This notice explains the terms under which personal information is obtained from our clients and stored by Dentons Pensions under the new General Data Protection Regulation (GDPR) from the European Parliament that came into effect on 25 May 2018.
Dentons Pensions will collect sufficient personal information from our clients in order to establish, and administer SIPPs and SSASs. This includes basic facts such as their name, address, dependants and contact details but may include health information that is categorised under the GDPR as sensitive personal data, for which we will require the client to provide their explicit consent.
The lawful basis of the data processing is that the client (known as the ‘data subject’) are giving their explicit consent that collection of the data is necessary for the performance of a contract with Dentons in respect of the products and services provided in accordance with our terms of business.
Information to or from other sources
We may share client information to other product providers and third party investment advisers we use. We also have a legal obligation to provide information to government departments and regulatory bodies such as the Financial Conduct Authority (FCA), the Prudential Regulatory Authority (PRA), The Pensions Regulator (TPR), HM Revenue & Customs (HMRC), appropriate Ombudsmen and the Information Commissioner’s Office (ICO). We may also use third party companies to administer and communicate information in respect of our legal and regulatory obligations.
Dentons Pensions and its associated trustee companies are controllers and processors of the personal data clients provide to us. Our registered office is Sutton House, Weyside Park, Catteshall Lane, Godalming, Surrey, GU7 1XE.
How we hold client personal data
All the personal data we use is controlled by Dentons Pensions in the United Kingdom. No third parties have access to client personal data unless the law allows them to do so. We have a data protection regime in place to oversee the effective and secure processing of their personal data.
All information at Dentons Pensions is stored on secure servers. All our data transfers to and from authorised third party recipients have built-in security features, including encryption, to best protect your personal data. Email communications cannot be secured in such a robust manner, although we do endeavour to supply confidential information in password protected files wherever possible.
Client's basic personal data will be kept for a maximum of 6 years, or as long as is required by the FCA (our regulator), following the end of their business relationship with Dentons Pensions, after which time it will be destroyed.
If at any point a client believes information that we retain about them is incorrect, the client can request to see this information and have it corrected and possibly deleted. The client may also request that their data be transferred to another data controller in a machine-readable format. Providing clients with their data information is free of charge, but charges may apply for excessive requests.
If a client wishes to raise a complaint on how we have handled their personal data, they can write to our Compliance Officer at Dentons Pension Management Limited, Sutton House, Weyside Park, Catteshall Lane, Godalming, Surrey, GU7 1XE. Alternatively they can email firstname.lastname@example.org or telephone us on 01453 521521.
If a client is not satisfied with our response or believe we are not processing their data in accordance with the law, they can complain to the Information Commissioners Office (https://ico.org.uk/).
Where relevant, clients have the right to withdraw their general and explicit consent at any time, however, without their consent, we will not be able to process the data they have provided.