TU FINANCIAL MANAGEMENT SERVICES LIMITED   

PRIVACY NOTICE

1. INTRODUCTION

TU Financial Management Services Limited (“TUFMS”, “we”, “are” and “us”) is committed to protecting the privacy and security of the Personal Data that we hold.

This notice is intended to explain how we collect, use and protect your Personal Data.

2. WHO WE ARE

TUFMS is a UK based investment manager authorised and regulated by the Financial Services Authority.

TUFMS is committed to handling Personal Data fairly and lawfully and takes its data protection obligations very seriously. TUFMS ensures that it processes Personal Data in compliance with applicable data protection laws, including without limitation, the Data Protection Act 2018 (“the Act”).

3. WHAT IS PERSONAL DATA AND WHAT DATA DOES TUFMS HOLD?

We define Personal Data as “data relating to living, identifiable individuals”. The information we collect and hold can be categorised as follows:

Employees and Prospective Employees – includes, but is not limited to, contact details, identification information, bank account details, background checks, employment history, performance information, remuneration, healthcare and pension arrangements.

Clients and Prospective Clients – includes, but is not limited to, contact details, identification information, bank account details, background checks, transaction histories etc.

Service Providers, Suppliers and Contractors – the names and business contact details of the individuals we interact with at our service providers, suppliers and contractors together with background and identification information that we are required to collect.

Other Business Partners / Contacts (e.g. banks, insurance brokers, trustees lawyers, accountants, local authorities, trade union movement, regulators, HMRC, law enforcement etc.) – the names and business contact details of the individuals we interact with at these entities together with background and identification information that we are required to collect.

4. HOW IS PERSONAL DATA COLLECTED?

TUFMS uses different methods to collect Personal Data including the following:

• personal details provided directly by directors, employees, clients, suppliers & contractors and other business contacts; and
• information from third parties and publicly available sources e.g. Companies House, Registrars and Background Check Providers.

It should be noted that the TUFMS website does not capture or record any Personal Data relating to website users/visitors.

5. HOW DO WE USE PERSONAL DATA?

The Personal Data we obtain and hold is used to enable us to:

• provide investment, management and administration services to our clients;
• fulfil our contractual and other obligations to employees, suppliers, contractors and other business partners; and
• meet our legal and regulatory obligations.

Under the Act, a firm must have a legal basis / justification for processing data.  In the vast majority of instances, TUFMS will have one of the following justifications:

• Performance of a contract;
• Compliance with legal obligations; and
• Legitimate business interests – in this instance the processing must be “necessary” and must balance the interests of the controller with the rights of the individual.

We may combine the Personal Data that we collect from Data Subjects with information obtained from other sources to the extent permitted by law.

It is important that the Personal Data we hold is accurate and current and therefore the Data Subject should advise us as soon as possible in the event of any changes.

6. TO WHOM DO WE DISCLOSE PERSONAL DATA?

We will only use a Data Subject’s Personal Data for our internal business purposes. This includes the provision of marketing related correspondence to the Data Subject on our products and services.

We do not sell any Personal Data to third parties and we do not share Personal Data with third parties for the third parties’ marketing purposes.

However, we may need to disclose Data strictly on a need to know basis to our service providers, contractors, suppliers and other parties such as banks, brokers, registrars, lawyers, accountants, actuaries, regulators and HMRC.

7. WHAT DO WE DO TO KEEP PERSONAL DATA SECURE?

We have put in place appropriate physical and technical measures to safeguard the Personal Data we collect in connection with our services.  In addition, we limit access to Personal Data to those employees, directors, agents, contractors and other third parties who have a business need to know. They will only process Personal Data on our instructions and are subject to a duty of confidentiality.

However, please note that although we take appropriate steps to protect Personal Data no device, computer system, transmission of data or wireless connection is completely secure and therefore we cannot guarantee the absolute security of Personal Data.

8. INTERNATIONAL TRANSFER OF DATA

The Personal Data that we collect may be stored and processed in the European Economic Area (“EEA”) or transferred to, stored at or otherwise processed outside the EEA.

Where Personal Data is transferred outside the EEA we will take all steps reasonably necessary to ensure that the Data is kept secure and treated in accordance with this Data Protection Notice and the requirements of applicable law wherever the data is located. Appropriate transfer agreements and mechanisms (such as the EU Model Clauses) will be put in place to help ensure that our third party service providers provide an adequate level of protection for Personal Data. We will only transfer Personal Data outside the EEA in accordance with applicable laws or where the Data Subject has given us consent to do so.

9. DATA RETENTION – HOW LONG IS PERSONAL DATA STORED / KEPT?

TUFMS retains Personal Data for as long as necessary to fulfil the purposes for which the Data has been collected as outlined in this Data Protection Notice unless a longer retention period is required by law. Data is kept under regular review to ensure that it is not held longer than is strictly necessary, whilst taking account of TUFMS’s other regulatory obligations such as the requirement to retain evidence of anti-money laundering checks.

When Personal Data is no longer required for the purpose it was collected or as required by applicable law, it will be deleted or in certain circumstances returned to the Data Subject in accordance with applicable law.

10. ACCESSING PERSONAL DATA AND OTHER RIGHTS THAT A DATA SUBJECT HAS

TUFMS will collect, store and process Personal Data in accordance with the Data Subject’s rights under the Act. Under certain circumstances the Data Subject has the following rights in relation to their Personal Data:

• the right to request details of their Personal Data held by TUFMS and to request copies of such information;
• where TUFMS’s use of Personal Data is based upon their consent, the right to withdraw such consent at any time;
• the right in certain circumstances to request TUFMS to port (i.e. transmit) their Personal Data direct to another organisation;
• the right to request TUFMS to rectify or update any Personal Data that is incorrect or complete;
• the right to have Personal Data erased in certain specified circumstances;
• the right to request TUFMS to stop processing their Personal Data and to only store such Data;
• the right to object to specific types of processing of Personal Data, for example where it is being used for the purpose of direct marketing; and
• the right in certain circumstances not to be subject to decisions being taken solely on the basis of automated processing (e.g. profiling).

11. HOW CAN A DATA SUBJECT ENFORCE THEIR RIGHTS?

In the event of a Data Subject wishing to enforce any of their rights under the Act then please use the contact details at section 14. A response to the request will be made without undue delay and no later than one month from receipt of such a request.  We will not charge a fee for processing such a request.

If a Data Subject is concerned that we have not complied with their legal rights under applicable Data Protection Laws, they may contact the Information Commissioner’s Office (www.ico.gov.uk) which is the data protection regulator in the UK. Non-UK Data Subject’s may contact their local data protection supervisory authority.

12. Third-Party Links and Products on Our Services

Our websites, applications and products may contain links to other third-party websites that are not operated by TUFMSs, and our website may contain applications that can be download from third parties. These linked sites and applications are not under TUFMS’s control and as such, we are not responsible for the privacy practices or the content of any linked websites and online applications. If a user chooses to access any third-party websites or applications, any Personal Data collected by the third party’s website or application will be controlled by the Data Protection Notice of that third party. We strongly recommend that you take the time to review the privacy policies of any third parties to which you provide Personal Data.

13. Changes to this Data Protection Notice

We will update this Data Protection Notice from time to time and hence it is important to check the “Date Notice Last Updated” legend at the bottom of this Notice.  Any changes will become effective upon posting the revised Data Protection Notice on our website.

We will provide notice to Data Subjects where any of the changes are material and, where required by applicable law, we will obtain your consent. We will provide this notice by e-mail or by posting notice of the changes on our website.

14. Contact Us / Further Information

If you have any questions concerning the content of this Data Protection Notice, including any requests to exercise your legal rights, the relevant contact details are set out below.

Contact details

Name of Contact: Marion Colverd

Position: General Manager

Email address: Marion@tufm.co.uk

Postal address: TU Financial Management Services Limited, Congress House, 23-28 Great Russell Street, London, W1B 3LQ

Date Notice Last Updated – 31st March 2022