Waymark Financial is committed to protecting the individual privacy rights and choices of all our clients, visitors to our site and the personal information you share with us.
Our Privacy Notice contains important information about the types of personal information we collect and process; what we do with it; who we may share it with and why; and your rights when it comes to the personal information you provide us with.
We may need to make changes to our Privacy Notice in line with regulatory requirements; so please check our website for updates from time to time. If there are significant changes such as where your personal data will be processed; we will contact you to let you know. This version of our Privacy Notice was last updated on 1st November 2021.
Who we are
We are Waymark Financial Limited, an Appointed Representative of Beaufort Financial Planning Ltd, which is a subsidiary of The Beaufort Group of Companies, registered in England & Wales. Company No: 07700260. Registered office: 107 Leadenhall Street London EC3A 4AF.
How to contact us
If you have any questions about our Privacy Notice or the information we collect or use about you, please contact:
Collecting your information
Depending on how you choose to interact with us, the information about you that we collect and process includes:
- Information about who you are – your name, date of birth, marital status, relationships with other people (where you have a joint policy or plan) and country of residence / citizenship
- Information about how to contact you – your home or correspondence address, telephone numbers and email addresses
- Financial information connected to your product or service with us – your bank account details, details of income, tax bands and liabilities, assets and other liabilities, quotes, claims histories, policies and schemes where relevant
- Information to uniquely identify you – government issued identification numbers such as your National Insurance Number
- Information about fraud or sanctions – as part of our regulatory obligations for combatting financial crime we may perform checks against fraud databases, sanctions’ lists (for politically exposed persons or their immediate family / close associations), or from other publicly available sources such as media outlets or social networking sites
- Information about your contact with us – audio-visual recordings of meetings, video or phone calls, emails / letters
- Information that is automatically collected, for example via cookies when you visit one of our websites (please see our section on cookies)
- Information classified as special category personal information relating to your health, marital or civil partnership status. This information will only be collected and used where it is needed to provide the products or services you have requested or to comply with our legal or regulatory obligations
- Information relating to vulnerabilities – health, life events, resilience, and capability when this has been provided by you as part of a discussion about your overall financial circumstances
- Information you may provide to us about other people such as joint applicants or beneficiaries for products or services you have with or through us
- Information on children for example where a child is named as a beneficiary on a policy taken out by a parent or guardian on their behalf. In these cases, we will collect and use only the information required to identify the child (such as their name, age, gender)
- Demographic information such as postcode, preferences and interests
- Marketing and communication preferences.
We may collect your personal information directly from you, or from a variety of sources, including:
- application forms for a product or service
- credit reference agencies
- recorded video or telephone conversations with your IFA or us
- emails or letters you send to us
- meetings with your IFA
- participating in research surveys or feedback forms to help us understand you better and improve our products and services
- our online services such as our website.
If you use one of our Financial Advisers, the information we collect and use will most likely have been provided by them on your behalf. We may also collect personal information on you from places such as business directories and other commercially or publicly available sources e.g. to verify your identity, to comply with our anti-money laundering and financial crime obligations, check or improve the information we hold (like your address) or to give better contact information if we are unable to contact you directly.
We take your privacy seriously and we will only ever collect and use information that is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only where:
- you have given us your permission [consent] to send you information about products and services offered by Waymark Financial and / or selected third parties we have chosen to work with which we believe may be of interest and benefit to you, or;
it is necessary to perform our contact with you to provide the products or services you have requested e.g. if you wish to take out any of the pensions, investments, mortgages, loans or insurances available through us. Typically to facilitate this we will require personal information including your name, address, date of birth, and financial details, or;
- it is necessary for us to meet our legal or regulatory obligations e.g. to send you Annual Review Letters or Statements, tell you about changes to Terms and Conditions or for the detection and prevention of fraud, or;
- it is in the legitimate interests of Waymark Financial so we can deliver appropriate information and guidance so you are aware of the options that will help you get the best outcome from your product or service as well as to better understand you and your needs so we can send you more relevant communications about the products you have with us and to develop new products and services;
- it’s in the legitimate interests of a third party e.g. sharing information with the providers of products or services you have chosen through us.
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our products or services. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- where we need to perform the contract we are about to enter into or have entered into with you
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
- where we need to comply with a legal or regulatory obligation such as anti-money laundering or combatting financial crime.
In order to process applications you choose to make through us, we may supply your personal information to credit reference agencies (CRAs) who will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.
For more information about CRAs, please visit https://www.experian.co.uk/crain/index.html or https://www.equifax.co.uk/ein.html
Click here (https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/ ) to find out more about the types of lawful basis that we will rely on to process your personal data.
We rely on consent as a legal basis for processing your personal data only in relation to sending third party or direct marketing communications to you. u have the right to withdraw consent to marketing at any time by contacting us.
We sometimes use systems to make automated decisions based on personal information we have – or are allowed to collect and use from others – about you. These automated decisions can affect the products, services or features we offer you now or in the future. We use automated decisions in the following ways:
- to tailor products and services e.g. placing you in groups with similar customers to make decisions about the products and services we may offer you to help meet your needs
- to design and enhance our online services to help meet your requirements for ongoing guidance and support.
For further information on your rights relating to automated decisions, please see the section on your individual rights.
We may share your information with third parties for the reasons outlined in ‘What we collect and use your information for.’ These third parties include:
- companies we have chosen to support us in the delivery of the products and services we offer to you and other customers e.g. research, consultancy or technology companies; or companies who can help us in our contact with you
- our Regulators and Supervisory Authority e.g. the Financial Conduct Authority (FCA), the Information Commissioner’s Office for the UK (the ICO)
- law enforcement, credit and identity check agencies for the detection and prevention of crime
- HM Revenue & Customs (HMRC) e.g. for the processing of tax relief on pension payments or the prevention of tax avoidance.
We will never sell your details to someone else. Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.
Our website may contain links to enable you to visit other websites of interest easily. Once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy notice. You should exercise caution and look at the privacy notice applicable to the website in question.
Processing, protecting and storing your information
The majority of your information is processed in the UK. However, some of your information may be processed by us or the third parties we work with outside of the UK, including countries such as the EEA, US and India.
Where your information is being processed outside of the UK, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK data privacy laws e.g. we will put in place legal agreements with our third party suppliers and do regular checks to ensure they meet these obligations.
Our security controls are aligned to industry standards and good practice; providing a controlled environment that effectively manages risks to the confidentiality, integrity and availability of your information.
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or processed in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection responsibilities.
Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees are trained to protect sensitive or confidential information when storing or transmitting data in any medium including electronically and must undertake annual refresher exercises on this.
We will keep your personal information where it is necessary to provide you with our products or services while you are a customer with us and where it is reasonably required for the purposes set out in this privacy notice. We are also subject to regulatory requirements to retain your data for specified minimum periods. These are, generally:
- Five years for investment business
- Three years for mortgage and insurance business
- Indefinitely for pension transfers and opt outs
We may also keep your information after this period but only where it is required to meet our legal, regulatory, tax or accounting obligations. For example, we are required to retain accurate records of your dealings with us to respond to any complaints, challenges, litigation or queries that you or others may raise in the future. Therefore, length of time we keep your information for these purposes will vary depending on the obligations we need to meet and can be viewed in our data retention policy.
You have several rights in relation to how Waymark Financial processes your information. They are:
The right to be informed You have a right to receive clear and easy to understand information on what personal information we have, why we have it and who we share it with. This can be found in our Privacy Notices.
The right of access You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR) by contacting us using the methods provided above in the ‘how to contact us‘ section.
The right to request that your personal information be rectified If you believe the personal information we hold about you is inaccurate or incomplete, you can request that it is corrected.
The right to request erasure You can ask for your information to be deleted or removed if there is not a compelling reason for Waymark Financial to continue to have it.
The right to restrict processing You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted. The right to data portability You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way. For example, if you were moving your pension to another pension provider.
The right to object You can object to Waymark Financial processing your personal information where: it’s based on our legitimate interests (including profiling); for direct marketing (including profiling); and if we were using it for scientific/historical research and statistics.
Rights related to automatic decision-making including profiling You have the right to ask Waymark Financial to:
- give you information about its processing of your personal information
- request human intervention or challenge a decision where processing is done solely by automated processes
- carry out regular checks to make sure that our automated decision-making and profiling processes are working as they should.
We would like to send you information about our products and services and those of other companies in our Group which may be of interest to you. If you have agreed to receive marketing information, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Group. If you no longer wish to be contacted for marketing purposes, please use the contact details at the top of this notice.
How to make a complaint
We will always strive to collect, use and safeguard your personal information in line with data protection laws, under the UK General Data protection Regulation (GDPR) and Data Protection Act 2018 (DPA18). If you do not believe we have handled your information as set out in our Privacy Notice, please write to us using the contact details above and we will do our utmost to make things right. If you are still unhappy, you can make a complaint to the Information Commissioner’s Office, who are the UK’s independent authority charged with upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals. You can contact them at: https://ico.org.uk/