We are committed to protecting and respecting your privacy and this policy (together with our Terms and Conditions and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
InvestAcc Pension Administration Limited (Company number 07118349) provides pension scheme administration services to new and existing SIPP and SSAS scheme customers.
InvestAcc Pension Trustees Limited (Company number 02875892) provides professional trustee and pension scheme administration services to new and existing SIPP and SSAS customers.
InvestAcc Limited (Company number 02719226) provides professional trustee and pension scheme administration services to a small number of established SIPP and SSAS customers.
Your personal data is held and processed by InvestAcc in accordance with the Data Protection Act 1998 (DPA 1998).
The legal requirements for data protection changed in May 2018, when the EU’s General Data Protection Regulation 2018 (GDPR) came into force. The UK government is also effectively replicating the vast majority of GDPR rules under a new Data Protection Bill (the New Data Protection Act) which is currently being considered by Parliament as at the date of this policy. The New Data Protection Act will eventually replace the DPA 1998. For the purposes of all these regulations and legislation InvestAcc is the Data Controller.
As from 25 May 2018 we must comply with the new requirements under GDPR, the DPA 1998 and the New Data Protection Act when it comes into force.
We may collect and process the following data about you:
Information that you provide to us by filling in forms on our website or that you e-mail to us. For example, your name, date of birth, address, gender etc. This includes information provided when you subscribe and/or register for any service that we may provide via our site from time to time or when you report a problem with our site.
If you contact us, we may keep a record of that, including letters you send to us and meeting notes. If you visit one of our offices we may also collect visual images via closed circuit television (CCTV). We record all inbound and outbound telephone conversations for training purposes, to comply with legal obligations applicable to us (e.g. rules laid down by the Financial Conduct Authority) and to enable conversations to be retrieved and considered in support of any investigation we may undertake in answer to a claim or complaint against InvestAcc. We will not share recorded telephone conversations with other parties unless in the defence of a claim or complaint.
We may collect information you provide us with regarding beneficiaries for pension products you have with us. We may also collect information on children where a parent or guardian acts on their behalf in relation to a product with us, or where they have been named as a beneficiary.
We may also ask you to complete surveys that we use for research purposes, where you have not opted out of receiving such surveys, although you do not have to respond to them.
Details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data and the resources that you access. This information does not identify you as an individual.
The information we collect about you is not publicly accessible data. If we did not have this information, you (or your family) may not receive the benefits to which you are entitled under schemes provided by InvestAcc.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, to improve the structure and content of our site and to report aggregate information the regulators and our members as requested and appropriate. This is statistical data about our users’ browsing actions and patterns, it does not identify any individual.
A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number. Two types of cookies are used by us on our site:
Session Cookies allow you to carry information across pages of our site and avoid having to re-enter information and to allow you to access stored information.
Persistent Cookies help us recognise you as a unique visitor (just a number) when you return to our website and to allow us to assess and understand our content, which pages are being visited and how long visitors spend on each page.
We specifically use Google Analytics for this. To opt out of being tracked by Google Analytics across all websites visit: http://tools.google.com/dlpage/gaoptout
Our website may contain electronic images known as web beacons which allows us to count users who have visited those pages. Web beacons are not used to access your personally identifiable information on our site. They are a technique to compile aggregated statistics about our website’s usage. Web beacons collect only a limited set of information including a cookie number, time and date of a page view and a description of the page on which the web beacon resides.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org
The data that we collect from you will not be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We use information held about you in the following ways:
You have the right to object to InvestAcc using your information in this way. However, in some circumstances, your objection may be refused where InvestAcc has compelling reasons to continue to process your personal information (e.g. to comply with the law).
We would only disclose your personal information to third parties:
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by refusing your consent at the time of collection or at any other time by contacting us at email@example.com.
Our site may, from time to time, contain links to and from the websites of our members, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The GDPR gives you the right to access information held about you. Your right of access can be exercised in accordance with the GDPR and we have 1 month from receipt of your request to respond. You also have the right to ask us to erase, amend or limit the use of the data we hold about you and to object to InvestAcc processing your personal information. If there is a legitimate and permissible reason why we cannot do this we will explain why.
We have a retention policy which means we do not keep information we hold about you for longer than necessary unless we there is a legal obligation to do so. Where you are a member (or beneficiary) of a pension scheme managed by InvestAcc, our current data protection policy is that we may retain your personal information for a minimum of 8 years after you or any beneficiary claiming under you has obtained their full benefits from the scheme.
If for any reason you are not satisfied with our response, you can complain to the supervisory authority for data protection. In the UK this is:
Information Commissioner’s Office
Telephone: 0303 123 1113
For our Terms and Conditions please click here.
Version 1.1 (8 June 2018)
InvestAcc, Minerva House, Port Road Business Park, Carlisle, CA2 7AF.
InvestAcc Pension Administration Limited and InvestAcc Limited are both Regulated and authorised by the Financial Conduct Authority.