee or contractor of Third Financial.
All the information provided by you via website contact forms, email submissions, comments on blogs and news and via any other method available on our website.
A cookie is a text file that we might place on your computer when you use this website. The website will then use this file to store information in order to improve user experience, track information about your visit, or for functional purposes. More information about the types of cookies used on this website is in the Cookies clause below.
Data Protection Laws
Any laws that apply to the protection of your personal data including the Directive 96/46/EC (Data Protection Directive) and also the GDPR for as long as it is applicable in the UK.
The General Data Protection Regulation (EU) 2016/679.
Refers to the Privacy and Electronic Communication (EC Directive) Regulations 2003 and as amended by the Privacy and Electronic Communication Regulations 2011.
Includes companies, agencies, firms, individuals, government entities, trusts, charities, partnerships and any other organisation.
Third Financial is the data controller and we will define how your data is used and will endeavour to update this document to ensure it is accurate.
WHAT DATA DO WE COLLECT ON THIS WEBSITE?
We may collect the following information from you on this website:
HOW DO WE COLLECT THIS INFORMATION?
We will collect your data in a number of ways:
Data you may give to us via web forms that you complete.
Data that you may send to us via email to addresses listed on our website.
Data that we collect automatically.
WHAT DATA IS COLLECTED AUTOMATICALLY?
When you use this website we may do the following:
Automatically collect information about how you use the website. We use this information to help us to improve the website and we may collect your IP address, the date and time of each visit, pages visited and how you interact with the website’s content.
Automatically collect information using cookies. We will do this in line with the settings you’ve applied for cookie usage in your web browser. We detail the cookies we use on this website in the section below entitled ‘cookies’.
HOW WILL WE USE YOUR DATA?
We may use the information that you provide us from time to time to improve our services and website user experience. We may also use it for:
Internal record keeping.
To send you email marketing, should you have opted-in to this.
To contact you, if you requested that we should do so.
We may retain your data if we deem it necessary for legitimate interests. You are entitled to object to this, if you do, please contact the data processor (detailed below) and we will update or delete your records.
HOW DO WE KEEP YOUR DATA SECURE?
We take data security very seriously. We will take the following safeguards:
Access to your account (if you have one) will be controlled by a unique username and password.
We only use secure servers to store data.
WHAT ABOUT DATA BREACHES?
We have organisational processes in place to deal with any suspected data breaches. If you suspect that your data is being misused or has been lost, please contact us immediately on firstname.lastname@example.org.
You should always take the necessary steps to ensure that your data is safe in your own device. You need to protect your device for viruses and malware to reduce the chances of identity or data theft. More information is provided on the HM Government website www.getsafeonline.org
HOW LONG WILL YOU KEEP MY DATA?
Please note that even if we delete your data, we may be required to keep it in an archive for legal, tax or regulatory purposes as governed by UK law.
WHAT ARE MY RIGHTS?
According to UK law, you have the following rights relating to your data:
Right to access
You have the right to request copies of the data we hold about you at any time, or to request that we modify or delete this data. We will not charge you to provide you with the information we hold about you unless your request is “manifestly unfounded or excessive”. Where legal, we may refuse your request, but we will tell you the reasons for the refusal.
Right to correct
You have the right to request that your data is rectified if it is inaccurate or incomplete.
Right to erase
You have the right to request that your data is deleted and removed from our system.
Right to restrict our use of your data
You have the right to block us from using your data or restrict the way we use it.
Right to data portability
You have the right to request that we move, copy or transfer your data.
Right to object
You have the right to object to our use of your data including use for legitimate interest.
HOW CAN I EXERCISE THESE RIGHTS?
To exercise any of the above rights, please get in touch with us: email@example.com.
If you are not satisfied with how we handle your request, you may refer your complaint to the relevant data protection authority. In the UK this would be the Information Commissioner’s Office: http://ico.org.uk
We ask that you let us know if you’ve updated your contact details so that we can keep your data up to date during the period in which we hold it.
Our website may place cookies on your computer to help us to improve the experience of using the website. We have carefully selected only the essential cookies and have taken all the necessary steps to ensure that your privacy is protected and respected.
All cookies used on this website are governed by the current UK and EU cookie laws.
We may use the following cookies:
We use some cookies to ensure that our website operates as we intend it to. These include, for example, any cookies that enable you to log into secure areas, use shopping carts etc.
We have listed the cookies we use in the Cookie Schedule below.
You should ensure that your web browser is up to date and using the latest version of the software.
More information about cookies can be found at http://aboutcookies.org
WHAT ELSE DO I NEED TO KNOW?
You cannot transfer your rights to any other person or organisation. We may transfer our rights where we do not believe that this affects your rights.
We may change this policy as we see fit, without any prior notice. You will be deemed to have accepted any further changes when you accept the policy on initial use.
This policy is an agreement that is governed by and interpreted according to UK law. All disputes arising are to be held under the exclusive jurisdiction of UK courts.
You may contact us by email at firstname.lastname@example.org.
Here is a list of the cookies that we use on this website.
If you believe we have missed any, please get in touch.
Cookie to track acceptance of cookies and dismissal of cookie notice.
If you have a login for the website, you will have a session cookie.
Google Analytics cookies to track your use of the website:
_ga - expiry: 2 years - Used to distinguish users.
_gid - expiry: 24 hours - Used to distinguish users.
_gat - expiry: 1 minute - Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
AMP_TOKEN - expiry: 30 seconds to 1 year - Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.
_gac_<property-id> - expiry: 90 days - Contains campaign-related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
How to contact us
If you have any questions about our privacy notice or the information we hold about you please contact us by post at the address below:
Data Protection Officer
20 Birchin Lane