Privacy

Introduction

Pacem offer our clients Accountancy Business Services and Private Financial Planning advice. We and our clients view this as a unique combination of services that help them grow their business and achieve their personal financial goals.  This privacy notice explains how we use any personal information we collect about you.

General Use of Personal Data
Our privacy policy takes into account several laws including:

  • The Data Protection Act 2018.
  • The Privacy and Electronic Communications (EC Directive) Regulations 2003.
  • General Data Protection Regulation (EU) 2016/679 which will come into force in the UK in May 2018 and replace the Data Protection Act 1998.

Generally, our processing of your personal information is allowed by these laws because we have a legitimate business interest to carry out this processing.  Some processing may also be necessary so that we can perform a contract, because it is required by law or we believe it is in your vital interests.

The Principles of Data Protection

The General Data Protection Regulation (GDPR) sets out the data protection principles of the main responsibilities for organisations.  Personal data must be:

a) processed lawfully, fairly and in a transparent manner in relation to individuals;

b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;

c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and

f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

What information do we collect about you?

Pacem holds both personal and sensitive data as defined by the legislation. We only collect the information we need. Access to your data will be restricted. We collect two kinds of information

  • Non-personal information such as IP addresses (the location of the computer on the internet), pages accessed, and files downloaded. This helps us to determine how many people use our sites, how many people visit on a regular basis, and how popular our pages are. This information doesn’t tell us anything about who you are or where you live. It simply allows us to monitor and improve our servic
  • Personal and/or medical information (where appropriate).

We collect information about you when you engage with us for financial planning services. This information will relate to your personal and financial circumstances. It may also include special categories of personal data such as health information, if this is necessary for the provision of our services.

For example, for a client, we may hold the individual’s title, names, address, gender, date of birth, email address, telephone numbers, GP details, special needs, next of kin details, medical history, bank details, client feedback, photographs with client consent for marketing material purposes.

For staff and interns, we may hold information such as name, address, date of birth, gender, email address, telephone numbers, next of kin, National Insurance number, bank details for payroll purposes. Photographs, recruitment and selection notes, references, medical history, qualifications, insurance information, training records, car details, workplace accidents, and perceived community background for Section 75 (NI Act) purposes, etc.

For suppliers and customers, we may hold your name, address, contact details and bank details.

We may also collect information when you voluntarily complete client surveys or provide feedback to us.

Information relating to usage of our website is collected using cookies. These are text files placed on your computer to collect standard internet log information and visitor behaviour information. We’ll use your information collected from the website to personalise your repeat visits to the site

Information about connected individuals

We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.

Why do we need to collect and use your personal data?

The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.

Where special category data is required we’ll obtain your explicit consent in order to collect and process this information.

For employees, it is a condition of employment that Pacem processes your personal data. By applying for a role with us, you signify your agreement.

Everyone has the right to know what personal data Pacem holds about you and for this to be correct. Procedures for the management of personal data are in place and enquiries may be made as set out below.

If you do not consent to Pacem processing your information, we will not be able to offer you our services.

Changing your details or how we contact you

You can opt in or out of receiving general marketing communications or change your preferences (e.g. how you receive our communications) by calling our team on weekdays between 9am – 5pm on 02890996948.

Similarly, if your contact details have changed or you think any information we have about you is incorrect or incomplete, you can always update or correct the information we hold about you, via the same channel.

If you indicate that you do not wish to be contacted for general marketing purposes, we will maintain your details on a suppression list to help ensure that we do not continue to contact you. However, we may still need to contact you for administrative purposes, for example providing you with information about a service you have requested.

How will we use the information about you?

We collect information about you in order to provide you with the services for which you engage us.

Who might we share your information with?

If you agree, we may email you about other products or services that we think may be of interest to you.

We won’t share your information for marketing purposes with companies outside our group.

In order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to arrange financial products for you.

Where third parties are involved in processing your data we’ll have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they’ll only act in accordance with our written instructions.

To fulfil our obligations in respect of prevention of money-laundering and other financial crime we may send your details to third party agencies for identity verification purposes.

Storing your information

We take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date. We only keep it as long as reasonable and necessary.

Your information may be stored in a digital or paper format (secure onsite and offsite storage).

Information is stored by us on computers located in the UK. We may transfer the information to other staff members off-site and to other reputable third party organisations as explained below. We may also store information in paper files. Sensitive information is always locked away.

We place a great importance on the security of all personally identifiable information associated with our supporters, customers and service users. We have security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, only authorised personnel can access user information.

Where you or we have provided a password enabling you to access parts of our websites or use our services, it is your responsibility to keep this password confidential. Please don’t share your password with anyone.

We will keep your information only for as long as we need it to provide you with the goods, services or information you have required, to administer your relationship with us, to comply with the law or best practice, or to ensure we do not communicate with people that have asked us not to. When we no longer need information, we will always dispose of it securely, using specialist companies, if necessary, to do this work for us.

How long do we keep hold of your information?

In principle, your personal data shouldn’t be held for longer than is required under the terms of our contract for services with you. However, we’re subject to regulatory requirements to retain data for specified minimum periods. The retention period for documents are outlined in our ‘Retention Schedule’ as attached in Appendix 1. We also reserve the right to retain data for longer than this due to the possibility that it may be required to defend a future claim against us.

You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.

How can I access the information you hold about me?

You have the right to request a copy of the information that we hold about you. If you’d like a copy of some or all of your personal information, please email or write to us using the contact details noted below.

When your personal data is processed by automated means you have the right to ask us to move your personal data to another organisation for their use.

We have an obligation to ensure that your personal information is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.

Cookies

We use cookies to track visitor use of the website and to compile statistical reports on website activity.

For further information visit http://www.allaboutcookies.org/

You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.

Our website contains links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.

What can you do if you are unhappy with how your personal data is processed?

You also have a right to lodge a complaint with the supervisory authority for data protection. In Northern Ireland this is:

Information Commissioner’s Office: 3rd Floor, 14 Cromac Place, Belfast,BT7 2JB

Tel: 028 9027 8757 or 0303 123 1114, Email: ni@ico.org.uk

Changes to our privacy policy

We keep our privacy policy under regular review and we’ll place any updates on this web page (and/or) inform you of any changes when they occur.  This privacy policy was last updated on 31.08.2018

If you have a query regarding the accuracy of your personal data then your query will be dealt with quickly by a member of our team.

If you have any other general queries about your information, you can contact Gemma McShane, our designated employee responsible for Data Protection, by email at info@pacem-advisory.com or by telephone on 02890996948.

 

Appendix 1 – Retention Schedule

Objective

We aim to highlight to the user how and when data/records should be destroyed.

Records Retention and Disposal

Records should not be retained any longer than is necessary for the efficient operation of the Pacem, or to meet statutory/regulatory obligations. Records that have outlived their administrative usefulness or statutory retention period, should be destroyed.

No data file or record should be retained longer than highlighted in the Retention Schedule after it is closed unless a good reason for longer retention can be demonstrated. It is to be emphasised that the period defined in the Retention schedule is a maximum period. It may be appropriate, having regard to the nature of the record, to opt for a shorter period.

Requirements to Retain

If documents are not required to be kept by statute, consider the need to retain at all.

As a rule, the following types of records below have no significant operational, informational or evidential value. They can therefore be destroyed as soon as they have served their primary purpose.

  • Announcements and notices of meetings and other events, and notifications of acceptance or apologies
  • Requests for, and confirmations of, reservations with third parties (e.g. travel, hotels, accommodation) when invoices have been received
  • Transmission documents: letters, FAX cover sheets, e-mail messages, routing slips, compliments slips and similar items which accompany documents, but do not add any value to them
  • Message slips
  • Superseded address lists, distribution lists etc.
  • Duplicate documents such as: ‘CC’ and ‘FYI’ copies, unaltered drafts, ‘Snapshot’ printouts or extracts from databases, ‘Day Files’ (chronological copies of correspondence)
  • Working papers, where the results have been written into an official document and which are not required to support it
  • Stocks of in-house publications which are obsolete, superseded or otherwise useless e.g. magazines, marketing materials, prospectuses, catalogues, manuals, directories, forms, and other material produced for wide distribution
  • Published or reference materials received from other parties or from vendors or other external organisations which require no action and are not needed for ‘record’ purposes, e.g. trade magazines, vendor catalogues, flyers, newsletters.

Examples taken from: The JISC. HEI Business Function & Activity Model, 2003.

Exceptions to Retention Schedule

Under the Freedom of Information Act 2000 and Data Protection legislation, it is a criminal offence to destroy or dispose of records once Pacem Glover has received a formal request to access the information contained in those records.

Reasons for longer retention will include the following:

  • The record contains information relevant to legal action which has been started or is in contemplation
  • Whenever there is a possibility of litigation, the records and information that are likely to be affected should not be amended or disposed of until the threat of litigation has been removed.
  • The record should be archived for historical or research purposes, e.g. the record relates to an important policy development or relates to an event of local or national purpose
  • The records are maintained for the purpose of retrospective comparison
  • The records relate to individuals or providers of services who are judged unsatisfactory. The individuals may include employees who have been the subject of serious disciplinary action

Departmental Retention Schedules

Each department will develop and maintain its retention schedule. Below is a guide to Statutory Retention Periods. Consideration should be given to the length of time any other piece of information is held for.

Statutory Retention Periods

The table below summarises the main legislation regulating statutory retention periods. However, if in doubt, the government’s Business Link website advises that it is a good idea to keep records for six years to cover the time limit for bringing any civil legal action.

Record Statutory Retention Period Statutory Authority
accident books, accident records/reports 3 years after the date of the last entry (see below for accidents involving chemicals or asbestos) The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1995 (RIDDOR)
(SI 1995/3163) as amended. Special rules apply concerning incidents involving hazardous substances (see below).
Accounting Records 6 years Section 221 of the Companies Act 1985 as modified by the Companies Acts 1989 and 2006
Income tax and NI returns, records and correspondence with HMRC 6 years Taxes Management Act 1970
Records relating to children and young adults Until the child/young adult reaches the age of 21 Limitation Act 1980

 

Retirement Benefits Schemes – records of notifiable events for example, relating to incapacity 6 years from the end of the scheme year in which the event took place The Retirement Benefits Schemes (Information Powers) Regulations 1995
(SI 1995/3103)
Statutory Maternity Pay records, calculations, certificates (Mat B1s) or other medical evidence 3 years after the end of the tax year in which the maternity period ends The Statutory Maternity Pay (General) Regulations 1986
(SI 1986/1960) as amended
Statutory Sick Pay records, calculations, certificates, self-certificates 3 years after the end of the tax year to which they relate The Statutory Sick Pay (General) Regulations 1982
(SI 1982/894) as amended
Wage/salary records not less than 3 years after the end of the financial year to which they relate The Income Tax (Employments) Regulations 1993
(SI 1993/744) as amended, for example by The Income Tax (Employments) (Amendment No. 6) Regulations 1996 (SI 1996/2631)
National minimum wage records 3 years after the end of the pay reference period following the one that the records cover National Minimum Wage Act 1998
Records relating to working time 2 years from date on which they were made The Working Time Regulations 1998 (SI 1998/1833)

 

Recommended (non-statutory) Retention Periods

For many types of personnel records, there is no definitive retention period: it is up to the employer to decide how long to keep these records and it’s a question of judgement rather than there being any definitive right and wrong. An employer needs to consider what would be a necessary retention period, depending on the type of record. The advice in this factsheet is based on the time limits for potential tribunal or civil claims and aims to draw sensible conclusions as to how long keeping the records will protect an employer.

Where the recommended retention period given is 6 years, this is based on the 6-year time limit within which legal proceedings must be commenced as laid down under the Limitation Act 1980. Thus, where documents may be relevant to a contractual claim, it is recommended that these be retained for at least the corresponding 6-year limitation period.

Record Recommended Retention Period
application forms and interview notes (for unsuccessful candidates) 6 months to a year. (Because of the time limits in the various discrimination Acts, minimum retention periods for records relating to advertising of vacancies and job applications should be at least 6 months. A year may be more advisable as the time limits for bringing claims can be extended. Successful job applicants documents will be transferred to the personnel file in any event.
assessments under health and safety regulations and records of consultations with safety representatives and committees Permanently
Inland Revenue/HMRC approvals Permanently
parental leave 5 years from birth/adoption of the child or 18 years if the child receives a disability allowance
pension scheme investment policies 12 years from the ending of any benefit payable under the policy
pensioners’ records 12 years after benefit ceases
personnel files and training records (including disciplinary records and working time records) 6 years after employment ceases
redundancy details, calculations of payments, refunds, notification to the Secretary of State 6 years from the date of redundancy
senior executives’ records (that is, those on a senior management team or their equivalents) permanently for historical purposes
Time cards 2 years after audit
Employee Personnel Records 10 years after ceasing to be effective
Investment business for non-current client 10 years from end of relationship
Insurance (Protection) business for non-current client 10 years from end of relationship
Mortgage business for non-current client 10 years from end of relationship
Pension transfers and opt-outs Indefinitely for pension transfer and opt-outs.
ID/ Money Laundering 10 years
Current clients 10 years from end of relationship
Prospect (a person who is not yet a client, but we hold contact details for. No recommendations have been provided) 1 year