Cobens a Trading Name of Astute Financial Management UK Limited is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to Data Protection. We have always had a robust and effective Data Protection programme in place which complies with existing law and abides by the Data Protection principles. However, we recognise our obligations in updating and expanding this programme to meet the demands of the GDPR legislation.
Cobens is dedicated to safeguarding the personal information under our remit and developing a Data Protection regime that is effective, fit for purpose and compliant with the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new Data Protection roles, policies, procedures, controls and measures to ensure ongoing compliance.
Information we collect and use
We collect personal data from you to the extent necessary to provide advice, administrative and management services and (subject to the provisions below), related marketing activities.
We may process your personal data and sensitive personal data for the following reasons:
• The administration, management and provision of advice in relation to financial services products;
• Our legitimate business processes and activities including internal audit, accounting, business planning and proposed and actual transactions (including joint ventures and disposals of business); and
• Compliance with legal (including dealing with claims), regulatory and other good governance obligations;
Any information which we receive fairly and lawfully relating to one of the above categories constitutes sensitive personal data. Examples of likely items which may contain sensitive personal data (although this is not an exhaustive list) are life insurance questionnaires, medical reports and SSP self-certification forms.
Please note that as with personal data, you have freedom of choice when it comes to your decision as to whether you provide us sensitive personal data. In addition to your right to request that we stop processing your personal data and sensitive personal data at any time, you have an opportunity at the end of this Notice to choose not to provide sensitive personal data to us at all.
Who might my personal data be shared with?
Your personal data will be made available for the purposes mentioned above and only to responsible management, human resources, accounting, audit, compliance, information technology and other corporate staff. It may also be made available to third parties providing relevant services to us, who provide us with certain support services, including regulatory support.
Certain personal data will also be reported to government authorities where required by law and for tax or other purposes. Personal data may also be released to external parties as required by legislation, or by legal process, as well as to companies you authorise us to release your personal data to. We will not sell your personal data to any third party.
How long we keep your information
We retain personal information we collect from you where we have an ongoing legitimate need to do so, for example:
• to provide you with a product or service you have requested us to provide,
• to perform our contractual obligations to you;
• to comply with applicable legal, tax or accounting requirements;
• to defend or manage any claims or complaints between us, you and any relevant third party including taking legal advice in respect of such claims in order to establish, exercise or defend our legal rights or such claims. This would include complaints and claims which you may bring against us or which are submitted to a court, regulatory authority or ombudsman.
When we have no ongoing legitimate need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
You have the right to request:
• information about how your personal data is processed
• a copy of that personal data
• that anything inaccurate in your personal data is corrected immediately
You can also:
• raise an objection about how your personal data is processed (see above)
• request that your personal data is erased if there is no longer a justification for it
• ask that the processing of your personal data is restricted in certain circumstances (and again)
Cookies are small text files that are downloaded to your device when you visit our websites. Cookies do lots of useful things from remembering your preferences to allowing us to monitor the performance of our website.
If you would like to contact us in relation to this privacy statement or if you have any other questions in respect of our processing of your personal information, please contact The Data Protection Officer on 0207 11 88 777 or in writing at 4th Floor Peek House, 20 Eastcheap, London, EC3M 1EB.