STATEMENT OF PRIVACY POLICY

Our Commitment to Your Privacy:

Protecting our clients’ privacy is of paramount importance to EFM UK Ltd. It is EFM UK Ltd. policy that no client information obtained by us is sold or made available to third parties except that:

• Third parties may be used by EFM UK Ltd to assist in the management or maintenance of client accounts (such as i.e. Sage and/or other system used).
• Client information may be released to Client’s accountancy, legal and other third-party representatives at Client’s direction;
• Client information may be released in accordance with applicable laws and regulations.

We will not share non-public personal information about our clients with non-affiliated third parties without prior client consent, except for specific purposes described below. This notice explains our collection, use and safeguarding of client information.

How EFM UK Ltd Gathers, uses and Shares Information: 

In connection with providing clients with legal advice and support, we may obtain information about them from the following sources:

• Client agreements and other information that clients provide to us, whether in writing, in person, by telephone, electronically or by any other means. This information may include a client’s name, address, phone number, email address, National Insurance (social security) number, employment information, income, investment experience, and credit references;
• Personal and business documentation provided by the client;
• Work completed on a client’s behalf. This information may include the client’s details and other confidential business information;
• Consumer reporting agencies. This information may include account information and credit history; and
• Public sources.

The sources as detailed above are necessary to provide services and to conduct clients, and EFM UK Ltd, business operations and also for the processing of data to allow EFM UK Ltd to provide and conduct client and business operations such as the:

• personalisation of content, business information or user experience
• account set up and administration
• delivering marketing and events communication
• carrying out polls and surveys
• internal research and development purposes
• providing goods and services
• legal obligations (e.g. prevention of fraud)
• meeting internal audit requirements

Please note these lists are not exhaustive. However, all necessary steps and actions have been taken to ensure stringent safeguards are in place to protect all data held by EFM UK Ltd

Where do we store and process personal data?

Data that is held, processed and stored will be done so as accordance to our privacy policy and the applicable law of the country where data is located.

No information will be accessible to anyone other than an authorised person(s) within EFM UK Ltd, and controls including door entry systems are in place to ensure a high level of protection.

Please note that currently no information is shared outside of the European Economic Area, however from time to time to ensure and provide services we may pass personal data such as your name and email address to other services that we use to send out newsletters and other communications and/or marketing (both electronic and print). However, your personal data will remain in the EU or countries considered by the EU to have equivalent policies such as Jersey, Guernsey, Switzerland, New Zealand and Canada. Companies based in the USA that have certified with the EU-US Privacy Shield programme are also considered to be permitted destinations by the EU (this includes popular US products like Gmail, DropBox and MailChimp).

How do we secure personal data?

Measures have been taken through our IT systems and electronic/print systems to ensure that EFM UK Ltd protects data against:

• accidental loss
• the prevention of unauthorised access, use, destruction or disclosure

EFM UK Ltd has further committed to ensure:

• business continuity and disaster recovery
• the restriction of access to personal information is only for those required to access it during the course of processing and providing necessary business
• the conduct of a privacy impact assessment in accordance with the law and business policies
• all staff and contractors are trained on data security
• that there is management of third party risks, through use of contracts and security reviews

Please note this list is not exhaustive, however EFM UK Ltd works within the strict guidelines set out in this policy and its own standards.

How long do we keep your personal data for?

The GDPR requires that EFM UK Ltd retains data for no longer than reasonably necessary. Information will be retained for a period of 6 years. This will be in conjunction with current laws and contractual obligations.

Our Privacy Policy continues to apply to all former clients, and data will be confidentially shredded by a certified company after a period of 6 years.

Your rights in relation to personal data:

Under the GDPR, EFM UK Ltd respects the right of data subjects (clients and others whom we hold data on) to access and control their personal data, including (but not limited too):

• access to your own personal information
• correction and deletion
• withdrawal of consent (if processing data on condition of consent)
• data portability
• restriction of processing and objection
• lodging a complaint with the Information Commissioner’s Office

Should you wish to make a request in relation to your own personal data please do so in writing to our Data Officer Mr Stephen Ellmore, where a response will be given within one month.

Please be aware that in certain circumstances data subject rights may be limited:

• if fulfilling the data subject request may expose personal data about another person,
• or you request data to be deleted which we are required to keep by law,
• it is not possible to identify the subject (client, persons or information required)

What legal basis do we have for processing your personal data?

The “General Data Protection Regulation” (GDPR) is the primary piece of legislation defining your rights over our processing of your personal information. The GDPR requires us to declare which of six “lawful reasons” we are relying on when we are processing your personal data:

• consent

when responding and dealing with queries and work which allows EFM UK Ltd to complete actions for the purpose of business operations and services, and any other emails, newsletters and electronic or written material which may be of information to you and relates directly to EFM UK Ltd or changes in current statutory legislation,

• legitimate interests

for the completion of work and work-related matters which amount to our need for the purpose of business operations and services

• vital interests, public task, legal obligation

to comply with current law including (but not limited to) anti money laundering and to ensure EFM UK Ltd remains compliant at all times with current law, statute and legislation.

Sharing Information with Non-affiliated Third Parties: 

We only disclose non-public client information to non-affiliated third parties when we believe it necessary for our provision of services to you or as required or permitted by legislation, such as:

• If you request or authorise the disclosure of the information;
• To provide client account services or account maintenance;
• To respond to a subpoena or court order, judicial process, law enforcement or regulatory authorities;
• To perform services for the firm or on its behalf to develop or maintain proprietary trading or other software;
• In connection with a proposed or actual sale, merger, or transfer of all or a portion of our business or an operating unit;
• To help us prevent fraud;
• With rating agencies, persons assessing compliance with industry standards, or to the attorneys, accountants and auditors of the firm;
• To comply with legislation, statutes, rules and other applicable legal requirements; and

We do not make any disclosure of client non-public personal information to other companies who may want to sell their products or services to you. For example, we do not sell client lists and we will not sell client names to catalogue companies.

Opt Out Provision: 

If, at any time in the future, it is necessary to disclose any client personal information in a way that is inconsistent with this policy, we will give our clients advance notice of the proposed disclosure so that they will have the opportunity to opt out of such disclosure. We believe that sharing client private information under the circumstances noted above is either mandated by law or necessary for us to conduct our business and to best service client accounts. Clients desiring to opt out of the above disclosures should contact us immediately and we will terminate our agreement with you and arrange for you transfer your account.  If, at any time in the future, it is necessary to disclose any of client personal information in a way that is inconsistent with this policy, we will give our clients advance notice of the proposed disclosure so that they will have the opportunity to opt out of such disclosure.

How to contact us?

We take steps to safeguard client information.  We restrict access to the personal and account information of our clients to our employees and agents for business purposes only. We maintain physical, electronic and procedural safeguards to guard your personal information. Additionally, we have internal controls to keep client information as accurate and complete as we can.  If you believe that any information about you is not accurate, or you wish to discuss this policy, and how it is applied further, please contact our Data Officer Mr Stephen Ellmore either via the EFM UK Ltd contact us page online, by email or postal mail.

To Whom This Policy Applies: 

This Privacy Policy applies to individuals who obtain or have obtained services from any area of the EFM UK Ltd.

Use of cookies and other technologies Inc. Linking to other websites / third party content:

We may use Google Analytics to monitor how our website is being used so we can make improvements. Our use of Google Analytics requires us to pass to Google your IP address (but no other information) – Google uses this information to prepare site usage reports for us, but Google may also share this information with other Google services. In particular, Google may use the data collected to contextualize and personalize the ads of its own advertising network. This also applies to our use of Microsoft. Their Privacy policies are available on their own company websites.

Other Information: 

We reserve the right to change this Statement of Privacy Policy. The examples contained within this Privacy Policy are illustrations and they are not intended to be exclusive.