As a financial services company we have an important responsibility to protect the data you share with us and ensure your privacy is maintained. This document is intended to help you understand what information we collect, how we use it and how you can control that information.
Where we refer to “Octopus MoneyCoach”, “we”, “us” or “our”, we mean TW11 Wealth Management Limited, a Company registered in England (No. 10339119). TW11 Wealth Management Limited is authorised and regulated by the Financial Conduct Authority (FCA). The firm reference number is 763630.
Information we collect about you
|Information Collected||When We Collect It|
|Your name and contact details (email, phone number)||When you contact us through the Octopus MoneyCoach website|
When you enquire about Octopus MoneyCoach through marketing partners or services (e.g. VouchedFor)
|Your name and work email address||When your employer introduces Octopus MoneyCoach as an employee benefit, and asks us to email you on their behalf.|
|Information about your finances including:|
– Income and Expenditure
|To create your financial plan|
When you use the Octopus MoneyCoach financial planning tool
When you use the Octopus MoneyCoach financial services
|Payment information / Bank Account information||When you choose to pay for Octopus MoneyCoach through Direct Debit|
When you claim the Octopus MoneyCoach Referral Reward
|Employment information, including your current employer and occupation||When signing up to Octopus MoneyCoach and/or when creating your financial plan|
|Communications we have with you(emails, online chat, letters, telephone call recordings, audio recordings from in person meetings)||When you get in touch with us|
When you have a coaching session or other communication with a Financial Coach
When you respond to requests for feedback
|Information about your location and how you use our website||When you use the Octopus MoneyCoach website or Octopus MoneyCoach financial planning tool|
When you update your account
When you open our emails
|Information publicly available on your social profiles||When you like or otherwise interact with us on Facebook, Twitter or LinkedIn|
|Sensitive data including sexual orientation and health information||When creating your financial plan|
When providing our Insurance & Protection Service
How we use information that we collect
To store and process the information that we collect about you, we are required to have a legal basis for doing do. Below is a summary of the ways that your personal information might be processed, and our justification for doing so.
|What we use your information for||Legal basis||Our legitimate interest|
|To build and update financial plans||To fulfil our contract with you|
|To provide financial services to you||To fulfil our contract with you|
|Referring you to a third party provider of financial services as part of the Octopus MoneyCoach service||To fulfil our contract with you|
|Communicating with you as part of the Octopus MoneyCoach service||To fulfil our contract with you|
|– Ensure our clients are aware of all of the services available to them through Octopus MoneyCoach|
– To notify clients of changes to legislation, tax rules or other things that will affect their finances and/or where some action would improve their finances.
– To encourage clients to recommend Octopus MoneyCoach to their friends and/or colleagues
|Referring you to a non-Octopus MoneyCoach financial adviser||Legitimate interest||– To ensure clients get financial advice in the event that Octopus MoneyCoach turns out not to be suitable for their needs.|
|To inform you about our news and offers you might be interested in||Legitimate interest||– To develop our products and services.|
– To keep you informed about services offered by Octopus MoneyCoach.
|To carry out research and development|
To test new products and services
|Legitimate interest||– Identify ways to improve our services|
– Be efficient about how we fulfil our contracts, provide our services and fulfil our legal duties
|To process, respond to and resolve feedback and/or complaints||Legitimate interest||– Identify ways to improve our services|
– Be efficient about how we fulfil our contracts, provide our services and fulfil our legal duties
|To ensure compliance with our legal obligations as a regulated financial advice firm||We have a legal duty|
|To detect and prevent fraud and/or financial crime||We have a legal duty|
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the service.
To withdraw your consent or object to our processing of your data, please send us an email at firstname.lastname@example.org
How we share information that we collect
We will never share, trade or sell your information to any third party except when it is directly involved in the provision of the Octopus MoneyCoach Services you have requested, or where you have given us explicit permission in advance.
Sharing anonymised or aggregated data
We will from time to time share data with partners, other third parties and/or publicly which shows how the Octopus MoneyCoach service is used and any feedback we have received about Octopus MoneyCoach. All personal information used for this purpose will either be anonymised and/or used in aggregate such that no individual person will be identifiable.
Sharing information with third party providers of Financial Services as part of the Octopus MoneyCoach Service
Some of the financial services included as part of the Octopus MoneyCoach Service are delivered by a third party service or financial adviser. We select our partners carefully to ensure they offer a high quality service and are the most suitable option for our clients.
To ensure that clients receive the best possible customer experience, we will share the information those third parties will require in order to contact you and deliver the services required.
For example, a client who needs a mortgage would be referred to our specialist whole of market mortgage broker. We would share information about the client’s name, contact details and relevant financial information that the mortgage broker will need to get a mortgage quote.
We may also request permission to share sensitive information about you to those third parties where the information is essential to carrying out the requested service. For example when referring you to our Protection Specialist we will request permission from you to let them know about any health conditions you have told us about. This information will only be shared with your explicit consent.
How we store and secure information that we collect
Security of your personal information
The transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data whilst it is being transmitted to or from our site; any transmission is at your own risk.
Personal data will be held by Octopus MoneyCoach using appropriate safeguards to maintain its privacy and security. For example, we use https on the Octopus MoneyCoach website, ensuring that data entered cannot be be viewed by a third party. Octopus MoneyCoach data is hosted on Amazon Web Services (AWS), a highly scalable cloud computing platform with end-to-end security and privacy features built in. See https://aws.amazon.com/security/ for details. We are careful to ensure that client data can only be accessed by vetted staff members within the office.
If you have specific questions about Octopus MoneyCoach’s security policies and procedures, or believe you have found a security issues that has not been sufficiently addressed, please email email@example.com
Where your data is stored
The vast majority of personal data stored by Octopus MoneyCoach is held within the UK and Ireland. However, we do use a number of third party services which store and process data in the USA. We have implemented a number of processes and policies to ensure that the security and privacy processes and policies of our third party services are at least as protective as our own.
We also have written contracts with every third party to ensure compliance with GDPR and ensure your rights are protected. We review our third party services at least annually to ensure ongoing compliance.
If you have any questions or concerns about the storage of your data, please contact us at firstname.lastname@example.org
How long we keep information
The length of time that we store information we have collected about you depends on the type of information and what it was collected for.
As a regulated financial advice firm we are required to demonstrate that we are compliant with the laws and regulations related to providing financial advice. Therefore, we will retain a record of our clients, their financial plans and the financial services we provide for an indefinite period.
All other information will be retained for as long as required for the uses outlined above. When your information is no longer needed, we will either delete or anonymise your information.
Under the terms of the General Data Protection Regulation (GDPR) you have the following rights:
- You can ask us for a copy of the personal information we hold about you; we will provide this free of charge.
- You can inform us of any changes to your personal information, or if you want us to correct any of the personal information we hold about you.
- In certain situations, you can ask us to erase the personal information we hold about you, or object to particular ways in which we are using your personal information. Please note that we may need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law.
- Where we are using your personal information on the basis of your consent, you are entitled to withdraw that consent at any time.
- Moreover, where we process your personal information based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal information by contacting email@example.com
For security reasons we may ask for proof of your identity before we disclose information about you, or to you, via email or over the telephone.