Contents

1 Why we collect data
2 How your data is protected
3 What data is collected
4 Sources of data
5 If you choose not to provide data
6 Advice to children
7 How your data is used
8 Anti-money laundering
9 Call recording
10 Mailing software
11 Google analytics
12 Cookies
13 Who we share your data with
14 Sending data outside of the European Economic Area (EEA)
15 Communication methods
16 Email encryption
17 Archiving data
18 Our retention periods
19 Your rights
20 Changes to our privacy policy
21 How to contact us

Paradigm Norton Financial Planning Ltd (‘Paradigm Norton’, ‘we’, ‘us’, or ‘our’) is committed to protecting your identity and the information you or others share about you.

The purpose of this privacy notice is to explain why Paradigm Norton collects personal data (‘data’) about you and how it is used.

1 Why we collect data

From our first contact with you, we start collecting data, with a view to entering into a contract to provide financial planning and/or tax planning. The data that we collect is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data, we would be unable to fulfil our contractual or regulatory obligations.

2 How your data is protected

As a firm regulated by the Financial Conduct Authority (FCA), we are governed by a strict code of conduct. We also adhere to internationally recognised data and cyber security standards.

3 What data is collected

Paradigm Norton aims to establish firm and clear goals for your future and this starts with us understanding what you are seeking to achieve. To help us do this we may ask you or other organisations to share data, which could include the following examples:

  • Personal information
    Your name, marital status, national insurance number, tax code, date of birth.
  • Contact details
    Your address, phone and email details and how you would prefer us to use them.
  • Financial details
    Your income and expenditure, savings, existing investments, goals and ambitions.
  • Family relationships
    Your partner and dependents.
  • Official documents
    A copy of your birth certificate, marriage certificate, drivers licence, passport, wills.
  • Your other advisers
    Solicitors, accountants, powers of attorney, trustees, beneficiaries.
  • Special categories of data
    Some data is particularly sensitive and has special treatment in law. In order for us to provide an effective financial planning service, we will often need to collect data that falls under this category, particularly in relation to health, and we will only collect or use this type of data if you explicitly consent to us doing so.

4 Sources of data

You

You are our primary source for your data. This is provided when you speak, write, email, text, or use our website. For example, communications may be formally recorded in documents created specifically for collection of data, e.g. fact finds, risk profiles & application forms or they could be recorded in telephone or meeting notes. In some circumstances we will voice record our meetings with you. We will always inform you that this is happening and request your permission before recording takes place.

Other organisations

Sometimes, it is necessary to obtain your data from other organisations. This will be so that we can better understand your personal and financial position, for example, contacting organisations where you have pension, investment or protection arrangements either arranged by us or by a previous financial planner, HMRC, Department for Work and Pensions or a previous tax adviser/accountant, or other organisations should regulations dictate such collection. In these situations, we will always make you aware of this contact. In addition, the organisation releasing your data will require your authority before it is provided. We consider this a necessary factor in fulfilling our contractual requirements to you.

Information you provide on others

During our discussions, you may provide data on people who will not be entering into a contract with us, but their data may be relevant to us providing you with best advice. Examples could be details of your partner, dependants or professional connections. Paradigm Norton will work on the basis that you have made the individual aware prior to discussing it with us. It is important to note that in these circumstances, we are required (where possible) to make those individuals aware so that they can be given the opportunity to decline, object, restrict or erase the use of their data. If they do, we may not be able to process their data.

When we receive data from other sources

Where we obtain data from other sources, you will have the same or equivalent rights to those set out under the individual’s rights section, with a few exceptions.

We will inform you where your data originated from and whether it came from publicly accessible sources, where we are required to do so.

We shall not be obliged to provide you with the data:

  • where you already have this data;
  • where we are subject to an obligation of professional secrecy prohibiting the disclosure of the data;
  • where disclosure would render impossible or severely impair the achievement of the reasons for which your data is to be processed, but in such cases we will do what we can to protect your rights and freedoms with respect to our processing of your data.

Client surveys

We may also collect data when you voluntarily complete client surveys or provide feedback to us.

5 If you choose not to provide data

We may need to collect data from you that is required by law, or to enter into or fulfil our contractual agreement with you. If you choose not to give us this information, it may prevent us from fulfilling our legal or contractual duties. This may mean that we cannot continue to provide you with advice or continue to manage your financial or tax planning arrangements.

6 Advice to children

We will never enter directly into a contract with a child but there may be occasions where our services are engaged for their benefit. We will require the consent of a legal guardian and our interaction will be with the legal guardian until the child reaches eighteen, or the term will be determined by a legal arrangement, whichever is the later. For example, trust, power of attorney, ward of court.

7 How your data is used

We will only use your personal data where the law allows us to in one or more of the following circumstances:

  • When we have your explicit consent to do so
  • Where we need to perform the contract we have entered into with you
  • Where we have a legal obligation
  • Where it is necessary for our legitimate interests (or those of a third party)

We may need to use your data to do the following:

  • To provide you with a fully comprehensive financial planning service which will typically include an annual planning meeting to review your circumstances and needs to ensure that our advice and recommendations remain suitable;
  • Provide personal tax compliance and business services to comply with annual taxation and corporate regulatory requirements, to carry out detailed reviews of your tax and/or business affairs and to provide you with suitable advice;
  • Comply with relevant ‘Know Your Client’ obligations and other requirements imposed by the appropriate regulatory bodies in the interests of combatting fraud, money-laundering and other criminal activities;
  • We may use systems that provide results based on the personal data that we enter, to assist us, for example, to create a lifetime cash flow plan for you, or measure your appetite for taking risk.
  • Respond to legal requests for information from regulatory bodies or pursuant to an order of any court or tribunal having relevant jurisdiction;
  • Comply with the requirements of regulatory bodies in respect of our professional business conduct, including participating in audits and reviews conducted by or on behalf of the FCA and maintaining records of transaction and customer histories;
  • Carrying out our own business and professional management, including maintaining adequate records so that we are able to fully respond to your queries, investigate and resolve complaints, prepare, verify and have audited our statutory accounts and complete our tax returns;
  • In the event of any legal proceedings in which you or we may be involved, investigate the basis for any claims and our or your position with respect to them, obtain legal advice, and defend, pursue or settle such legal proceedings to the best of our ability, including complying with relevant directions with respect to evidence and the production of documents.

8 Anti-money laundering

We have a regulatory requirement to ensure that our services are not being used for financial crime, and where possible we will use a credit referencing agency for this purpose. We will only share the necessary data required to conduct their search, which would normally be your full name, known address(es) and date of birth. Using this service allows us to confirm your identity, prevent financial crime, comply with regulations and fulfil our contract with you.

9 Call recording

All calls to and from our offices are recorded for regulatory purposes. They are required and may be used in the event of a complaint being raised and if required by law enforcement agencies. Please note that records will be available for at least five years.

10 Mailing software

We occasionally use mail software. Our communication will be of a generic nature, but the software collects information such as your email address, if the email was opened, how it was opened and what type of device was used e.g. mobile phone, tablet or PC.

11 Google analytics

Our websites uses Google Analytics which is a service provided by Google, Inc. This service uses cookies to help the website administrators analyse how users use our site. The information stored by the cookie about your use of the website (including your IP address) will be transmitted to and retained by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

12 Cookies

The Paradigm Norton website uses cookies which are small text files that are stored on your computer or in your browser. This helps us monitor how visitors use our site and allows us to provide the best experience for website users. The website does not store or capture personal information about you when you visit it, it merely records traffic information. This means information about all of our visitors is compiled collectively, for example the number of visits the website receives. This information is anonymous, and no individual visitor can be identified from it.

You can find out more about Cookies in our Cookie Policy.

You can disable and delete cookies by changing the appropriate setting within your browser’s ‘Help’, ‘Tools’ or ‘Settings’ menu. Please note that by disabling cookies you may not benefit from some of the features of our site. You can find out more about deleting or controlling cookies by visiting aboutcookies.org.

13 Who we share your data with

To deliver our services to you effectively, we may share your data with other organisations such as those that we engage for professional compliance, accountancy, regulatory or legal services, IT support, system and software providers, as well as product and platform providers that we use to arrange financial products for you.

Where other organisations are involved in processing your data, we will have a contract in place with them to ensure that the nature and purpose of the processing is clear; that they are subject to a duty of confidence in processing your data; they have sufficient safeguards in place; do not employ the services of any other company without our consent and that they will only act in accordance with our written instructions.

Where it is necessary for your personal data to be forwarded to another organisation, we will use appropriate security measures to protect your personal data in transit.

We will not share your information for marketing purposes with companies outside our group of companies.

14 Sending data outside of the European Economic Area (EEA)

The data we collect may be transferred to, and stored at, destinations outside of the European Economic Area (EEA) in the provision of services agreed to in your contract with us. If we do transfer your data outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. This could include:

  • countries that have been considered by the European Commission as having adequate privacy law.
  • Putting in place contracts with the recipient detailing how your data will be used and ensuring that they protect it to the same standards as if your data was being processed in the EEA.
  • Transferring your data to organisations that are covered as part of a Privacy Shield. These are frameworks that set privacy standards for transfer of data between the US and EU countries and Swiss and EU countries. These are voluntary codes of conduct that international companies adhere to.

15 Communication methods

From your initial contact with Paradigm Norton, you will be asked how you would prefer us to communicate with you, which could be by phone to your mobile, home or professional number, by text, email, post or online portal, along with giving you control over what you receive (where this is possible). This will also be confirmed within the engagement paperwork and can be changed, by you, at any time.

We may occasionally send you communications regarding significant events (e.g. volatile market movements, budget summaries, year-end tax planning articles, and changes in regulatory or legal requirements). We consider these provisions to be part of our contractual agreement with you.

Under data protection law, we will only process your data for purely marketing purposes if you provide your consent. If provided, it is easy to remove your consent at any time by clicking on unsubscribe or emailing us at [email protected].

16 Email encryption

We will encrypt email communication wherever possible. We enforce a Transport Layer Security (TLS) which is an encryption protocol for all email communications. This is used to protect data in transit between our computers and yours, providing privacy and data integrity.

Should your computer not support an encrypted connection, then the email will default to a less secure non-encrypted connection. However, most modern email services are capable of using TLS.

17 Archiving data

In addition to the reviews of data for accuracy and currency to be carried out, we will continually review data we are processing, and where in our opinion such data has ceased to be active data, we will archive it and process it only as archived data.

Access to archived data will be restricted to personnel having specific duties and training with respect to data protection law and this data will only be processed where necessary in response to legal proceedings or where a request is made by law enforcement bodies, e.g. police.

All storage of data whether active or archived, will be conducted in accordance with good industry practice and will incorporate appropriate organisational and technological measures.

18 Our retention periods

We will only keep your data for as long as it is necessary and will review it on a regular basis to ensure it is correctly recorded. At your annual planning meeting we will take the opportunity to share your most relevant information, e.g. personal, contact, family, income, expenditure and financial so that you can ensure our records are accurate.

The service we provide is long term financial planning, investment advice and tax planning which may include pensions, life assurance products and other tax planning structures, for example ISAs. As you would expect, we need to retain your data throughout our relationship but it is likely that we will need to retain your data when our contract ends and we are no longer providing you with financial or tax planning. The reason for retaining your data will be based on our business need or for legal or regulatory requirements. For example, we are required to hold pension transfer information indefinitely.

19 Your rights

Data protection law provides you with the following rights with respect to your data:

  • A right of access
    You may request that we confirm if we are processing your data, what that is, and a copy of the information included in the data.
  • A right to rectification
    You may request that we rectify any inaccurate and/or complete any incomplete personal data.
  • A right to erasure
    You may request that we erase your data and will delete any records that we no longer require and do not have a purpose to keep.
  • A right to restrict processing
    You may request that we restrict processing your data, which if applied, means that we could only resume processing your data when you provide consent to do so.
  • A right to data portability
    A right to have your data provided to another company in a way they can easily upload to their systems.
  • A right to object
    You may request that we stop processing your personal data.
  • A right to withdraw consent
    You may withdraw your consent if this has previously been requested.
  • A right to prevent processing for direct marketing
    You have a choice regarding whether you receive direct marketing.
  • A right to complain
    You can always contact us if you are not happy with any of the services we provide but data protection law also gives you the right to complain, with respect to any processing of your data and any breach of the above rights, to the relevant supervisory authority, who in the case of the United Kingdom is the Information Commissioner’s Office.
  • Information Commissioner’s Office
    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF
    Tel: 0303 123 1113 (local rate)
    Website: https://ico.org.uk/

    A right to a judicial remedy
    You have a right to claim compensation for damages caused by a breach of the Act.

    20 Changes to our privacy policy

    We keep our privacy policy under regular review. Any changes will be posted on this page and where appropriate, will be shared with you by email, post or portal. Please note that minor updates are not communicated as a matter of course.

    21 How to contact us

    Please contact us if you have any questions about our privacy policy or information we hold about you. Our contact details are: Paradigm Norton Financial Planning Limited, Paradigm House, Macrae Road, Ham Green, Bristol, BS20 0DD. Tel: 01275 370670. Email: [email protected]

    Last updated: 21st May 2018

    Bristol Office
    Paradigm House
    Macrae Road
    Ham Green
    Bristol
    BS20 0DD
    Tel: 01275 370 670
    Fax: 01275 370 671
    View map / directions
    Torquay Office
    Pomona House
    Oak View Close
    Edginswell Park
    Torquay
    TQ2 7FF
    Tel: 01803 618 318
    Fax: 01803 411 850
    View map / directions
    London Office
    140-142 St John Street
    London
    EC1V 4UB
    Tel: 020 7269 7960
    View map / directions

    © Paradigm Norton 2015

    Paradigm Norton Financial Planning Limited
    is authorised and regulated by
    the Financial Conduct Authority.

    Our FCA Register number is 455083
    Registered in England Reg. No 4220937
    VAT Reg. No 918550904

    Registered Address

    Paradigm House,
    Macrae Road,
    Ham Green,
    Bristol,
    BS20 0DD