Data Privacy Notice

We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data and on how to contact us and supervisory authorities in the event you have a complaint.

1. Who we are

Milsted Langdon Financial Services Limited collects, uses and is responsible for certain personal data about you. When we do so we are required to comply with data protection regulation and we are responsible as a data controller of that personal data for the purposes of those laws.

When we mention “we”, “us” or “our” we are referring to Milsted Langdon Financial Services Limited.

Milsted Langdon Financial Services Limited is a company registered in England and Wales (company number 3953890) whose registered office is at Winchester House, Deane Gate Avenue, Taunton, TA1 2UH. Milsted Langdon Financial Services Limited is authorised and regulated by the Financial Conduct Authority and is entered on the Financial Services Register (registration number 126457).

We provide you with advice in relation to investments, pensions, business exit planning and inheritance.

2. The personal data we collect

In the course of providing our service to you we may collect the following personal data when you provide it to us:

  • contact information
  • identity information
  • financial information
  • employment status
  • lifestyle information
  • health information
  • data about criminal confiscations or offences
  • details of any vulnerability
  • details of your dependants and/or beneficiaries under a policy. (If you are providing information about another person we expect you to ensure that they know you are doing so and are content with their information being provided to us. You might find it helpful to show them this privacy notice and if they have any concerns please contact us in one of the ways described below.)
  • product details

Information collected from other sources

We also obtain personal data from other sources in the course of providing our intermediary services. Where we obtain this information from another party it is their responsibility to make sure they explain that they will be sharing personal data with us and, where necessary, ask permission before sharing information with us.

The personal data we obtain from other sources may include the following:

  • from lenders and/or product provides – product details
  • from identification and verification checking agencies – identity information and/or sanction check information

3. How we may use personal data we hold about you

We may process your personal data for purposes necessary for the performance of our contract with you,  your employer, our clients, and to comply with our legal obligations. This may include processing your personal data where you are an employee, subcontractor, supplier or customer of our client.

We may also process your personal data for the purposes of our own legitimate interests provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data. This includes processing for marketing, business development, statistical and management purposes.

Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.

Situations in which we will use your personal data

We may use your personal data in order to:

  • carry out our obligations arising from any agreements entered into between you, your employer, our clients, and us (which will most usually be for the provision of our services);
  • carry out our obligations arising from any agreements entered into between our clients and us (which will most usually be for the provision of our services) where you may be a subcontractor, supplier or customer of our client;
  • provide you with information related to our services and our events or seek your thoughts and opinions on the services we provide (such as our client survey); and
  • notify you about any changes to our services.

In some circumstances we may anonymise or pseudonymise the personal data so that it can no longer be associated with you, in which case we may use it without further notice to you.

We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.

Special category data

Certain types of personal data are considered more sensitive and so are subject to additional levels of protection under data protection legislation. These are known as ‘special categories of data’ and include data concerning your health, racial or ethnic origin, genetic data and sexual orientation. Data relating to criminal convictions or offences is also subject to additional levels of protection.

We may process:

  • health information and lifestyle information when providing intermediary services in relation to a protection insurance product; and/or
  • criminal conviction or offence information when providing intermediary services in relation to a general insurance product
  • any other processing for the purpose of advising on, arranging or administering an insurance contract

In addition to the lawful basis for processing this information set out in the above table, we will be processing it either (i) for the purpose of advising on, arranging or administering an insurance contract or (ii) for the establishment, exercise or defence of legal claims.

In the course of our activities relating to the prevention, detection and investigation of financial crime, we may process criminal conviction or offence information. Where we do so, in addition to the lawful basis for processing this information set out in the above table, we will be processing it for the purpose of compliance with regulatory requirements relating to unlawful acts and dishonesty.

Marketing

We would like to send you information about our services which may be of interest to you.  We strive to provide you with choices regarding certain personal data uses, particularly around marketing.

You have a right at any time to stop us from contacting you for marketing purposes.  If you have received marketing communications by email from us, those communications will contain an unsubscribe link to change your marketing preferences or unsubscribe from marketing communications altogether.

To manually opt out you can also email privacy@mlifa.co.uk

Whether information has to be provided by you, and if so why

We will tell you if providing some personal data is optional, including if we ask for your consent to process it. In all other cases you must provide your personal data in order for us to provide you with intermediary services.

4. Data retention

We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.

When assessing what retention period is appropriate for your personal data, we take into consideration the requirements of our business and the services provided, any statutory or legal obligations and the purposes for which we originally collected the personal data.

5. Change of purpose

Where we need to use your personal data for a reason, other than for the purpose for which we originally collected it, we will only use your personal data where that reason is compatible with the original purpose. If we need to use your data for a new purpose we will notify you and communicate our legal bases for this new processing.

6. Data sharing

We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so. This may include sharing your personal data with a regulator or to otherwise comply with the law.

“Third parties” includes third-party service providers and other entities within our group or the members of our firm’s network. The following activities are carried out by third-party service providers: IT and Cloud consultancy services, workplace pensions, financial services, cost management and accounts preparation services and other tax advisory services. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.

We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.

Transferring personal data outside the European Economic (EEA)

We will not transfer your personal data outside of the European Economic Area (EEA) or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

7. Data security

We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

8. Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.

Your rights in connection with personal data

Under certain circumstances, by law you have the right to:

  • Request access to your personal data. This enables you to receive details of the personal data we hold about you and to check that we are processing it lawfully.
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this basis. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to you or another data controller if the processing is based on consent, carried out by automated means and this is technically feasible.

If you want to exercise any of the above rights, please email our data protection point of contact at Privacy@mlifa.co.uk.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee for the administrative costs of complying with the request if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

9. Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email our data protection point of contact  at Privacy@mlifa.co.uk.

Once we have received notification that you have withdrawn your consent, we will no longer process your personal information (personal data) for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

10. Changes to this notice

Any changes we may make to our privacy notice in the future will be updated on our website at here.

This privacy notice was last updated on 16 December 2020.

11. Contact us

If you have any questions regarding this notice or if you would like to speak to us about the manner in which we process your personal data, please email privacy@mlifa.co.uk.

or write to:

Head of Privacy Milsted Langdon Financial Services Limited, Winchester House, Deane Gate Avenue, Taunton, TA1 2UH

You also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s  contact details are as follows:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone – 0303 123 1113 (local rate)

Website – https://ico.org.uk/concerns