Reviewed on March 2023
Pacem offer our clients Accountancy Business Services and Private Financial Planning advice. We and our clients view this as a unique combination of services that help them grow their business and achieve their personal financial goals. This privacy notice explains how we use any personal information we collect about you.
General Use of Personal Data
- The Data Protection Act 2018.
- The Privacy and Electronic Communications (EC Directive) Regulations 2003.
- General Data Protection Regulation (EU) 2016/679 which will come into force in the UK in May 2018 and replace the Data Protection Act 1998.
Generally, our processing of your personal information is allowed by these laws because we have a legitimate business interest to carry out this processing. Some processing may also be necessary so that we can perform a contract, because it is required by law or we believe it is in your vital interests.
The Principles of Data Protection
The General Data Protection Regulation (GDPR) sets out the data protection principles of the main responsibilities for organisations. Personal data must be:
- a) processed lawfully, fairly and in a transparent manner in relation to individuals;
- b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
- c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
- f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
What information do we collect about you?
Pacem holds both personal and sensitive data as defined by the legislation. We only collect the information we need. Access to your data will be restricted. We collect two kinds of information:
- Non-personal information such as IP addresses (the location of the computer on the internet), pages accessed, and files downloaded. This helps us to determine how many people use our sites, how many people visit on a regular basis, and how popular our pages are. This information doesn’t tell us anything about who you are or where you live. It simply allows us to monitor and improve our service.
- Personal and/or medical information (where appropriate).
We collect information about you when you engage with us for financial planning services. This information will relate to your personal and financial circumstances. It may also include special categories of personal data such as health information, if this is necessary for the provision of our services.
For example, for a client, we may hold the individual’s title, names, address, gender, date of birth, email address, telephone numbers, GP details, special needs, next of kin details, medical history, bank details, client feedback, photographs with client consent for marketing material purposes.
For staff and interns, we may hold information such as name, address, date of birth, gender, email address, telephone numbers, next of kin, National Insurance number, bank details for payroll purposes. Photographs, recruitment and selection notes, references, medical history, qualifications, insurance information, training records, car details, workplace accidents, and perceived community background for Section 75 (NI Act) purposes, etc.
For suppliers and customers, we may hold your name, address, contact details and bank details.
We may also collect information when you voluntarily complete client surveys or provide feedback to us.
Information relating to usage of our website is collected using cookies. These are text files placed on your computer to collect standard internet log information and visitor behaviour information. We’ll use your information collected from the website to personalise your repeat visits to the site.
Information about connected individuals
We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
Why do we need to collect and use your personal data?
The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.
Where special category data is required we’ll obtain your explicit consent in order to collect and process this information.
For employees, it is a condition of employment that Pacem processes your personal data. By applying for a role with us, you signify your agreement.
Everyone has the right to know what personal data Pacem holds about you and for this to be correct. Procedures for the management of personal data are in place and enquiries may be made as set out below.
If you do not consent to Pacem processing your information, we will not be able to offer you our services.
Changing your details or how we contact you
You can opt in or out of receiving general marketing communications or change your preferences (e.g. how you receive our communications) by calling our team on weekdays between 9am – 5pm on 02890996948.
Similarly, if your contact details have changed or you think any information we have about you is incorrect or incomplete, you can always update or correct the information we hold about you, via the same channel.
If you indicate that you do not wish to be contacted for general marketing purposes, we will maintain your details on a suppression list to help ensure that we do not continue to contact you. However, we may still need to contact you for administrative purposes, for example providing you with information about a service you have requested.
How will we use the information about you?
We collect information about you in order to provide you with the services for which you engage us.
Who might we share your information with?
If you agree, we may email you about other products or services that we think may be of interest to you.
We won’t share your information for marketing purposes with companies outside our group.
In order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to arrange financial products for you.
Where third parties are involved in processing your data we’ll have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they’ll only act in accordance with our written instructions.
To fulfil our obligations in respect of prevention of money-laundering and other financial crime we may send your details to third party agencies for identity verification purposes.
Storing your information
We take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date. We only keep it as long as reasonable and necessary.
Your information may be stored in a digital or paper format (secure onsite and offsite storage).
Information is stored by us on computers located in the UK. We may transfer the information to other staff members off-site and to other reputable third party organisations as explained below. We may also store information in paper files. Sensitive information is always locked away.
We place a great importance on the security of all personally identifiable information associated with our supporters, customers and service users. We have security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, only authorised personnel can access user information.
Where you or we have provided a password enabling you to access parts of our websites or use our services, it is your responsibility to keep this password confidential. Please don’t share your password with anyone.
We will keep your information only for as long as we need it to provide you with the goods, services or information you have required, to administer your relationship with us, to comply with the law or best practice, or to ensure we do not communicate with people that have asked us not to. When we no longer need information, we will always dispose of it securely, using specialist companies, if necessary, to do this work for us.
How long do we keep hold of your information?
In principle, your personal data shouldn’t be held for longer than is required under the terms of our contract for services with you. However, we’re subject to regulatory requirements to retain data for specified minimum periods. The retention period for documents are outlined in our ‘Retention Schedule’ as attached in Appendix 1. We also reserve the right to retain data for longer than this due to the possibility that it may be required to defend a future claim against us.
You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
How can I access the information you hold about me?
You have the right to request a copy of the information that we hold about you. If you’d like a copy of some or all of your personal information, please email or write to us using the contact details noted below.
When your personal data is processed by automated means you have the right to ask us to move your personal data to another organisation for their use.
We have an obligation to ensure that your personal information is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.
For further information visit http://www.allaboutcookies.org/
You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
What can you do if you are unhappy with how your personal data is processed?
You also have a right to lodge a complaint with the supervisory authority for data protection. In Northern Ireland this is:
Information Commissioner’s Office: 3rd Floor, 14 Cromac Place, Belfast,BT7 2JB
Tel: 028 9027 8757 or 0303 123 1114, Email: firstname.lastname@example.org
If you have a query regarding the accuracy of your personal data then your query will be dealt with quickly by a member of our team.
Appendix 1 – Data retention
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.