Privacy Notice
Who We Are
We, Sound Financial Planning Limited are committed to protecting and respecting your privacy whilst being transparent with you regarding how we process your data. We are a “data controller” which means we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this notice. It is important that you read this notice, so you are aware of how and why we use your personal data. If you have any questions or queries, contact anna@soundfp.co.uk.
We may make changes to this notice from time to time and will notify you if any such changes are significant.
This notice applies to all companies within the Sound Financial Planning Limited Group as listed below:
-
Sound Financial Planning Limited Group
-
Sound Financial Planning Limited
-
Sound Financial Services LLP
The kind of information we hold about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We will collect, store, and use the following categories of personal information about you:
-
Personal contact details such as name, title, addresses, telephone numbers and personal email addresses
-
Date of birth
-
Gender
-
Personal circumstance such as marital status and dependants
-
Next of kin
-
National Insurance number
-
Bank account details, payroll records and tax status information
-
Salary, annual leave, pension and benefits information
-
Financial circumstances & current policies
-
Copy of driving licence, passport, payslips, utility bills and bank statements
We may also collect, store and use the following "special categories" of more sensitive personal information:
-
Information about your health, including any medical condition, health and sickness records
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
How is your information collected?
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances, where:
-
we need to perform the contract we have entered into with you
-
we need to comply with a legal obligation
-
it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
-
we have your consent
Primarily, we use your data and data about your family’s circumstances to provide financial advice to you and complete transactions on your behalf. We analyse and assess your data to maintain and develop our relationship with you and meet our contractual obligations to you as detailed in our client agreement.
Who is your information shared with?
Other professional service providers: depending on the instructions we receive from you, we may pass your data to other professionals to enable us to provide advice most suited to your circumstances. We will always notify you if we are going to share your information in this way and these professionals would all be based within the UK.
Usually, this would be referrals to accountants, solicitors, tax advisers and sometimes to specialist advisers in the financial and insurance industry where you may benefit from the expertise of such third parties. We, and any third-party specialist advisers to whom we introduce you, will pass your data to the relevant organisations if you agree to purchase or amend policies and products.
The Financial Conduct Authority: We may be required to share your data with our regulator, the Financial Conduct Authority, or the Financial Ombudsman and other third parties including our auditors or insurers.
ID authentication agencies: We will make checks with third party agencies to authenticate and verify your identity such as SanctionSearch. These checks will also be applied to sanction lists. Any personal data obtained for the purposes of meeting with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 will only be processed for the purposes of preventing money laundering or terrorist financing, unless the use of the data is permitted by or under another enactment other than those regulations, or otherwise where consent has been obtained from you.
Insurance / mortgage providers: We also make checks with organisations with which you have policies of insurance and investments and with your mortgage provider. These checks are to help us with our legal obligations and to ensure that we provide you with advice that suits your circumstances. The scope and extent of the gathering of information from third parties depends on what type of service you are taking from us.
Purchasers / investors: We may share your information with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets or who are stakeholders or investors in our business. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with data protection laws. We do not allow our third –party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
If you fail to provide personal information
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as providing you with accurate financial advice), or we may be prevented from complying with our legal obligations (such as under the Money Laundering Regulations).
Chang of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Data Security and storage
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instruction, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Your information will not be transferred or stored outside of the European Economic Area. We will only transfer or store your information outside the European Economic Area in compliance with Article V of the General Data Protection Regulation.
Use of Artificial Intelligence (AI) in Service Delivery
AI Integration
We may use Artificial Intelligence (AI) technologies as part of our service delivery to enhance efficiency, accuracy, and personalisation. These technologies may assist in areas such as data analysis, client communications, and risk assessment.
Client Data and AI
All data processing conducted by AI is done in accordance with our data protection policies and applicable legal and regulatory requirements. We ensure that AI-driven decisions are reviewed and validated by our qualified professionals.
Transparency and Accountability
We are committed to maintaining transparency about when and how AI is used in your service.
Limitations and Risks
While AI technologies enhance our services, they have limitations and inherent risks, such as potential biases or errors in data processing. We take steps to mitigate these risks, but clients should be aware that no AI system is infallible.
Client Consent
By becoming a client, you acknowledge and consent to the use of AI technologies as described above. Should you have any concerns or prefer not to have your data processed by AI, please inform us so we can discuss alternative arrangements.
Data Retention
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Where we give you a recommendation, your information, along with supporting documentation will be retained indefinitely.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Your rights in relation to your personal information
Under certain circumstances, by law you have the right to:
-
Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
-
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
-
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
-
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
-
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
-
Request the transfer of your personal information to another party.
How to contact us
If you would like to access your data or ask for your information to be updated, restricted or deleted or raise a general query or concern about the use of your personal information, you should contact the Data Protection Officer at the address below who will deal with your request promptly.
In writing to: Data Protection Officer, Sound Financial Planning Limited, Phoenix House, Christopher Martin Road, Basildon, Essex, SS14 3EZ
By telephone: 01268 567 567
If you continue to have any concerns around how we use your information, you can contact the Information Commissioners Office online: ico.org.uk/concerns/