[googletagmanager.com]

Privacy Policy

As Partners within the St. James’s Place Wealth Management Partnership, we provide personal, face to face wealth management advisory services to St. James’s Place clients. St. James’s Place acts as principal to the Partnership, and ensures that any wealth management services that we provide to you are delivered in accordance with the applicable regulatory requirements. St. James Place is also responsible for managing any complaints made by you in respect of the services we  provide.

This Privacy Policy  explains when and why we collect your personal information as part of our provision of wealth management services, and also explains how we use your information. If requested, we will provide you with a copy of this Privacy Policy  for your records.

“We”, “Us” “Our” refers to the Partner named on this website.

Where St. James’s Place uses your personal data, for example by conducting audits of Partners and dealing with any complaints that you may have, this will be governed by St James’s Place Privacy Policy. The St. James’s Place Privacy Policy can be found https://www.sjp.co.uk/site-services/privacy

About us

In order for us to deliver such financial services and deal with any correspondence that may arise, we  need to collect and process personal information.  This makes us a “data controller”.

Cleeve Financial Planning on this website will be acting as data controller of your personal information, jointly with St. James’s Place Wealth Management.

Our processing of your personal information

Depending on our relationship with you (whether you are a prospective or existing client or a business partner), we  will collect and use different personal information about you for different reasons.

Sometimes we will request or receive “special categories of personal information” (which is information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, and trade union membership). For example in order to better understand your current and potential future circumstances and recommend appropriate financial investments, we  may need access to information about your health. Details about your health might also be needed for us to make reasonable adjustments when providing our services to you.

We also use details of any unspent criminal convictions for fraud prevention purposes. Where you provide personal information to us about other individuals (for example, members of your family or other dependents) we will also be data controller of their personal information and responsible for protecting their personal information and using it appropriately. This notice will therefore apply to those individuals and you should refer them to this notice. In order to make this notice as user friendly as possible, we  have split it into different sections. Please click on the section below that best describes your relationship with us.

Prospective clients

This section will apply if you are a prospective client and we  will need certain information about you to carry out pre-client identification and compliance checks and to set you up as a client on the St. James’s Place client relationship management system.

What personal information may we collect?

General information such as your name, address, phone numbers and email addresses, date of birth and gender.

Identification information including passport, driving licence, national identity card (for non-UK nationals), government issued ID verification and address verification documents such as council tax letters, bank statements and evidence of benefit entitlement.

Employment information such as job title, employment history and professional accreditations.

Financial information:

o Bank details

o Financial reviews (fact finds)

o Information relating to your personal finances such as your financial liabilities and assets, income and outgoings

o Information obtained from carrying out identification checks and checking sanction lists and politically exposed persons (PEP) screening, including bankruptcy orders.

Information relevant to the services we provide such as:

o previous and current investments

o information about your lifestyle

o attitude to investment risk

o existing plan details

o objectives

o copies of your will

o information about any trusts you have

Information about your family including information about your dependants.

Information such as IP address and browsing history obtained through our use of cookies.

You can find more information about this in our cookies policy in section 7 below.

Information obtained during telephone recordings.

Information we may have gather from publicly available sources such as the electoral roll, internet search engines and social media sites such as LinkedIn where you have been flagged as a PEP and we need to carry out enhanced due diligence.

What special categories of personal information may we collect?

  • Details about any criminal convictions and any related information which have been obtained from our sanctions checks and PEP screening. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
  • We may collect details about your health which are relevant to your application (e.g. as part of a pension or income protection need we may ask you about any medical conditions that affect you to establish whether you are deemed to be a vulnerable client) or where you have disclosed such information to us because it explains your risk appetite for investments.
  • In limited circumstances, we may also collect other special categories of data as detailed on a separate consent form.

How will we  collect your personal information?

We will collect information directly from you when:

  • you enquire about or apply to receive our wealth management services; and
  • you  contact   us   by    email,  telephone   and   through   other   written  and   verbal communications.

We will also collect your personal information from:

  • Publicly available  sources  such  as  the  electoral  roll,  court judgments, insolvency registers, internet search engines and social media sites.
  • St. James’s Place group companies who will process your personal data in accordance with their Privacy Policy  which can be found at www.sjp.co.uk/site-services/privacy

What will we use your personal information for?

There are a number of reasons we  use your personal information and for each use we  need to have a “lawful basis” to do so.

We will rely on the following “Lawful Basis” when we  process your “personal information”:

  • We need to use your personal information to enter into the client agreement, for example, we  need to use your personal information to assess whether we can provide services to you and to set you up as a client on the St. James’s Place client relationship management system.
  • We  have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of  our dealings  with you and  we  are required to report to St. James’s Place on our relationship with you.
  • We have a valid business reason to use your personal information and which is necessary for our everyday business operations and  activities,  for  example to keep  records  of investments and the reasoning behind such investments, to maintain business records, to carry out due diligence, to review our business models and undertake strategic and operational business analysis.

In each case we  assess our need to use this personal information  for  these purposes against your rights to privacy to ensure we  are protecting your rights.

When we  use your “special categories of personal information”, we  must have an additional “lawful basis” and we  will rely on the following lawful basis in these circumstances:

  • You  have  given your explicit consent to our use of  your special categories  of  personal information.   In  some cases we   are  not  able  to  offer you certain advice or  financial products unless we  have your health information.
  • There is a substantial public interest such as prevention and detection of fraud.
  • We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
  • It is in the substantial public interest to comply with regulatory requirements  relating to unlawful  acts  and  dishonesty – such as  carrying out fraud,  credit and  anti-money laundering checks
3Purpose for processing Lawful Basis for using your personal information Lawful Basis for using your  special categories of personal information
To verify  your information.It is necessary toYou have given us your explicit
 enter into or perform consent.
 your clientIt is in the substantial public
 agreement. interest to prevent or detect
We have a valid unlawful acts (where we
 business reason (to suspect fraud).
 verify  your identity).We need to establish, exercise
   or defend legal rights.
To comply with our legalWe need to use yourWe need to use your
or regulatory obligations. information in order information in order to
  to comply with our establish, exercise or defend
  legal obligations. legal rights.
   It is in the substantial public
    interest to prevent or detect
    unlawful acts (where we
    suspect fraud).
To set you up as a clientIt is necessary toYou have given us your explicit
on client relationship enter into or perform consent.
1Existing clients
2This section will apply if you currently receive wealth management services from us. This section will set out how we  use your information. What personal information may we  collect?
3General information such as your name, address, phone numbers and email addresses,
 date of birth and gender.
Identification  information  including  passport,  driving licence, national  identity  card (for
 non-UK nationals), government issued ID verification and address verification documents
 such as council tax letters or bank statement and evidence of benefit entitlement.
Employment   information   such  as  job   title,   employment  history   and  professional
  accreditations.
 Financial information:
  o  Bank details
  o  Financial reviews (fact finds)
  o  Information relating to your personal finances such as your financial liabilities and
  assets, income and outgoings
 Information obtained from carrying out identification checks and checking sanction lists
  and politically exposed persons (PEP) screening, including bankruptcy orders or where you
  have been flagged as a PEP.
 Information relevant to the services we  provide, such as:
  o  previous and current investments
  o  information about your lifestyle
  o  attitude to investment risk
  o  existing plan details
  o  objectives
  o  copies of your will
  o  information about any trusts you have
 Information contained in client review meeting records and file notes
 Information  contained in  any records held by  previous  independent financial  advisers
  (otherwise known as IFAs) with whom you were previously a client and which have been
  transferred to us when that IFA was acquired by St. James’s Place group companies.
 Information about your family including information about your dependants.
 Information obtained during telephone recordings where applicable.
 Information such as IP address and browsing history obtained through our use of cookies.
  You can find more information about this in our cookies policy in section 7 below.
 Your marketing preferences and details of your customer experience with us.
 Information which we have gathered from publicly available sources such as the electoral
  roll, internet search engines and social media sites where you have been flagged as a PEP
  and we  need to carry out enhanced due diligence.
2What special categories of information will we  collect?
3Details about any criminal  convictions and any related information  which have been
 obtained from  our sanctions  checks  and PEP  screening. This  will  include information
 relating to any offences or alleged offences you have committed or any court sentences
  which you are subject to.
 We  may collect details about your health which are relevant to your application (e.g. as
  part of a pension need we  may ask you about any medical conditions that affect you to
  establish whether you are deemed to be a vulnerable client or where we  are applying for
  income protection insurance we  will need to ask you about any medical conditions and
  information about lifestyle choices such as whether you drink  alcohol or smoke so that
  appropriate insurance can be obtained) or  where you have disclosed such information
  to us because it explains your risk appetite for investments.
 In limited circumstances, we may also collect other special categories of data as detailed
  on a separate consent form.
2How will we  collect your personal information?
 We will collect information directly from you when:
 •    you register to  receive  our services and  complete  and  return to us all  applicable
 application forms; and
 •    you  contact   us   by    email,  telephone   and   through   other   written  and   verbal
 communications.
 We will also collect your personal information from:
 •    Publicly available sources such as the electoral roll, court judgments, insolvency registers,
 internet search engines and social media sites.
 •    Any records held by  previous  independent financial advisers (otherwise known as IFAs)
 with whom you were previously a client and any advisers of  that IFA which have been
 transferred to us when that IFA was acquired by St. James’s Place group companies.
 •    St. James’s Place group companies.
 •    Third parties such as Experian who provide anti money laundering and fraud prevention
 services  who we   have  appointed  to carry out electronic ID checks,  sanctions and
 politically exposed persons checking services.
2What will we use your personal information for?       There are a number of reasons we  use your personal information and for each use we  need to have a “lawful basis” to do so.     We will rely on the following “Lawful Basis” when we  process your “personal information”:

our services, to arrange and implement recommendations, review your ongoing suitability of current arrangements and handle claims.

•    We  have a legal or regulatory obligation to use such personal information. For example,

our regulators require us to hold certain records of our dealings with you.

•    We have a valid business reason to use your personal information which is necessary for our  everyday business  operations  and  activities,  for   example  to  keep  records  of investments and the reasoning behind such investments, to maintain business records, to carry out due diligence, to review our business models and undertake strategic and operational business analysis.

In each case we  assess our need to use this personal information  for  these purposes against your rights to privacy to ensure we  are protecting your rights.

When we  use your “special categories of personal information”, we  must have an additional

“lawful basis” and we  will rely on the following Lawful Basis in these circumstances:

•    You  have  given your explicit consent to our use of  your special categories  of  personal information.   In  some cases we   are  not  able  to  offer you certain advice or  financial products unless we  have your relevant health information.

•    There is a substantial public interest such as prevention and detection of fraud.

•    We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal

proceedings ourselves.

3Purpose for processing Lawful Basis for using your personal information Lawful Basis for using your special categories of personal information
To carry out identificationIt is necessary to enter intoIt is in the substantial public
checks and checks your client agreement. interest to prevent or
against sanction lists andWe have a valid business detect unlawful acts
politically exposed reason (to carry out (where we suspect fraud).
persons (PEP) screening necessary complianceWe need to establish,
  checks). exercise or defend legal
 We have a legal and rights.
  regulatory obligation.You have given us your
    explicit consent.
To verify  your informationIt is necessary to enter intoYou have given us your
throughout the course of or perform your client explicit consent.
our services. agreement.It is in the substantial public
 We have a legal and interest to prevent or
  regulatory obligation. detect unlawful acts
 We have a valid business (where we suspect fraud).
  reason (to verify yourWe need to establish,
  identity and to undertake exercise or defend legal
  client due diligence rights.
  throughout the course of  
  our relationship).  
To set you up as a clientIt is necessary to enter intoYou have given us your
on the St. James’s Place or perform your client explicit consent.
client relationship agreement.It is in the substantial public
management systemWe have a valid business interest to prevent or
and to communicate reason (to establish you detect unlawful acts
with you in respect of as a client). (where we suspect fraud).
your service preferences.    
To provide services inIt is necessary to enter intoYou have given us your
accordance with your or perform your client explicit consent.
client agreement. agreement.We need to use your
 We have a valid business information in order to
  reason (to ensure that we establish, exercise or
  fulfil our contractual defend legal rights.
  obligations to clients).  
To arrange andIt is necessary to enter intoYou have given us your
implement any of our or perform your client explicit consent.
recommendations e.g. agreement.We need to use your
investing into certainWe have a valid business information in order to
funds or arranging a reason (to ensure that we establish, exercise or
product or insurancefulfil our contractualdefend legal rights.
policy for you.obligations to clients).
To carry out annualIt is necessary to enter intoYou have given us your
reviews and reviews of or perform your client explicit consent.
ongoing suitability of your agreement.We need to use your
current arrangementsWe have a valid business information in order to
  reason (to ensure that we establish, exercise or
  are providing appropriate defend legal rights.
  services according to your  
  circumstances).  
To prevent andIt is necessary to enter intoWe have a substantial
investigate fraud. or perform your client public interest to prevent
  agreement. fraud
 We have a valid businessWe need to use your
  reason (to prevent and information in order to
  detect fraud and other establish, exercise or
  financial crime). defend legal rights.
To comply with our legalWe need to use yourWe need to use your
or regulatory obligations. information in order to information in order to
  comply with our legal establish, exercise or
  obligations. defend legal rights.
   It is in the substantial public
    interest to prevent or
    detect unlawful acts
    (where we suspect fraud).
To communicate withIt is necessary to enter intoWe need to use your
you and resolve any or perform your client information in order to
complaints that you agreement. establish, exercise or
might have.We have a valid business defend legal rights.
  reason (to communicate  
  with you, record and  
                                    To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys). For business purposes and activities including maintaining business records, file keeping and strategic business planning. To apply for and claim on our own insurance.                •investigate complaints and ensure that complaints are handled appropriately). We need to use your information in order to comply with our legal and regulatory obligations.  
We have a valid business reason (to develop and improve the products and services we  offer).You have given us your explicit consent.
We have a valid business reason (to run our business efficiently and effectively)•       •You have given us your explicit consent. We need to use your information in order to establish, exercise or defend legal rights.
We have a valid business reason (to maintain appropriate insurance)We need to use your information in order to establish, exercise or defend legal rights.
To provide marketingYou have given us yourNot applicable
information where you explicit consent.  
have provided your    
consent.    
To provide marketingWe have a valid businessNot applicable
information by post, by reason (to send you  
telephone and in other selected communications  
circumstances where we about other products and  
don’t require your services we  offer)  
consent.    
2Who will we  share your personal information with?
3We will not sell or transfer your personal information to anyone unless we  have a valid purpose as set out above and we  will only disclose it to the following parties: •    Other Partners within the Partnership to provide specialist services where we  do not have   the authorisation to carry out certain activities such as high risk investments and you shall deal directly with that Partner for that specific advice. •    Third parties who provide a service in relation to the management of your investments or   facilitate  the arrangement  of  products we   recommend such as  product providers, portfolio and fund managers, insurers where you are buying income protection products. Where we have shared your personal information with these third parties, they will also be a data controller and responsible for how they use your personal information. Their uses of your personal information will be governed by  their own fair processing notices. •    St. James’s Place group companies who will process your personal data in accordance   with their Privacy Policy  which can be found www.sjp.co.uk/site-services/privacy   •    Third parties who provide sanctions checking services including Experian.   •    Compliance consultants including the Consulting Consortium   •    Financial crime and fraud detection agencies.   •    Our regulators including the Financial Conduct Authority and the Financial Ombudsman   Service.   •    Selected third parties in connection with any sale, transfer or disposal of our business.   •    Our insurers.   •    The police, HMRC and other crime prevention and detection agencies. Third parties and self-employed contractors who we  have entered into contractual arrangements with to provide services we  need to carry out our everyday business activities such as business administration,  partner  support specialists  who assist  us  with day  to  day  business operations, document management providers, back office system providers, secure login

and  email   providers,  storage  warehouses,   IT   suppliers,   actuaries,   auditors,   lawyers, outsourced  business process  management  providers,   our subcontractors  and  tax

advisers.

1Clients’ family members, business associates or beneficiaries
2This section will apply if your personal information has been provided to us by a client to explain their lifestyle and approach to investments and wealth management (for example if you are a spouse or partner, dependant mentioned in a will or trust document, another beneficiary a business partner) and will set out how we  use your information. What personal information may we  collect?
3General information such as your name, address, phone numbers and email addresses,
 date of birth and gender.
Your relationship to our client.
Financial information relating to your financial liabilities, such as a property portfolio which
 is owned jointly between you and our client.
Any information which is relevant to the services we  provide for our client.
2What special categories of personal information may we collect?
3We may collect details about your physical and mental health which are relevant to your
 the services we  provide for our client (for example where you are the client’s partner and
 you have a medical condition which means that you are unable to work and therefore our
 client has a higher need for investment return and a lower risk appetite).
Information  contained in  any records held by  previous  independent financial  advisers
 (otherwise known  as IFAs)  with whom  your family member  or business associate  was
 previously a client and which have been transferred to us when that IFA was acquired by
 St. James’s Place group companies.
In limited  circumstances,  we  may also collect information  concerning  your sex life  or
 sexual orientation for example where you are in a civil partnership with our client.
2How will we  collect your personal information?
3Directly from our client.
From  documents directly provided  to us by  our client,  such as wills or  trust documents
 where you are listed as a dependant  or employment related documents and you are
 listed as a business partner of our client.

15

 From any records held by  previous independent financial advisers (otherwise known as
  IFAs) with whom your family member or  business associate was previously a client and
  from  any advisers of  that IFA  which have been transferred  to us when that IFA  was
  acquired by  St. James’s Place group companies.
 St. James’s Place group companies.
2What will we use your personal information for?       There are a number of reasons we  use your personal information and for each use we  need to have a “lawful basis” to do so. We will rely on the following “Lawful Basis” when we  process your “personal information”:   •    We  have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you. •    We have a valid business reason to use your personal information which is necessary for our  everyday business  operations  and  activities,  for   example  to  keep  records  of investments and the reasoning behind such investments, to maintain business records, to carry out due diligence, to review  our business models and undertake strategic and operational business analysis.   In each case we  assess our need to use this personal information  for  these purposes against your rights to privacy to ensure we  are protecting your rights.   When we  use your “special categories of personal information”, we  must have an additional   “lawful basis” and we  will rely on the following Lawful Basis in these circumstances:   •    You  have given your explicit  consent to our use of  your special categories  of  personal information which may have been provided to us by your family member, spouse, partner or business associate who is our client. •    There is a substantial public interest such as prevention and detection of fraud.   •    We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we  are facing legal proceedings or want to bring legal proceedings ourselves.

16

3Purpose for processing Lawful Basis for using your personal information Lawful Basis for using your special categories of personal information
To provide services to ourWe have a valid businessYou have given us your
clients reason (to fulfil our explicit consent and this
  contractual obligations to has been provided to us
  our clients and advise on by our client.
  the most appropriate  
  investments for their  
  personal circumstances)  
To prevent andWe have a valid businessWe have a substantial
investigate fraud. reason (to prevent and public interest to prevent
  detect fraud and other fraud
  financial crime).We need to use your
 We need to use your information in order to
  information in order to establish, exercise or
  comply with our legal defend legal rights.
  obligations.  
To comply with our legalWe need to use yourWe need to use your
or regulatory obligations. information in order to information in order to
  comply with our legal establish, exercise or
  obligations. defend legal rights.
   It is in the substantial
    public interest to prevent
    or detect unlawful acts
    (where we suspect fraud).
For business purposesWe have a valid businessYou have given us your
and activities including reason (to run our business explicit consent and this
maintaining business efficiently and effectively) has been provided to us
records, file keeping and   by our client.
strategic business  We need to use your
planning.   information in order to
    establish, exercise or

17

   defend legal rights.
To provide marketingYou have given us yourNot applicable
information where you explicit consent.  
have provided your    
consent.    
To provide marketingWe have a valid businessNot applicable
information by post, by reason (to send you  
telephone and in other selected communications  
circumstances where we about other products and  
don’t require your services we  offer)  
consent.    
2Who will we  share your personal information with?
3We will not sell or transfer your personal information to anyone unless we  have a valid purpose as set out above and we  will only disclose it to the following parties:     •    Other Partners within the Partnership to provide specialist services where we  do not have the authorisation to carry out certain activities such as high risk investments and you shall deal directly with that Partner for that specific advice. •    Third  parties  who provide  a service in  relation to the management  of   our  client’s investments or  facilitate the arrangement of products we  recommend such as product providers,  portfolio  and fund  managers,  insurers where  our client  is  buying income protection  products.  Where we  have shared your personal information  with these third parties, they will also be a data controller and responsible for how they use your personal information.  Their  uses of  your personal  information  will be governed by  their own fair processing notices. •    St. James’s Place group companies, who will process your personal data in accordance   with their Privacy Policy  which can be found www.sjp.co.uk/site-services/privacy   •    Compliance consultants including the Consulting Consortium   •    Financial crime and fraud detection agencies.

18

•    Our regulators including the Financial Conduct Authority and the Financial Ombudsman

Service.

•    Selected third parties in connection with any sale, transfer or disposal of our business.

•    Our insurers.

•    The police, HMRC and other crime prevention and detection agencies. Third parties and self-employed contractors who we  have entered into contractual arrangements with to provide services we  need to carry out our everyday business activities such as business administration,  partner  support specialists  who assist  us  with day  to  day  business operations, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax adviser

1Other business partners
2If you are a business partner such as a products provider, portfolio or fund manager or contractor who carries out business functions on our behalf, this section will be relevant to you and sets out our uses of your personal information. What personal information may we  collect?
3General  information  such as your name, address,  business phone numbers and email
 addresses.
Employment information such as job title, business cards and professional accreditations.
Information about your clients, your employees and the services and products you offer.
Your  bank  details and information  obtained from  checking  sanction lists  and credit
 checks.
Information  which we  have gathered from  publicly available sources such as internet
 search engines and generally obtained as part of the due diligence process conducted
 by St. James’s Place group companies.
2How will we  collect your information?
3Directly from you
St. James’s Place group companies.
Publicly available sources such as internet search engines.
From service providers who carry out sanctions checks.
2What will we use your personal information for?  

There are a number of reasons we  use your personal information and for each use we  need to have a “lawful basis” to do so.

We will rely on the following “Lawful Basis” when we  process your “personal information”:

•    We  need to use your personal information to enter into or  perform the contract that we hold with you.

•    We  have a legal or regulatory obligation to use such personal information. For example, we  may be required to carry out certain background checks.

•    We have a valid business reason to use your personal information which is necessary for our  everyday business  operations  and  activities,  for   example  to  keep  records  of investments and the reasoning behind such investments, to maintain business records, to carry out due diligence, to review  our business models and undertake strategic and operational  business  analysis including reviewing  the performance  of  our  business partners.

In each case we  assess our need to use this personal information  for  these purposes against your rights to privacy to ensure we  are protecting your rights.

3Purpose for processing Lawful Basis for using your personal information Lawful Basis for using your special categories of personal information
To carry out fraud, creditIt is necessary to enter into aNot applicable
and anti-money contract with you.
laundering checks on youWe have a valid business
  reason (to assess your
  suitability as a business
  partner).
 We need to use your
  information in order to
  comply with our legal
  obligations.
To carry out due diligenceWe have a valid businessNot applicable
on you. reason (to ensure that you
  can provide guarantees in
  terms of confidentiality and 
  security measures you 
  implement to protect the 
  information we  are sharing 
  with you about our clients). 
 To comply with our legal•    We need to use yourNot applicable
 or regulatory obligations.information in order to
  comply with our legal
  obligations, for example to
  pay your invoices for the
  services you have provided.
 For business purposes•    We have a valid businessNot applicable
 and activities includingreason (to run our business
 maintaining businessefficiently and effectively)
 records, file keeping and 
 strategic business 
 planning. 
 For compliance and•    It is necessary to enter into aNot applicable
 monitoring purposes.contract with you.
  •    We have a valid business
  reason (to ensure we  are
  compliant and carrying out
  appropriate monitoring
  activities).
 Who will we  share your personal information with?
3We will not sell or transfer your personal information to anyone unless we  have a valid reason as set out above and we  will only disclose it to the following parties: •    St. James’s Place group companies, who will process your personal data in accordance   with their Privacy Policy  which can be found https://www.sjp.co.uk/site-services/privacy.   •    Your agents or employees as appropriate.   •    Third parties who provide sanctions checking services including Experian.

21

•    Our regulators including the Financial Conduct Authority and the Financial Ombudsman

Service.

•    Selected third parties in connection with any sale, transfer or disposal of our business.

•    Our insurers.

•    Third parties including self-employed contractors who we  have entered into contractual arrangements  with to provide services we   need  to carry out our everyday business activities  such as  document management  providers,  back  office  system  providers, storage  warehouses,   IT   suppliers,   actuaries,   auditors,   lawyers,   outsourced  business

process management providers, our subcontractors and tax advisers.

1Users of our website
2If you use our website, this section will be relevant to you and sets out our uses of your personal information.     What personal information may we  collect?
3General  information  submitted via  the  website,  for example  where you provide your
 details in the contact section such as your name, contact details and company name.
Information such as IP address and browsing history obtained through our use of cookies.
 You can find more information about this in our cookies policy in section 7 below.
2How will we  collect your personal information?
3We will collect your information directly from our website.
2What will we use your personal information for?     There are a number of reasons we  use your personal information and for each use we  need to have a “lawful basis” to do so. We will rely on the following “lawful basis” when we  process your “personal information”:   •    We  have a valid business reason to use your personal information,  necessary for  our everyday business operations and activities, for  example to maintain business records and to monitor usage of the website. In each case we  assess our need to use this personal information for these purposes against your rights to privacy to ensure we  are protecting your rights.

22

3Purpose for processing Lawful Basis for using your personal informationLawful Basis for using your  special categories of personal information
To respond to anyWe have a businessNot applicable
enquiries you have reason (to respond to
submitted. your enquiries).
2Who will we  share your personal information with?
3We will not sell or transfer your personal information to anyone unless we  have a valid purpose as set out above and we  will only disclose it to: •    St. James’s Place group companies, who will process your personal data in accordance   with their Privacy Policy  which can be found www.sjp.co.uk/site-services/privacy   •    Third parties who we have entered into contractual arrangements with to provide services we  need to carry out our everyday business activities  such as IT suppliers and website providers.
1Where you are a job applicant   This section will apply if you are a job applicant within the St. James’s Place Partnership.
2What personal information may we  collect?
3We have set out below the main categories of candidate personal information which we
 process in connection with our recruiting activities on a day to day basis:
personal contact information (including your name, home address, personal telephone
 number(s) and personal e-mail address)
work  history and other relevant experience including information contained in CV, cover
 letter or job application form
education  information  including  degrees  awarded, transcripts and  other information
 provided in support of the job application
remuneration history
information collected during phone screenings and interviews
details regarding the type of employment sought, desired salary, willingness to relocate,
 job preferences, and other information related to compensation and benefits

23

 reference  information   and  information   received   from   background   checks   (where
  applicable) including information provided by third parties
 information related to previous applications to us or previous employment history with us
 documents evidencing your right to work  (including information about your immigration
  status where relevant)
 date of birth
 gender
 information gathered through our monitoring of our IT systems, building access records
  and CCTV recording in relation to your communications with us and attendance at our
  premises
 personal information  which you otherwise voluntarily  provide during the course of  the
  recruitment process
 The majority of the personal information to be provided by you is mandatory in connection
  with our recruiting  activities.  Failure  to provide mandatory  personal information  may
  affect our ability to accomplish the purposes stated in this Notice, including considering
  your suitability for employment and/or entering into an employment contract with you.
 The  list set out above  is not exhaustive,  and there may be other personal  information
  which St.  James’s  Place  collects,  stores and uses in the context of  the application  and
  recruitment process. St. James’s Place will update this Notice from time to time to reflect
  any notable changes in the categories of personal information which it processes.
 The majority of the personal information which we  process will be collected directly from
  you. However, your personal information may also be provided to us by third parties, such
  as recruitment  agencies,  former  employers,  official  bodies (such as regulators or  the
  Disclosure and Barring Service) and/or medical professionals
2What background checking do we undertake?
3As part of our referencing and vetting procedures, we will contact certain third parties in
 order to verify your personal information (including personal information that you provide
 as part of the application and recruitment process). These third parties will include:
former employers, in order to verify your previous employment history
universities and/or other establishments for higher education that you attended, in order
 to verify your education history
for specific roles we  will undertake electronic ID checks, sanctions and politically exposed
 persons checks via a third-party agency

24

 We  will also gather data from publicly available sources such as the electoral roll, court
  judgments, insolvency registers, internet search engines and social media sites.
 We will only conduct background checking in relation to successful candidates that have
  accepted a conditional offer of employment with us, and we  will specifically inform such
  candidates that we  will be contacting these third parties in advance of doing so.
2What will we use your personal information for?     St. James’s Place uses your personal information for a variety of purposes to take steps necessary to enter into an employment contract with you, to comply with legal obligations or otherwise in pursuit of its legitimate business interests. We have set out below the main purposes for which candidate personal information is processed: •    To identify and evaluate job applicants, including assessing skills, qualifications and   experience   •    Verifying   candidate  information    and   carrying  out  employment,    background (including criminal records) and reference checks, where applicable, and in order to prevent fraud •    Communicating with you about the recruitment process and your application   •    To comply with our legal, regulatory, or other corporate governance requirements     In addition to using your personal information to consider you for the role you applied for, we will retain and process your personal information for six months to inform you about, and to consider you for other roles that may be appropriate for you. If you do not want us to consider you for other roles which we  consider may be appropriate for you, please inform your recruitment contact.     Again, this list is not exhaustive and St. James’s Place may undertake additional processing of personal information in line with the purposes set out above. St. James’s Place will update this Notice from time to time to reflect any notable changes in the purposes for which its processes your personal information.
4When will we  share candidate personal information?
 St. James’s Place will share candidate personal information with other parties only in limited
 circumstances where this is necessary for the purposes of entering into an employment
 contract, to comply with a legal obligation, or otherwise in pursuit of its legitimate business
 interests as follows:

25

 •    recruitment agencies
 •    background vetting specialists
 •    occupational health providers and other medical professionals
 •    HMRC and/or any other applicable government body
 •    accountants, lawyers and other professional advisers
 •    The Financial Conduct Authority and/or the Prudential Regulatory Authority and/or
 any other applicable regulatory body
 •    specialists undertaking psychometric & personality tests
   Personal information is shared under the terms of a written agreement between St. James’s
 Place and the third party which includes appropriate security measures to protect the
 personal information in line with this Notice and our obligations. The third parties are
 permitted to use the personal information only for the purposes which we  have identified,
 and not for their own purposes, and they are not permitted to further share the data without
 our express permission.
5What special category (sensitive) data do we collect
 Certain categories of data are considered “special categories of personal information” and
 are subject to additional safeguards. St. James’s Place limits the special categories of
 personal information which it processes as follows:
 Health Information
 We may process information about a candidate’s physical or mental health in the course of
 the recruitment process. In particular:
 •    We will process information about an individual candidate’s physical or mental health
 to  comply   with  our  obligations   to  make  reasonable   adjustments  for   disabled
 employees as part of the recruitment process;
 •    as part of  our pre-employment  screening, successful  candidates are asked  to
 complete a medical questionnaire administered by  Health Assured Ltd in order that
 we  can take account of any medical issues relating to a new employee, including our
 obligation to make reasonable adjustments in the workplace. Health Assured Ltd will
 only share information from this questionnaire with us with your express consent.
   We will always treat information about health as confidential and it will only be shared
 internally where there is a specific and valid purpose to do so. We have implemented
 appropriate physical, technical, and organisational security measures designed to secure

26

 your personal information against accidental loss and unauthorised access, use, alteration,
 or disclosure.
 If a candidate is successful, any health information processed as part of the recruitment
 process that is relevant to St. James’s Place’s compliance with its obligations in connection
 with employment will be retained and processed in accordance with the Employee Privacy
 Notice. If a candidate is unsuccessful, any health information obtained as part of recruitment
 process will be deleted with the rest of the candidate’s personal information six within
 months of their rejection.
6How long do we keep personal information for?
 St. James’s Place’s policy is to retain personal information only for as long as needed to fulfil
 the purpose(s) for which it was collected, or otherwise as required under applicable laws
 and regulations. Under some circumstances we  may anonymise your personal information
 so that it can no longer be associated with you. We reserve the right to retain and use such
 anonymous data for any legitimate business purpose without further notice to you.
 For unsuccessful candidates:
 •    We will retain personal information collected during the recruitment process for a
 maximum period of 6 months from the end of the process subject to any
 exceptional circumstances and/or to comply with particular laws or regulations.
   If you are offered and accept employment with us, some of the personal information we
 collected during the application and recruitment process will become part of your
 employment record and we may use it in connection with your employment in accordance
 with the Employee Privacy Notice. The remaining data will be stored for a period of 6 months
 then deleted.

4.    What marketing activities do we carry out?

1            We carry out the following marketing activities depending on the relationship that we  have with you:

1.         Where you are a prospective client

Where we  have obtained your personal information from LinkedIn searches, we will connect with you as per the terms and conditions  of  the LinkedIn  social network.  Approaching  you through LinkedIn, we  will provide information about our wealth management services that we offer which you might be interested in. We  may inform you that we wish to contact  you via

telephone to discuss our service offerings further, at which point you will be able to notify us that you do not wish to receive such a call.

Where we  have obtained your personal information from a marketing list from a third party, we  will  have undertaken rigorous checks  to verify  that those third parties have obtained appropriate consent for us to market to you.

We will use also your personal information to provide you with information about our wealth management services and any newsletters and event invites where you have provided your consent for us to do so. We will also provide you with information of St. James’s Place wealth management products and other third party products which we  think may interest you where you have indicated that you

would like to receive this.

2.    Where you are an existing client

We will use your personal information to provide you with information about our wealth management services and any newsletters and event invites where it is part of the ongoing wealth management services we  offer or where you have provided your consent for us to do so.

We will also provide you with information of St. James’s Place wealth management products and other third party products which we  think may interest you where you have consented to receive this.

General marketing practices

If you wish to opt out of marketing, you may do so by  clicking on any “unsubscribe” link or responding to any marketing email communication confirming you would like to opt out or telling us when we  call you. Otherwise you can always contact us using the details set out in section 12 to update your contact preferences.

Please note that, even if you opt out of receiving marketing messages, we  may still send you

communications in connection with the services we  offer you.

5.    How long do we  keep personal information for?  

1            We will only keep your personal information for as long as reasonably necessary to fulfil the purposes set out in section 3 above, to comply with our legal and regulatory obligations or for as long as necessary to respond to concerns you raise with the advice you received. As a financial service firm, we are regulated by the Financial Conduct Authority (the FCA) who imposes certain record-keeping rules which we  must adhere to.

If you would like further information regarding the periods for which your personal

information will be stored, please contact us using the details set out in section 11.

6.    What is our approach to sending your personal information overseas

1            There  are a small number of  instances  where your personal information  is  transferred  to countries outside of the European Economic Area (“EEA”) such as when we transfer information to our other companies in the SJP group or to third party suppliers who are based outside the EEA or when third parties who act on our behalf transfer your personal information to countries outside the EEA. Where such a transfer takes place, we  will take the appropriate safeguarding measures to ensure that your personal information is adequately protected. We will do so in a number of ways including:

•    entering into data transfer contracts and using specific contractual provisions that have

been approved by European data protection authorities otherwise known as the “standard contractual clauses”.  You  can find out more about standard  contractual clauses  at

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-

eu/model-contracts-transfer-personal-data-third-countries_en;

•    we  will only transfer personal information to companies in non-EEA countries who have been deemed by  European data protection authorities to have adequate levels of data protection  for the protection  of  personal information.  You  can find  out more about this

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-

eu/adequacy-protection-personal-data-non-eu-countries_en

We are also entitled under European data protection laws to transfer your personal information to countries outside the EEA where it is necessary for the performance of the contract we  have with you.

Depending on our relationship and your particular circumstances, we  might transfer personal information anywhere in the world.  An example of our regular data transfers outside the EEA is set out below:

Country of transferReason for the transferMethod  we use to protect your information
HongKong,Singapore,Provisionof        datatoWe have standard
Shanghai  internationalofficestocontractual clauses in
   supportclientslivingplace
   overseas.   
If you would like  further  information  regarding our data transfers  and the steps we  take to safeguard your personal information, please contact us using the details set out in section 12.

7.    How do we  protect your information?

1            At St. James’s Place, we  take our responsibility to look after your personal information and privacy seriously. In today’s world, we have all seen a growing trend in cybercrime and security breaches. We have a number of security measures in place to help prevent fraud and cybercrime.

If we  become aware that a personal data breach has occurred and is likely to result in a

high risk to the rights and freedoms of our clients, Partners or employees, we  will inform them without undue delay.

We have a dedicated group, the ‘Information Security Oversight Committee’, that provides oversight and guidance to our information security and privacy programme.

The executive body responsible for privacy and data security is the Information Security Oversight Committee (ISOC) – chaired by the Data Protection Officer. ISOC has a reporting line that enables effective escalation of issues up to the Board where appropriate.

We educate and train our employees, Partners and contractors on their information security, fraud prevention and privacy obligations annually.

Our employees, Partners and contractors take part in an annual Information Security training and awareness program and must agree to adhere to the Data Protection Act and our own Information Security Policy  that are designed to keep your information safe. These are refreshed each year to reflect the current trends that are being observed across the information security landscape. Information Security awareness also forms part of our new employee induction program.

We also educate our employees in identifying potential financial crime and internal fraud;

any suspicious activity is reported to our Financial Crime Prevention team.

When you login, or send us information on the internet we  protect the security of this information while  it is being transmitted by encrypting it using Secure Sockets Layer (SSL). When you use your web browser to login, view  or share information with us, all electronic information exchanged is encrypted using 2048bit SSL (Secure Sockets Layer) certificate. You can identify this by looking for the HTTPS:// and the padlock in the address bar at the top of your browser:

We will always interact with you in a safe, secure and consistent manner

To keep your information secure and to protect our clients from fraud, St. James’s Place will only interact with you in the following ways. If in doubt, call your St. James’s Place Partner directly or alternatively email the St. James’s Place Data Protection Office at dpo@sjp.co.uk.

When interacting with you, we  will:

•    Only send funds that you have requested to be withdrawn to a verified bank account in your name.

•    Verify  who you are  when speaking to you on the phone, by  asking  you security questions.

We will not:

•    Ask you for your password over the phone.

•    Send you an unsolicited email with a link to our login page  asking you to enter your

Online Wealth Account credentials.

•    Ask you for payment or credit card details by email or telephone.

•    Call you to notify you of a problem, and then request you call us back immediately to discuss the problem further.

We continually review our physical and logical security controls in place across the business.

Physical controls – As well as protecting your digital information, St. James’s Place also protects their premises and physical locations where personal data may be used and stored. These measures include security guards, security entrances, secure disposal of confidential waste and hardware, CCTV, personal card access and locks on doors and file storage cabinets, with a ‘clear desk’ policy to ensure all information is locked away and protected.

Logical controls – St. James’s Place uses technical security measures to make sure our systems where we  store and use personal information are protected from unauthorised access. Tools  such as authentication controls, antivirus, firewalls, malware detection and back-up procedures are used across the business.

All employee emails and devices are encrypted to enable secure transfer and storage of personal information.

We conduct security testing of our applications and services in a controlled testing environment before they are made available for our clients to use on an ongoing basis. We perform security risk assessments for each of our sites to identify and control risks. External technical assessments are conducted by an independent external 3rd party. Security audits and vendor due diligence are conducted on a continual basis.

We have a business resiliency plan with disaster recovery and business continuity testing. The purpose of Business Continuity Management and the St. James’s Place Business Continuity Plan, is to provide an effective, predefined and documented framework to respond to an incident affecting the Group’s activities. The key drivers in developing the business recovery plans are;

•    To mitigate the risks that could lead to the significant disruption of our products and

services to our clients.

•    To provide a recovery plan that supports a timely and full restoration of our products and services for our clients.

However, whilst we  take appropriate technical and organisational measures to safeguard your Personal Information, please note that we  cannot guarantee the security of any data that you transfer over the internet to us.

8.    Cookies

1            The St. James’s Place website uses cookies – small text files that are stored on your computer or in your browser – to help us to monitor how visitors use our site and allow us to maintain the optimum experience for website users. The website does not store or capture personal information about you when you visit it, it merely records traffic information. This means information about all of our visitors collectively, for example the number of visits the website receives. In order to respect our visitors’ rights of privacy, this information is anonymous and no individual visitor can be identified from it.

You can disable and delete cookies by changing the appropriate setting within your browser’s ‘Help’, ‘Tools’ or ‘Settings’ menu. Please note that by disabling cookies you may not benefit from some of the features of our site. You can find out more about deleting or

controlling cookies by visiting About Cookies.

Facebook advertising

We use the “Custom Audience pixel” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website. This allows us to track what users do after they see or click on our Facebook advertisements. This enables us to monitor the effectiveness of Facebook ads for purposes of statistics and market research. Data collected in this way is anonymous to us, which means we  cannot see the personal data of individual users. However, this data is saved and processed by  Facebook. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook’s Data Policy  which can be found

here  https://www.facebook.com/about/privacy/. We also utilise Facebook Custom Audiences. Facebook Custom Audience is a remarketing and behavioural targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network. You can allow Facebook and its partners to place ads on and outside of Facebook. A cookie can also be saved on your device for these purposes.

Please click here if you would like to withdraw your

consent  https://www.facebook.com/settings/?tab=ads#_=_

Facebook adhere to the Self-Regulatory Principles for Online Behavioural Advertising and participate in the opt-out programmes established by the  Digital Advertising Alliance,

the  Digital Advertising Alliance of Canada and the  European Interactive Digital Advertising

Alliance. You can opt out of all participating companies through these sites.

Google Ads

We use the Google Ads remarketing service to advertise on third party websites (including Google) to previous visitors to our site. It could mean that we advertise to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to the sjp.co.uk website. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policy. To opt out of Google’s use of cookies or device identifiers visit Google’s  Ads Settings. To opt out of third-party vendor’s use of cookies visit the  Network Advertising Initiative opt-

out page or control the use of device identifiers by using your  device’s settings.

We use  Hotjar in order to better understand our users’ needs and to optimize this service and

experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.

You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of

our site and Hotjar’s use of tracking cookies on other websites by following this  opt-out link.

Please view  our full Cookie policy  here.

9.    Google Analytics

1            This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies (text files placed on your computer) to help the website operators analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website

operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

In addition, we use Google’s remarketing technology to advertise online. In doing so, Google will place or read a unique ad-serving cookie on your computer and will use non-personal information about your browser and your activity on our sites to serve ads on their content

network. Please click here for more information about remarketing or to opt-out of the

Google remarketing cookie.

We will only collect personal information about you if you send us an e-mail enquiry via  the

‘contact us’ facility or you register to receive your Unit Trust Manager’s Reports by email. In order for this to happen, you will need to fill out the online ‘contact us’ form or complete the registration details. The type of information being collected for an enquiry will be apparent from the layout of the ‘contact us’ form, which also tells you how this information will be used. The type of information collected to register to receive the Unit Trust Manager’s Reports by email will be apparent from the details requested when you register. The information collected when you register will only be used to email your Unit Trust Manager’s Reports and for no other reason.

We take all reasonable precautions to protect our visitors’ information, both on and off line. If your personal information changes, please let us know and we  will correct, update or remove any information that we  hold about you on our active databases. We may however need to retain archive copies of that personal information for legal or audit purposes. If you have any queries regarding the way in which St. James’s Place handles data collected from

you on this website, please visit the  contact us page.

By using this website, you consent to the processing of data about you by Google in the

manner and for the purposes set out in the above four paragraphs.

10.  Monitoring

1            Please note that if you communicate with us electronically, including by e-mail, telephone or fax, this communication may be randomly monitored and/or recorded to protect the interests of our business and our customers. This includes for the purposes of maintaining customer/service quality standards, detection of and/or prevention of crime and to ensure that St. James’s Place employees comply with legal obligations and St. James’s Place

policies and procedures (including our customer relations practices).

11.      Hyperlinks

1            We may provide hyperlinks from this web site (‘the Site’) to web sites of other organisations including websites of associated companies. Please note that this Privacy Policy  applies only to this Site and that St. James’s Place will not liable for the contents of linked web sites or any

transactions carried out with organisations operating those web sites.

12.   Your rights

1            You have several rights which you can exercise at any time relating to the personal information that we  hold about you and use in the ways set out in this notice. Please contact us at any time using the details set out in section 12 if you wish to exercise these rights; we

will not usually charge you.

We respect your rights and will always consider and assess them but please be aware that there may be some instances where we cannot comply with a request that you make as the consequence might be that:

•    in doing so we  could not comply with our own legal or  regulatory requirements for

example we  are under obligations to hold records of our dealings with you for certain periods of time; or

•    in doing so we could not provide services to you and would have to cancel your client

agreement, for example we could not enter into investments on your behalf if we  had deleted your personal information.

 We will of course inform you if any of the above situations arise and if we  are unable to
 comply with your request.
1The right to access your personal information
2You are entitled to a copy of the personal information we  hold about you and certain details of how we  use it. We are happy to provide you with such details but in the interests of confidentiality, we follow strict disclosure procedures which may mean that we will require proof of identify from you prior to disclosing such information. We will usually provide your personal information to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal information will be provided to you by electronic means where possible.     It would be helpful if could please complete the  Data Subject Request Form to request a copy of the information we  hold so that we  can ensure we  have all the relevant information we  need to appropriately respond to your request.
1The right to rectification
2Please help us to keep your personal information accurate and up to date so if you believe that there are any inaccuracies, discrepancies or gaps in the information we  hold about you, please contact us and ask us to update or amend it.
2The right to restriction of processing
1In certain circumstances, you have the right to ask us to stop using your personal information, for example where you think that the personal information we  hold about you may be inaccurate or where you think that we no longer need to use your personal information.
2The right to withdraw your consent
1Where we rely on your consent to process your personal information, you have the right to withdraw such consent to further use of your personal information.
1The right to erasure
2You are entitled to request your personal information to be deleted in certain circumstances   such as where we  no longer need your personal information for the purpose we  originally

37

 collected it. When you exercise this right, we  need to consider other factors such as our own
 regulatory obligation, to assess whether we  can comply with your request.
1The right to object to direct marketing
2You have a choice about whether or not you wish to receive marketing information from us and you have the right to request that we  stop sending you marketing messages at any time.  You can do this either by clicking on the “unsubscribe” button in any email that we send to you or by contacting us using the details set out in section 8. Please note that, even if you opt out of receiving marketing messages, we  may still send you   communications which are relevant to the nature of services we  offer you.
1The right to object to processing
2In certain circumstances, where we only process your personal data because we  have a legitimate business need to do so, you have the right to object to our processing of your personal data.
1The right to data portability
2In certain circumstances, you can request that we transfer personal information that you have provided to us to a third party. When you exercise this right, we  need to consider other factors such as our own regulatory obligations, to assess whether we can comply with your request
1Rights relating to automated decision-making
2We do not carry out any automated decision making to provide products and services to   you.
1The right to make a complaint with the ICO ►
2If you believe that we have breached data protection laws when using your personal information, you have a right to complain to the Information Commissioner’s Office (ICO).   You can visit the ICO’s website at  https://ico.org.uk/ for more information.  Please note that lodging a complaint will not affect any other legal rights or remedies that you have.

13.   Contacting us

38

1           If  you would like any further information about any of the matters in this notice or if you have any other questions about how we  collect, store or use your personal information, you may contact our St. James’s Place Data Protection Officer at St. James’s Place plc, St. James’s Place House, 1 Tetbury Road, Cirencester, Gloucestershire, GL7 1FP, United Kingdom,

dpo@sjp.co.uk and 01285718453.

14.   Updates to this notice

1            From time to time we  may need to make changes to this notice, for example, as the result of changes to law, technologies, or other developments. We will provide you with the most up to date notice.

This notice was last updated on (13/02/23)