PRIVACY POLICY
We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.
Who we are
Curo Paraplanning Limited collects uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
The personal information we collect and use
Information collected by us
In the course of supplying paraplanning services, we collect the following personal information when you provide it to us:
- Names and, contact details
- Secondary contact details
- Invoice addresses
- Web URL’s and social media addresses for client contact
- bank details
- Information about how you use our website, IT, communication and other systems
Above is not a conclusive list and we may collect additional personal information from you. Any other personal information will be collected and processed in accordance with the terms of this policy.
If you do not provide personal information when we ask for it, it may delay or prevent us from providing the services to you.
How your personal information is collected
We collect most of this personal information directly from you – in person by telephone, text or email and/or via our website. However, we may also collect information from other sources such as:
- From a third party with your consent e.g. your bank;
- From cookies on our website – for more information on our use of cookies please see the section below on Cookies;
- Via our IT systems and those of St James Place.
Who we share your personal information with
We routinely share personal information with:
- third parties we use to help deliver our services to you, e.g. payment service providers, warehouses and delivery companies;
- other third parties we use to help us run our business, e.g. marketing agencies or website hosts;
- third parties approved by you, e.g. social media sites you choose to link your account to or third-party payment providers;
- our bank.
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
Subject to the “Website” section below, we will not share your personal information with any other third party.
Where your personal information is held
Information may be held at our offices, third party agencies, service providers, representatives and agents as described above (see above: ‘Who we share your personal information with’).
How long your personal information will be kept
We will keep your personal information while you have an account with us or we are providing services to you. Thereafter, we will keep your personal information for as long as is necessary:
- to respond to any questions, complaints or claims made by you or on your behalf;
- to show that we treated you fairly;
- to keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information.
Reasons we can collect and use your personal information
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. Your personal data may be used for one of the following purposes:
- Supplying our services to you. Your personal details are required in order for us to enter into a contract with you, to enable us to create invoices and keep in touch with matters such as service updates, project progress etc.
- Personalising and tailoring our services for you.
- Communicating with you. This may include responding to emails or calls from you.
- Supplying you with information by email or post that you have opted-in to (you may unsubscribe or opt-out at any time by selecting the unsubscribe button).
We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
We may also contact you by phone, letter or email in line with the service you have paid for. We may occasionally email you or send a letter about something relevant to the service you have paid for.
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email, telephone or post with information, news, and offers on our services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
Transferring your personal information out of the UK and EEA
To deliver services to you, it is sometimes necessary for us to share your personal information outside the UK and/or European Economic Area (EEA), e.g.:
- with your and our service providers located outside the UK/EEA;
- if you are based outside the UK/EEA.
These transfers are subject to special rules under European and UK data protection law.
Your rights
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information;
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address;
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
- object in certain other situations to our continued processing of your personal information;
- otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to us;
- let us have enough information to identify you;
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let us know the information to which your request relates.
If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 5 days for this to take place.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
Website
We respect and value the privacy of everyone who visits our website www.curoparaplanning.co.uk (“Our Site”) and will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law.
Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
Depending upon your use of Our Site, we may collect some or all of the following personal and non-personal data (please also see the section relating to Cookies):
- name and contact details;
- IP address;
- web browser type and version;
- operating system;
- a list of URLs starting with a referring site, your activity on Our Site, and the site you exit to.
In addition to the section on “Reasons we can collect and use your personal information” above we may use your data from Our Site for the following purposes:
- Providing and managing your access to Our Site;
- Supplying our services to you (please note that We require your personal data in order to enter into a contract with you);
- Personalising and tailoring our services for you;
- Replying to emails and enquiries received from you;
- Analysing your use of Our Site to enable Us to continually improve Our Site and your user experience;
We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected in order that we are able to comply with our statutory and contractual obligations with you, and in accordance with our legitimate interests as a data controller.
Your data will only be stored in the UK. Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure data collected through Our Site. Steps we take to secure and protect your data include hosting Our Site on a dedicated server supplied by Heart Internet a UK a UK company. Access to the server is password protected.
In addition to the section “Who we share your personal data with” we may compile statistics about the use of Our Site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the law.
When you submit personal data via Our Site, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details).
You may access Our Site without providing any data at all. You may restrict use of Cookies. Please see the section on Cookies for more information.
Cookies
We use cookies to collect, store and share bits of information about your activities when you use our website.
Cookies do different things, like letting you navigate between pages quickly and generally improving your experience of a website. If a website doesn’t use cookies it will think you are a new visitor every time you move to a new page on the website – for example, when you enter your login details and move to another page it won’t recognise you and it won’t be able to keep you logged in. Curo Paraplanning Limited only use essential cookies on its website to track the performance of the website via Google Analytics. This non-personal data helps us to understand how to improve the website content for the benefit of all users. If you want to block cookies, then you can do this through your browser via the help function. You can also visit www.aboutcookies.org for further guidance.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice was published on [ 10/6/2020 ].
We may change this privacy notice from time to time, when we do, we will inform you via email and posting on our website.
How to contact us
Please contact us, if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us, please send an email to [email protected], write to Curo Paraplanning Limited, Room 10, 1 Riverside Business Park, St Annes, Bristol, BS4 4ED, or call 0117 9332669.