Privacy & cookies
There are many different ways you may interact with our website and our services. We want you to be clear on how we are using your information and the ways in which you can protect your privacy.
You have the right to object to us using your information for our organisation's legitimate purposes. For more information about our organisation’s legitimate purposes for using your information, and your rights and how you can exercise them, please see the How and why we use your information and Your rights and transparency sections below.
- Who we are
- The information we collect
- How and why we use your information
- Who we share your information with
- How we protect your information
- How long we keep your information
- Your rights and transparency
- How to make a complaint
- How you can contact us
- Other websites
Who we are
We are the controller of your information.
The information we collect
In order that we can provide you with a service that meets your precise financial needs, we obtain certain information about your personal and financial situation.
We collect the following information:
- Internet Protocol (IP) address. This information is collected passively when you use our website or client portal.
- Use of our website. This information is collected through cookies as further explained in our Cookies Policy.
- Identity details (such as your name, age, date of birth, gender and national insurance number). This information is collected directly from you when you complete forms on our website or provide the information directly to us.
- Contact details (such as your email, phone number, mobile number, address and social media identifier). This information is collected directly from you when you complete forms on our website or provide the information directly to us.
- Verification documentation. This information is collected from you to assist us with verifying your identity and contact details.
- When you apply for a client account with us:
- Employment details.
- Family details.
- Information regarding your current health condition.
- Associated third parties (such as your spouse, children or beneficiaries of trusts).
- Financial details (such as source of wealth, existing investments, tax returns or bank details).
- Details concerning your attitude to risk. This information may be collected through you completing a questionnaire with guidance from our team.
- Lifestyle information (such as hobbies and interests). We collect this information so that we can better tailor any material we may send to you.
- Account activity. This information is generated and collected through the provision of our services to you.
Additionally, we may be provided with the information listed above by:
- your relatives and other mutual contacts;
- your parent(s) or legal guardian;
- Trustees of a trust you are connected with;
- trust beneficiaries;
- your registered agent or introducer;
- consumer reporting and anti-fraud agencies; or
- insurers, banks, registrars, custodians, credit reference agencies and other financial institutions.
How and why we use your information
We only ever use your information where:
- we have determined that we have a legitimate business interest in doing so and your right to privacy is not overridden (you have the right to object to this should you wish);
- we need to do so as part of performance of our contract with you or to take steps at your request in order to enter into such contract;
- where we have a legal obligation to do so; or
- you have provided your consent for a specific purpose (which you may withdraw at any time).
Where you wish to enter into or have signed a contract with us to provide products and services, we will use your information to enable us to enter into and perform the contract. For our clients, the use of your information may be required in order to fulfil our contractual or regulatory obligations. Therefore, if you do not provide this information or restrict our use of it then we may not be able to provide certain services to you.
We have a legitimate business interest to use the information we collect from you for the following purposes:
To identify you
We use the identifying and verification information you provide in order that we can manage your account in a manner that is suitable for your needs and to comply with our legal and regulatory requirements.
This information is recorded within our customer relationship and portfolio management systems.
To communicate with you
We use the contact information you provide so that we may appropriately communicate with you in the course of providing services to you or providing you with the information that you request from us.
To determine the suitability of certain products and services for you
We use the following information you provide so that the services we offer you more precisely fit your financial requirements:
- employment details;
- family details;
- information regarding your current health condition, which we use for internal purposes only;
- associated third parties (such as your spouse, children or beneficiaries of trusts);
- your financial experience and background with investment;
- financial details (such as source of wealth, existing investments, tax returns or bank details).
We also use your information to assess your attitude to risk to help us determine the appropriate products and services to discuss with you. As this process involves us creating a profile of your risk appetite, you have the right to object to us doing so, however this may limit our ability to provide you with products and services. We do not make any automated decisions based on the outcome of this risk profiling process.
To manage the relationship between you and financial service providers
We use your information as part of connecting you with financial service providers as part of our service.
To comply with our legal and regulatory obligations
In certain circumstances, we use your information (only to the extent required) in order to enable us to comply with our legal obligations, including share your information with law enforcement agencies, regulators (for example, the Financial Conduct Authority), courts or other public authorities if required to do so by law.
As a record of all telephone calls and other electronic communications
For marketing purposes
Where you have consented to us doing so (and have not withdrawn your consent), we may:
- contact you to ask how satisfied you are with our service;
- contact you for marketing events you may be interested in;
- send you information to keep you appraised of news and insights about JM Finn’s services.
You may object to us making contact for marketing purposes or sending you marketing materials at any time.
If you would like us to stop sending marketing messages to you, we offer simple ways to do this. Whenever you receive direct marketing you will be told how you can unsubscribe. You can also choose ‘unsubscribe’ on any email marketing communications we send to you to tell us to stop sending marketing communications to you.
To maintain our records and improve data accuracy
Like any organisation, we handle information in the course of maintaining and administering our internal records. This includes using your information to ensure that the information we hold about you is kept up to date and accurate.
To investigate and respond to complaints and disputes
We use your information to help us investigate and respond to any complaints you have made, or deal with any dispute, which may arise in the course of us providing our services to you, in the most effective manner. We may also use your information to provide evidence in any dispute or anticipated dispute between you and us.
For risk management, training and service improvement purposes
We use your information to inform our risk monitoring and performance processes and so that we can continuously improve our training programs, systems, processes and service offerings.
For internal business purposes
We use your information as part of our internal business processes which may include business and disaster recovery, document retention/storage, IT service continuity (e.g. back-ups and helpdesk assistance) to ensure the quality and reliability of the services we provide to you.
To facilitate corporate transactions
From time to time, we may sell one or more of our businesses or product/service lines to another entity, and your information may be transferred as a part of that purchase or sale. Any new provider will continue to use your information for the same purposes unless you are notified otherwise. We may also share your information with prospective purchasers of our business or products/services and their professional advisers, but will ensure that appropriate safeguards are in place to protect your information in such circumstances.
To track interaction with our website and emails
Please see our Cookies Policy for further information.
Things we don’t do
In no instances do we:
- sell your information to a third party for financial gain; or
- use automated decision making, including profiling technology, to automatically make decisions about you.
Who we share your information with
To fulfil our commitments to you, we share your information with several third party organisations who perform certain tasks on our behalf. Information is only shared with these third parties to the extent necessary in order to enable them to provide the services required on our behalf. These third parties act on our instructions and are processors of your information. These organisations:
- perform services such as printing and distributing our newsletter, hosting our events and process inbound web enquires;
- provide financial crime prevention or credit reference services (where this is a requirement of us providing the services to you);
- provide essential IT services;
- calculate, print and distribute client reports, contract notes and valuations;
- provide the software we use to assess your financial needs;
- are banks, registrars and custodians that we use to securely hold your assets;
- are approved providers of financial products;
- provide analytics and search engine operations that assist us with the improvement and optimisation of our website; and
- provide us with professional advice (such as our accountants, lawyers and compliance consultancies).
We also may share your information with third parties you have a direct contractual relationship with (such as your appointed agent) or to assist in facilitating your acquisition of a third party’s products and services. In these instances the third party is likely to also be a controller of your information for their own purposes. We ensure that we have in place strong data sharing protocols with these third parties to govern and guide the sharing of your information in these circumstances.
In addition, we meet our regulatory and reporting obligations, we may be required to share your information with:
- our parent company (which is based in Belgium);
- the FCA and any regulatory or tax authority we may be subject to.
We require all third party processors to take appropriate steps to protect your information and only use your information for the purposes of performing the relevant services.
Our parent company and some of our services providers are based overseas and potentially outside of the EEA. In these instances, we take appropriate measures to ensure that your information is processed in accordance with data protection legislative requirements.
How we protect your information
The security and confidentiality of your information is extremely important to us. We have technical, administrative, and physical security measures in place to:
- protect your information from unauthorised access and improper use;
- secure our IT systems and safeguard the information; and
- ensure we can restore your data in situations where the data is corrupted or lost in a disaster recovery situation.
Where appropriate, we use encryption or other security measures which we deem appropriate to protect your information. We also review our security procedures periodically to consider appropriate new technology and updated methods. But, despite our reasonable efforts, no security measure can ever be perfect or impenetrable.
Please contact our Data Protection Manager if you would like further information in this area.
How long we keep your information
We retain your information for no longer than is necessary for the purposes for which it was provided. What this means in practice will vary between different types of information.
Our policy is to retain your information as follows:
- if an application for a client account is rejected by us or you do not proceed with the application, your information is retained for a period determined by us based on the factors below before it is reviewed and securely deleted (provided that, where you have consented, we may retain contact details for you for the purposes of providing promotional materials to you in the future);
- if you are not a client of ours, your contact details are held until you notify us that you no longer wish to remain on our marketing list (provided that we may hold details of your choice to not receive promotional materials from us so that we can comply with your wishes);
- if you are a client, during the period of time we provide you services;
- where you have ceased to be a client, your information is retained for a period determined by us based on the factors below before it is reviewed and securely deleted by us (provided that, where you have consented, we may retain contact details for you for the purposes of providing promotional material to you in the future);
When determining the period for retaining your information, we take into account factors including:
- whether there are any existing obligations we may owe you or you may owe us;
- whether you require any follow-up communications;
- the likelihood for potential or actual disputes;
- legal obligation(s) under applicable law to retain data for a certain period of time; and
- guidelines issued by relevant data protection authorities.
Your rights and transparency
You have the following rights regarding your information:
Right to be informed
Right of access
|Right to correct your information||
You are entitled to have your information corrected if it is inaccurate or incomplete.
If you tell us in writing that the information we hold on you is incorrect, we will review it and if we agree with you, we will correct our records. If we do not agree with you we will let you know. If you wish, you can tell us in writing that you believe our records still to be incorrect and we will include your statement when we give your information to anyone outside JM Finn.
Due to legal privilege, we may not be able to show you anything that we learned in connection with a claim or legal proceeding.
Right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. Please note, there are exceptions to this (for example, we have the right to continue using your information if such usage is necessary for compliance with our legal obligations).
Right to restrict processing
You have the right to ‘block’ or suppress further use of your information in certain circumstances (for example, where you think the information we are using about you is inaccurate, whilst we verify its accuracy). When usage is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
Right to data portability
You have the right to obtain and reuse your information in a structured, commonly used and machine-readable format in certain circumstances when we use your information on certain legal grounds, such as consent. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
The right to data portability does not apply to information which it is necessary for us to process for our organisation’s legitimate purposes. Please see the section How and why we use your information to read about the circumstances in which we use your information on the basis of consent or for our organisation’s legitimate purposes.
Right to object to processing on the grounds of legitimate interests
You have the right to object to us using your information for our organisation’s legitimate purposes. Please see the section How and why we use your information to read about the circumstances in which we use your information for our organisation’s legitimate purposes.
You also have the right to object to us using your information to create a profile of your risk appetite.
Right to withdraw consent to processing
If you have given your consent to us to use your information for a particular purpose, you have the right to withdraw your consent at any time (although if you do so, it does not mean that any use of your information up to that point is unlawful).
For processing activities where we rely on your consent, you are able to withdraw consent that consent at any time. This can be done by contacting your JM Finn representative or the JM Finn marketing team at firstname.lastname@example.org or by contacting our Data Protection Manager.
Right to make a complaint to the data protection authorities
You have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we have handled your information or believe our use of your information does not comply with data protection law.
For more information about your rights or if you would like to exercise any of your rights, you are welcome to contact us at the contact details set out below under How you can contact us.
How to make a complaint
We try to meet the highest standards when collecting and using information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
If you want to make a complaint about how we have handled your information, please contact the Data Protection Manager at:
J.M. Finn & Co. Ltd
25 Copthall Avenue
If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner's Office (ICO) through:
- writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF;
- calling: 0303 123 1113; or
- submitting a message through the ICO’s website at: www.ico.org.uk
How you can contact us
You can contact us by contacting our Data Protection Manager at:
J.M. Finn & Co. Ltd
25 Copthall Avenue
We are registered as a data controller with the Office of the Information Commissioner. Our registration details can be found here
There are many different ways you may interact with our website and we want you to be clear on how we are using your information and the ways in which you can protect your privacy.
If you wish, you may disable Cookies at any time – see the How you can turn Cookies Off section. However, if you do disable Cookies, certain features of our website may not work as intended or you may not be able to access secure parts of our website.
Our Cookies Policy explains (please click on each link to find out more):
Who we are
What are cookies?
Cookies we use
How you can turn Cookies off
How you can contact us
Changes to this Cookies Policy
Who we are
In this Cookies Policy when we say “we”, “us” or “JM Finn” we mean J.M. Finn & Co. Ltd, a company registered in England and Wales at 25 Copthall Ave, London, EC2R 7AH with company number 05772581.
What are cookies
Cookies are small files of letters and numbers which contain information that is transferred to your computer's browser or hard drive. We use this information to distinguish you from other users and to identify browsing actions and patterns in order to improve our website and client portal.
Cookies we use
We use a variety of cookies at any given time which can generally be categorised as follows:
Necessary cookies: ones that enable visitors to log in to our client portal securely.
Analytical cookies: we use Google Analytics to help us learn how our visitors use the site and to optimise it for improved user experience.
Functionality cookies: we may use these to remember your preferences where relevant.
Cookies used at the time of this policy date and the time they remain on your browser, are as follows:
_ga 2 years
bcookie 2 years
BizoID 179 days
bscookie 2 years
UserMatchHistory 179 days
How you can turn cookies off
The default setting on most browsers is to accept cookies, but these can be turned off within the Tools function of your browser; to find this you can visit the Help function. For more detailed information please visit www.aboutcookies.org.
How you can contact us
You can contact us by contacting our Data Protection Manager at:
J.M. Finn & Co. Ltd
25 Copthall Ave
We are registered as a data controller with the Office of the Information Commissioner. Our registration number is Z9442993.
We keep our Cookies Policy under regular review. From time to time we may update this Cookies Policy, and when we do we will publish the changes on our website.
This Cookies Policy was last updated on 24 May 2018.