Intrinsic Financial Services ("Intrinsic") it's Appointed Representatives ("AR") and the AR's Advisers are committed to complying with the Data Protection Act 1998. As a financial services intermediary Intrinsic based solely in the United Kingdom, our ARs and its Advisers will only process (i.e. collect, store and use) personal data in a manner that is compatible with the Data Protection Act 1998. This means that we will always strive to ensure that we handle personal data fairly and lawfully with justification.
Our aim is not to be intrusive by invading your privacy or to undertake any task which is irrelevant. Instead our aim is to ensure we collect information that is of the highest quality in terms of accuracy, relevance, adequacy and non excessiveness and which by all accounts is "fit for purpose".
Please see the frequently asked questions of our fair processing guidelines below.
Frequently asked questions
What is a Fair Processing Notice (FPN)?
To ensure that we process your personal data fairly and lawfully we are required to inform you:
- why we need your data
- how it will be used and
- who it will be shared with
This is the purpose of our Fair Processing Notice.
Intrinsic and our ARs are authorised by the Financial Conduct Authority (the details of which can be checked at (http://www.fsa.gov.uk/register/home.do) and we are required to counter the risk that we might be used to further financial crime. To do this we may use the information you give us and the information we hold about you to detect and prevent crime or fraud.
For the purposes of the Data Protection Act 1998, Intrinsic, our ARs and their Advisers are Data Controllers (the holder, user and processor) of the information. We will keep all information safe and secure.
How do we collect personal about you?
The information we collect about you comes from:
- information you have given us as part of the fact find process to allow your adviser to provide you with advice
- forms you have completed and given to us
- information that you have given us over the telephone
- letters and/or emails that you have sent to us
- details of any checks we have made to ensure the accuracy of the information we hold
What is personal data?
Personal data is defined as any data, which relates to a living individual who can be identified:
- from the information held, or
- from the information combined with any other information which is already in the possession of, or likely to come into the possession of, the person or organisation holding the information
Personal data also includes any expression of opinion about an individual, and any indication of the intentions of the data controller (i.e. Intrinsic and our ARs) or any other person in respect of the individual.
Examples of personal data include:
- Names and home address details
- National insurance number
- Bank account details
- Dates of birth
- Telephone numbers
- Email addresses
What is sensitive information?
Certain types of data are categorised as "sensitive personal data", for example:
- Racial or ethnic origin
- Physical or mental health/condition
- Sexual life
- Criminal offences (including alleged offences)
- Religious or other similar beliefs of a similar nature
What types of personal data do we handle?
In order to carry out our duties we (Intrinsic and our ARs) hold data in relation to:
- Personal details such as names, addresses, telephone numbers, email addresses
- Employment details
- Education and qualification history
- Financial details
- Racial or ethnic origin
- Medical information
- Offences (including alleged offences)
- Criminal proceedings, outcomes and sentences
- Licences or permits held
- Business activities of an individual
What is the purpose of holding data?
Intrinsic, it's ARs and their Advisers have notified the Information Commissioner that personal data will be held and used for the following purposes:
- Staff administration
- Advertising, marketing and public relations
- Provision of Financial Services & Advice
- Consultancy and Advisory Services
- Accounts and records
- Trading/Sharing of personal information
Whose personal data do we handle?
In order to carry out our duties as a financial services intermediary we handle personal data from a range of individuals. This includes:
- Private individuals
- Relatives, guardians and associates of the individual concerned
- Staff including volunteers, agents, temporary casual workers, members, self employed and other persons contracted to work on our behalf
- Complainants, correspondents and enquirers
- Advisers, consultants and other professional experts
- Former and potential members of staff, pensioners and beneficiaries
- Business or/other contacts
Whom may we share the information with?
We obtain and share personal data with a wide variety of sources, which include but are not limited to:
- Individuals themselves
- Relatives, guardians or associated people with the individual i.e. where there is a legal duty to
- Her majesty's Revenue and Customs (HMRC)
- Child Support Agency
- Ombudsman and other regulatory authorities
- Licensing authorities
- Financial institutions e.g. Banks, building societies, insurance and investment companies, pension providers
- Law enforcement agencies including the Police, the Serious Organised Crime Agency
- Third Party Data processors that work on behalf of Intrinsic, our ARs and their Advisers
Why do we share information?
There are a number of reasons why we share information. This can be due to:
- Current legislation and regulations which imply that we must
- We may have to comply with a Court Order
- For the purposes of keeping your personal data safe and secure
- You have consented to disclosure
Any disclosures of personal data are always made on case by case basis, using the personal data appropriate to the specific purpose and circumstances and with the necessary security controls in place.
Intrinsic, our ARs and their Advisers work closely with a number of financial institutions to provide financial advice and services to private individuals. In order to ensure we achieve this goal it may be necessary to share information with our partner third parties to:
- Arrange the financial services products recommended and applied for
- Check the accuracy of the data we hold
- Ensure we meet our statutory and regulatory legal obligations, including those related to diversity and equality of opportunity
- For law enforcement, regulation, licensing, criminal prosecution and court proceedings
- Recover money owed to Intrinsic, our ARs and their Advisers
- To provide more streamlined services through our partner third parties e.g. we may employ agencies to act on our behalf.
- To maintain the security and safekeeping of the personal data held
We will only use the data we hold to fulfil these functions efficiently and effectively. Information held is only shared with those agencies and bodies who have a "need to know basis".
Your personal data will not be used for any sales or marketing purposes outside of Intrinsic, our ARs and their Advisers and we will not pass your information onto third parties unless we have your consent to do so or we are required by law to do so e.g. for fraud or crime purposes.
How do we ensure the security of personal data?
Intrinsic, our ARs and their Advisers take the security of the personal data held very serious. We have data security procedures and an Information Security Policy to ensure we protect our manual and electronic data from accidental loss or misuse. We only permit access to information where there is a legitimate reason to do so.
What if the data we hold about you is incorrect?
It is important to us that the data we hold about you is accurate and up to date. If you are moving house or changing your name please contact Intrinsic, the AR or Adviser immediately so we can update our records. It is important to us that the data we hold about you is accurate and up to date. If you are moving house or changing your name please contact Intrinsic, the AR or Adviser immediately so we can update our records.
How long will my data be held?
In some instances the law sets the length of time information has to be kept, but in most cases we will use our discretion to ensure that we do not keep records outside of our normal business requirements i.e. providing a service to you. Your information will be only held for as long as necessary and will be disposed of in a secure manner when it is no longer needed.
Intrinsic applies minimum retention periods to specific records, which are specified in out retention guidelines.
Can I find out what information is held on me?
You can submit a data subject access request to see what information is held about you. All we ask is that you write to the relevant Data Controller (Intrinsic, our AR or its Adviser) and clearly specify the information you require.
All subject access requests require proof of ID and a £10 fee by cheque (which is the maximum we are allowed to charge).
Your cheque must be made payable to the Data Controller from whom you are making the request.
Upon receipt of your eligible request, a response will be sent to you within the statutory limit of 40 calendar days.
Am I entitled to all the information that is held about me?
Data subject access requests are subjected to the exemptions of the Data Protection Act 1998.
In some limited cases we may have to redact names or withhold information where it relates to:
- A third party or where the information has been provided in confidence
- The prevention and detection of fraud
- The catching or prosecution of offenders
- The assessment and collect of taxes and duties
- The ways benefit fraud is detected or prevented
- The health and safety of staff
- Where the disclosure of medical opinions may cause distress or serious harm to a person Of course we will try to provide you with as much information as possible.