Fairstone’s group of companies is a full-service wealth management house delivering integration led growth in the UK regulated landscape, combining market knowledge, specialist expertise and the very latest technology to produce the highest quality outcomes for our clients in a cost-effective manner. Our companies are registered as data controllers with the UK Information Commissioner’s Office with the registry numbers below:
Fairstone’s Data Protection Lead details are included in the “Contact us” section below.
We are committed to protecting and respecting your privacy whilst being transparent with you regarding how we process your data. We are a “data controller” which means we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this notice. It is important that you read this notice, so you are aware of how and why we use your personal data.
This privacy notice sets out the way in which the personal data you provide to us (and the data collected by us) is handled, stored and processed and directs you to more detailed privacy notices for different types of data processing carried out by us.
Separate privacy notices exist for staff employed by the Fairstone entities and these are made available separately to all staff members.
Your information may come to us from a number of different sources. You may provide it directly to us when using our services, it may be generated in the course of using those services or it may be publicly available information.
Information may be provided directly by you in some of the following circumstances:
Other examples of where Fairstone obtain your personal data from include:
Where personal data is provided to us by a third party, we will make sure that these third parties have provided you with appropriate privacy information on the sharing of this data with Fairstone and have a clear lawful reason for sharing this data. Where this is found not to be the case, we will make every effort to make sure you are aware that we are processing this information within a month. Where contacting you directly in relation to this is difficult to achieve, then we will ensure that our privacy notices clearly detail where this is happening.
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this notice.
More information on our current uses of data from different sources is detailed below.
This section describes how we use your information. Each purpose is described below with detail relating to:
| Purpose | To provide financial advice and services to clients whether these are corporate clients, mortgage and protection clients or retail clients and to complete transactions on their behalf. |
| Information | Data about your and your family’s circumstances including personal contact details such as name, title, addresses, telephone numbers and personal email addresses; date of birth; gender; personal circumstance such as marital status and dependents; next of kin; national insurance number; bank account details, payroll records and tax status information; salary, annual leave, pension and benefits information; financial circumstances and current policies; corporate information relevant to the transaction; employee, member and contractor details relevant to the transaction; copy of driving licence, passport, payslips, utility bills and bank statements; photographs; information about your health, including any medical condition, health and sickness records. |
| Source | Provided by individual as part of taking out financial services with Fairstone. |
| Legal Basis | For the performance of a contract or to take steps to enter into a contract with you. Any special categories data such as health data will be carried out with your explicit consent. |
| Purpose | In line with Financial Conduct Authority guidance, to ensure vulnerable clients are protected and firms consider vulnerable characteristics for product design, service, pre and post advice and complaints procedures. |
| Information | In addition to data collected for all Fairstone clients, this will include information on specific area of vulnerability in relation to health, lifestyle, resilience or capability factors and level of additional support required. This may include more sensitive information volunteered by you, as part of discussions around services or support requirements e.g. in relation to race, ethnicity, religious beliefs or sexual orientation. |
| Source | Based on information provided by the client, client family members or their representatives. |
| Legal Basis | As part of the legitimate interest of Fairstone in ensuring clients are effectively supported whilst being provided with financial services. Any special categories data such as health data in relation to supporting clients will be carried out with your explicit consent or that of your representative. |
| Purpose | In line with Anti Money Laundering legislation, to keep a register of beneficial owners i.e. individuals with a controlling interest in a privately held business and to carry out appropriate checks on individuals making payments to your account. |
| Information | Name, address, contact details, proof of ID, source of funds and financial/financial crime check results. |
| Source | Based on information provided by a Fairstone client in relation to any beneficial owner of their assets or individuals making payments to their account. |
| Legal Basis | Necessary for the compliance with a legal obligation, namely the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and for reasons of public interest in relation to suspicion of terrorist financing or money laundering. |
| Purpose | To provide appropriate advice to a legal firm who has sought guidance relating to financial products for a data subject who is party to legal proceedings in which the legal firm is involved, and where the data subject is not a client of Fairstone (such as pension sharing audits). |
| Information | Potentially any client data that may inform this assessment (see “As a Client of Fairstone’s” section). |
| Source | Based on information provided by the legal firm in relation to the relevant proceedings. |
| Legal Basis | As part of the legitimate interest of Fairstone in ensuring that its response to the legal firm is accurate and appropriate and to support processing of special categories data for the establishment, exercise or defence of legal claims. |
| Purpose | To deal with legal claims and on-going litigation cases. |
| Information | Names of individual involved in relevant legal matter and any relevant information in relation to that individual that may be relevant to the case. |
| Source | Providing by you as part of any on-going legal matter. |
| Legal Basis | Necessary for compliance with a legal obligation and for the establishment, exercise or defence of legal claims. |
| Purpose | To make checks with third party agencies to authenticate and verify your identity and to apply these checks to sanction lists for the purposes of meeting with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. |
| Information | Name, address, contact details and customer due diligence report (ID match and politically exposed person, sanction lists and global adverse media checks). ID matches will include the processing of sensitive biometric data from photographic images for ID verification purposes. |
| Source | Provided by you as part of being a client of Fairstone’s. |
| Legal Basis | Necessary for the compliance with a legal obligation, namely the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and for reasons of public interest in relation to suspicion of terrorist financing or money laundering. |
| Purpose | To send you email notifications you have specifically requested in relation to Fairstone’s services and communications such as newsletters and bulletins e.g. the Clearmoney magazine and budget/economic updates. To send you marketing communications relating to our business which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications). |
| Information | Email address, job title, organisation name, consent status for receiving marketing materials. |
| Source | Provided by you as part of accessing Fairstone services or attending Fairstone events. |
| Legal Basis | As part of the legitimate interests of Fairstone where information is sent in paper form, carried out in a way that balances the rights and interests of individuals against the legitimate interests of Fairstone. Based on explicit consent provided by you for this information to be sent to you in electronic form. |
| Purpose | To allow Fairstone to effectively deal with any enquiry or complaint you or others may have. |
| Information | Name, contact email and telephone number and nature of the enquiry or complaint. Personal data of complainants and respondents. |
| Source | Provided by you and others via our website, social media channels, telephone or in writing. Potentially provided by another organisation that we have contacted about a complaint you have made and who gives us your personal information in its response or a complainant may refer to you in their complaint correspondence. |
| Legal Basis | As part of the legitimate interests of Fairstone. This will only be carried out in a way that balances the rights and interests of individuals against the legitimate interests of Fairstone. |
| Purpose | To allow Fairstone to effectively run events, manage training and support internal staff training. To communicate with event and training attendees and with business contacts who have asked to be kept in touch with, for events and training. |
| Information | Name, job title, contact email and telephone number, postcode and nature of the event you are attending. Potentially some more sensitive information on health requirements should they be required e.g. for ensuring appropriate accessibility to events and dealing with dietary requirements. Photographic images taken at event. Recordings of consultations carried out via video conferencing. |
| Source | Provided by you via our website, via an event booking site, as part of a video consultation, telephone or in writing. |
| Legal Basis | As part of the legitimate interests of Fairstone in running events that may be of interest to you, with your explicit consent where any more sensitive special categories data may need to be collected, for use of photographs including your image and for recording video consultations. |
| Purpose | To allow Fairstone to respond to requests under the Data Protection Act for individuals to exercise their rights e.g. to access their own data, request erasure of data, object to processing etc. |
| Information | Name, contact email and telephone number, nature of data subject request and proof of ID where required to verify your identity. |
| Source | Provided by you via our website, social media channels, via email, telephone or in writing. |
| Legal Basis | Fairstone is legally obliged under the Data Protection Act to respond to data subject requests. |
| Purpose | To be able to assess any impact on individuals of a data breach involving personal data held on Fairstone systems or on third party systems. |
| Information | Any information relating to an individual that may have been breached. |
| Source | From any organisation or individual that may have reported this data breach to Fairstone. |
| Legal Basis | Fairstone is legally required under the Data Protection Act to respond to data breaches appropriately. |
| Purpose | To ensure appropriate financial management of on-going contracts with Fairstone suppliers including sending statements, invoices and payment reminders to you, and collecting payments from you. |
| Information | Suppliers name, email, contact numbers and financial documentation such as purchase order, invoices etc. |
| Source | Provided by the supplier organisation or generated by Fairstone. |
| Legal Basis | In order to manage the on-going contract with that supplier. |
| Purpose | To ensure appropriate system administration and troubleshooting of website issues, to track the pages you have visited in order to improve the quality of the site and to personalise the website experience. To keep track of and solve issues users are experiencing with our technology systems, personalising our website for you, enabling your use of the services available on our website, keeping our website secure and preventing fraud. |
| Information | User’s IP Address or the location of your computer or network on the internet and any individual’s data needed to deal with an internal system issue (where the issue is linked to that individual’s data). |
| Source | Automatically collected as part of using our website and via cookies on the website [See Cookies and our Website section below] and identified by Fairstone in managing specific IT issues. |
| Legal Basis | Explicit consent is sought for use of cookies when you access our website. Methods of turning off cookies can be found in our Cookies Policy section below. Ensuring our systems are working effectively and user issues can be resolved is part of our legitimate interests in running the organisation effectively. |
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as providing you with accurate financial advice), or we may be prevented from complying with our legal obligations (such as under the Money Laundering Regulations).
Fairstone is committed to only collecting the minimum personal data required in order to achieve the purposes highlighted above. It will continually review its data collection practices to ensure this continues to be the case and to ensure that data is deleted when no longer required for the specified purposes.
The UK General Data Protection Regulation includes certain provisions around how personal data can be used for:
This includes ensuring that individuals are made aware of this profiling, how decisions are made based on this and the consequences of these decisions.
In relation to automated decision making, we may need to carry out automated ID verification and financial checks as part of offering you the relevant service. In all cases you are entitled to challenge the decisions made by these automated means and request human intervention into this process.
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as is reasonably necessary for the purposes set out in this notice.
We may share your data with third parties to perform services on your behalf. Types of third parties who may have access to your personal data include:
We may disclose your personal information:
We will never sell or share your personal information with other organisations for their direct marketing purposes without your explicit consent. Except as provided in this policy, we will not provide your personal information to other third parties.
We require all third parties to respect the security of your personal data and to treat it in accordance with data protection laws. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Occasionally, in order to meet the purposes defined in this notice, we may need to transfer personal information you submit to us to countries or jurisdictions outside the UK.
In each case, we ensure that our suppliers provide adequate protection for the confidentiality and security of this information and the rights of data individuals in connection to the transfer of their personal data.
Specific safeguards exist to govern this sharing, including ensuring that these countries have adequate data protection provisions in place as agreed by the Information Commissioner’s Office or other additional safeguards are in place, most commonly implementing standard contractual clauses agreed by the European Data Protection Board and the ICO for international transfers within their contracts.
Fairstone is committed to processing and retaining data within established technological and physical controls in a transparent manner, as well as promoting and safeguarding the information rights of data subjects.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instruction and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Our website has security measures in place to protect against the loss, misuse or alteration of the information under our control. Whilst we have done everything we can to ensure security of data sent using our systems, any transmission of data is done so at your risk.
Our website fairstonegroup.co.uk is owned and operated by Fairstone Group Ltd. It includes hyperlinks to, and details of, third party websites over which we have no control. We are not responsible for, the privacy policies and practices of these third parties.
‘Cookies’ are used on almost every website. They are small text files that are saved on your computer to help the site perform a number of functions. We use cookies for several reasons such as allowing us to keep you secure when you are using forms, monitoring the number of people using our website and in helping us understand more about the way in which people use our website.
Cookies used by www.fairstonegroup.co.uk:
Do not
Do
Session cookies are stored on your computer and remain available for the duration of your visit to our website. When you close your browser, any session cookies that have been set will be automatically removed from your computer’s memory.
Persistent cookies are stored on your computer and remain there until they reach their expiration date or you choose to delete them. At this point, the browser will delete the cookie from your computer’s hard drive. Whilst the persistent cookie is present, the website that created it will have access to that cookie each time you return to that particular site.
We make use of both types of cookies in order to maximise the security of our services and to ensure you always get an optimal service from our site. We do not use cookies to track your use of the internet after leaving our website, nor do we store any information about you in cookies that others could read and understand.
Whether a cookie is ‘first’ or ‘third’ party refers to the website/service placing the cookie. First-party cookies are those set by us. Third-party cookies are cookies that are authorised by us but provided via one of our suppliers. In some limited cases, we may use our suppliers to manage some of these cookies for us, but we never allow any third party to use these cookies for their own purposes.
We use a system of classification developed by the International Chamber of Commerce. This allows us to classify the different types of cookies which we use on our website and provide you with more information about why we use them.
Strictly necessary cookies are cookies that are essential in providing specific services you have requested from us. For example:
Performance cookies aim to improve our website by collecting information about how you use our website. For example:
Functionality cookies will typically be set because of an action you have taken on our website but may also be set in the delivery of other services. For example:
Most web browsers allow you to manage cookies via the browser settings. For example, you may choose to delete existing cookies, prevent your browser from accepting new cookies, have the browser notify you when you receive a new cookie or disable cookies altogether.
More information on how to do this for different browsers can be found from the link below:
https://ico.org.uk/your-data-matters/online/cookies/
Blocking all cookies and deleting cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.
This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
Personal data that we process for any purpose will not be kept for longer than is necessary for that purpose. Different purposes will have different retention periods, and we will (for example) retain data about financial records longer than we would retain information for general enquiries.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Where we give you a recommendation, your information, along with supporting documentation will be retained indefinitely.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Notwithstanding the other provisions of this section, we will retain your personal data:
If you would like further details of how your personal data is retained by Fairstone, please contact us directly.
You have a number of rights under Data Protection law including:
If you would like to access your data or ask for your information to be updated, restricted or deleted or raise a general query or concern about the use of your personal information, you should contact the Data Protection Officer at the address below who will deal with your request promptly.
In writing to: Data Protection Officer, Fairstone Group Ltd, 8 Camberwell Way, Doxford International Business Park, Sunderland, SR3 3XN
By phone: 0191 519 6000
In the majority of cases, we will respond to your request within one month of receiving the necessary information required to deal with your request. We may ask you to supply appropriate evidence of your identity and any additional information to help us to deal with your request effectively.
There may be some exemptions to dealing with your rights as specified in Data Protection law, but we will ensure you are fully informed of this within a month of receiving your request.
Full information on your rights under the Data Protection Act can be found from the following link:
You can object to our use of your information in certain circumstances such as for profiling and for marketing purposes. You can unsubscribe to receiving marketing materials from Fairstone at any time and we will ensure that you are given the opportunity to opt out of receiving this type of information whenever we contact you in this way.
If you would like to object to marketing or any other uses of your data please contact the Data Protection Lead (see Contact Us section below).
If you are unhappy about the use of your personal data, then please contact us directly and we will try to resolve your concern. If you have a concern that cannot be resolved through discussion with us, these can also be raised with the Information Commissioner’s Office. More information can be found from the following link:
The information provided within this privacy notice can be made available in different formats including in printed form, different languages, child friendly notices and approaches that meet the need of the visually and hearing impaired.
Should you require this information in a different format, please contact the Data Protection Lead.
This privacy notice will be reviewed annually or sooner, should any new types of processing be identified or changes to current data protection legislation may mean changes are required. Any changes we may make to our privacy notice in the future will be posted on this page.
If you have any questions about our privacy notice, our use of personal data or if you wish to exercise your rights in respect of your personal information, please contact us by email at info@fairstone.co.uk.
Fairstone’s Data Protection Lead can be contacted using the contact details specified above or by writing to:
Data Protection Lead – Fairstone LLP, 8 Camberwell Way, Doxford International Business Park, Sunderland, SR3 3XN