Privacy Policy

St. James’s Place Privacy policy

St. James's Place plc is committed to protecting the privacy of all individuals it interacts with and we therefore ask that you please read this fair processing notice carefully. This fair processing notice explains how various St. James's Place companies within the St. James's Place plc group collects and uses your personal information.

Please click below for more information about the services we provide through the St. James's Place Partnership. This section will be relevant to you where you interact with a St. James's Place Partner.

St. James’s Place Wealth Management is a FTSE 100 company specialising in delivering face-to-face wealth management advice, products and services to individuals, trustees and businesses.

St. James’s Place Partnership

Our wealth management services are provided through personal, face to face advisors, delivered by our St. James’s Place Partners. St. James’s Place Wealth Management acts as principal in its relationship with the St. James’s Place Partners, which means that we provide the products, services and regulatory and compliance framework in which our Partners operate.

Where you have a St. James’s Place Partner, your Partner will provide your services and will process your personal information in accordance with its own Privacy Policy which is available on their Website

St. James’s Place Wealth Management will collect personal information about you as part of its role as principal, in order to ensure that the St. James’s Place Partners are compliant with applicable financial regulations. We do this by providing shared services product and servicing activity, conducting audits and dealing with any complaints that you may have. As principal, St. James's Place Wealth Management also has access to all personal information that St. James's Place Partners collect and use; this means that St. James's Place Wealth Management is the joint controller of your personal information along with your Partner.

For the purposes of this section and section 2, "we" and "our" shall refer to St. James's Place Wealth Management and "Partner" shall refer to your St. James's Place Partner.

We will collect and use different personal information about you for different reasons, depending on our relationship with you.

Sometimes we will request or receive “special categories of personal information” (which is information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, and trade union membership) in order to provide comprehensive advice and deliver health related products to you.

In our role as principal and on behalf of Partners, we may also use details of any unspent criminal convictions for fraud prevention purposes to help Partners during the process of investing money.

Where you provide personal information to us about other individuals (for example, members of your family or other dependents) we will also be data controller of their personal information and we are responsible for protecting their personal information and using it appropriately. This notice will therefore apply to those individuals and you should refer them to this notice.

In order to make this notice as user friendly as possible, we have split it into different sections. Please click on the section below that best describes your relationship with us and the service you receive from us.

This section will apply if you receive wealth management services, or you are looking to receive wealth management services from a Partner.

  • Information collected from any communications with you; and
  • Information obtained through audits or processed in the process of ensuring our Partners comply with their regulatory obligations.
  • Information stored on our client relationship management systems which Partners have access to and store information onto.
  • Information collected when dealing with any complaints you may have;

This will include the following personal information:

  • General information such as your name, address, phone numbers and email addresses, date of birth and gender.
  • Identification information including passport, driving licence, national identity card (for non-UK nationals), government issued ID verification and address verification documents such as council tax letters, bank statements and evidence of benefit entitlement.
  • Employment information such as job title, employment history and professional accreditations.
  • Financial information:
    • Bank details
    • Financial reviews (fact finds)
    • Information relating to your personal finances such as your financial liabilities and assets, income and outgoings
    • Information obtained from carrying out identification checks and checking sanction lists and politically exposed persons (PEP) screening, including bankruptcy orders.
  • Information relevant to the services that your Partner provides to you, including:
    • previous and current investments
    • information about your lifestyle
    • attitude to investment risk
    • existing plan details
    • objectives
    • copies of your will
    • information about any trusts you have.
  • Information about your family including information about your dependants.
  • Information obtained during telephone recordings.
  • Information which we have gathered from publically available sources such as the electoral roll, internet search engines and social media sites where you have been flagged as a PEP and our Partners are required to carry out enhanced due diligence.
  • Details about any criminal convictions and any related information which have been obtained from our Partners' sanctions checks and PEP screening. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
  • Details about your health which are relevant to the service you are receiving, for example where you have disclosed such information to our Partners or to us because it explains your risk appetite for investments.
  • In limited circumstances and where relevant to the advice being provided by our Partner, we may also collect information which relates to your trade union membership, ethnicity or political opinions where you have disclosed it to our Partner.

We will collect information directly from you when:

  • you contact us by email, telephone and through other written and verbal communications.

We will also collect your personal information from:

  • Your Partner directly;
  • The St. James's Place Wealth Management client relationship management system and hosted platforms;
  • Publicly available sources such as the electoral roll, court judgments, insolvency registers, internet search engines and social media sites.
  • Other St. James’s Place group companies where appropriate, including any of the following independent financial advisers (IFAs) (where you were previously a client) that have been acquired by the St. James’s Place Group:
    • BFS Financial Services Ltd
    • ­
    • Hale Financial Solutions Ltd
    • ­
    • Linden House Financial Services Ltd
    • ­
    • PFP Time Ltd
    • ­
    • SJP Client Solutions Ltd
    • ­
    • LP Holdco Ltd
  • Where an IFA has been acquired by the St. James’s Place Group, your financial advice will be provided by your Partner and your personal information that is held by those IFAs will be governed by their individual privacy notices which will have been made available to you.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
  • We have a valid business reason to use your personal information and which is necessary for our everyday business operations and activities, for example to respond to any queries relating to our Partner services that we receive.
  • In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

When we use your “special categories of personal information", we must have an additional “lawful basis" and we will rely on the following lawful basis in these circumstances:

  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty – such as carrying out fraud, credit and anti-money laundering checks.
  • You have given your explicit consent to our use of your special categories of personal information. In some cases we are not able to review a complaint in respect of the Partner service you have received unless we have all the information we need, which could include your health information for example.
  • We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
  • There is a substantial public interest in the prevention and detection of unlawful acts such as where we suspect fraud.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To comply with our legal or regulatory obligations, including ensuring that our Partners are compliant with the appropriate regulatory requirements.

  • We need to use your information in order to comply with our legal obligations.
  • We have a valid business reason (to run our business efficiently and effectively).
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.

For communications purposes including handling complaints and dealing with any other communications.

  • We have a valid business reason to communicate with you about products and services.
  • We need to use your information in order to establish, exercise or defend legal rights.
  • You have given us your explicit consent.

For business purposes and activities including managing the St. James's Place CRM system and hosting platform, and ensuring the continued improvement of the St. James's Place Partnership service.

  • We have a valid business reason (to run our business efficiently and effectively).
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To assist in the transition of your services from your Partner to another Partner if your Partner leaves the St. James's Place Partnership.

  • We have a valid business reason (to run our business efficiently and effectively).
  • We need to use your information in order to establish, exercise or defend legal rights.

We will not sell or transfer your personal information to anyone unless we have a valid purpose as set out above and we will only disclose it to the following parties:

  • Your Partner
  • Other Partners within the St. James's Place Partnership where necessary to support other wealth management services or advice ( e.g. your Partner leaves the St. James's Place Partnership, another Partner provides other/additional services)
  • Other St. James's Place group companies, including any independent financial advisers (IFAs) (where you were previously a client) that have been acquired by the St. James’s Place Group;
  • Our regulators including the Financial Conduct Authority and the Financial Ombudsman Service.
  • Selected third parties in connection with any sale, transfer or disposal of our business.
  • Our insurers.
  • Data protection authorities.
  • Financial crime and fraud detection agencies.
  • The police, HMRC and other crime prevention and detection agencies.
  • Third parties who have entered into contractual arrangements with us to provide services we need to carry out our everyday business activities such as partner support specialists, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax advisers.

This section will apply where a client receiving partner services provides information about their family member(s) or business associates to explain their lifestyle and approach to investments and wealth management (for example if you are a spouse, partner or dependant mentioned in a will or trust document, another beneficiary or a business partner). This section will set out how we use your information.

  • Information collected from the client;
  • Information collected when dealing with any complaints you may have;
  • Information collected from any communications with you; and
  • Information obtained through audits or in the process of ensuring our Partners comply with their regulatory obligations.

This will include:

  • General information such as your name, address, phone numbers and email addresses, date of birth and gender.
  • Your relationship to our client who is receiving St. James's Place Partner services.
  • Financial information relating to your financial liabilities, for example details of you and your partner's property portfolio to enable us to establish that a client has provided with appropriate financial advice.
  • We may collect details about your health which are relevant to the services our client receives from the relevant Partner (for example where you are the client's partner and you have a medical condition which means that you are unable to work and therefore our client has a higher need for investment return and a lower risk appetite).
  • In limited circumstances where relevant to the advice being provided by our Partner, we may also collect information which relates to your trade union membership, ethnicity or political opinions where it has been disclosed to the Partner by the client.

We will collect information directly from you when:

  • you contact us by email, telephone and through other written and verbal communications, for example in relation to a data subject access request.

We may also collect your personal information from:

  • our client who is receiving Partner services.
  • our client's Partner;
  • the St. James's Place Wealth Management client relationship management system and hosted platforms.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
  • We have a valid business reason to use your personal information which is necessary for our everyday business operations and activities, for example to maintain our business records.
    In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

When we use your “special categories of personal information", we must have an additional “lawful basis" and we will rely on the following lawful basis in these circumstances:

  • You have given your explicit consent to our use of your special categories of personal information which may have been provided to us by your family member, spouse or business associate who is our client.
  • We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
  • There is a substantial public interest in the prevention and detection of unlawful acts such as where we suspect fraud.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty – such as carrying out fraud, credit and anti-money laundering checks.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To comply with our legal or regulatory obligations, including ensuring that our Partners are compliant with the appropriate regulatory requirements.

  • We need to use your information in order to comply with our legal obligations.
  • We have a valid business reason (to run our business efficiently and effectively).
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent and this has been provided to use by the client.

For communications purposes including handling complaints and dealing with any other communications.

  • We have a valid business reason (to run our business efficiently and effectively).
  • You have given us your explicit consent and this has been provided to us by the client. 
  • We need to use your information in order to establish, exercise or defend legal rights.

For business purposes and activities including managing the St. James's Place CRM system and hosting platform, and ensuring the continued improvement of the St. James's Place Partnership service.

  • We have a valid business reason (to run our business efficiently and effectively).
  • You have given us your explicit consent and this has been provided to us by the client.
  • We need to use your information in order to establish, exercise or defend legal rights.

To assist in the transition of our client's services from our client's Partner to another Partner if our client's Partner leaves the St. James's Place Partnership. 

  • We have a valid business reason (to run our business efficiently and effectively).
  • You have given us your explicit consent and this has been provided to us by the client. 
  • We need to use your information in order to establish, exercise or defend legal rights.

We will not sell or transfer your personal information to anyone unless we have a valid purpose as set out above and we will only disclose it to the following parties:

  • The client's Partner
  • Other Partners within the St. James's Place Partnership where necessary to support other wealth management services or advice ( e.g. your Partner leaves the St. James's Place Partnership, another Partner provides other/additional services)
  • Other St. James's Place group companies.
  • Our regulators including the Financial Conduct Authority and the Financial Ombudsman Service.
  • Selected third parties in connection with any sale, transfer or disposal of our business.
  • Our insurers.
  • Data protection authorities.
  • Financial crime and fraud detection agencies.
  • The police, HMRC and other crime prevention and detection agencies.
  • Third parties who have entered into contractual arrangements with us to provide services we need to carry out our everyday business activities such as partner support specialists, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax advisers.

St. James's Place is committed to protecting the privacy of its job applicants.
This Notice sets out important information about how St. James's Place collects and uses personal data (referred to as "personal information" in this Notice" as part of its recruitment processes. You should read this Notice carefully and raise any questions you may have with the Data Protection Officer.

This Notice is issued on behalf of St. James's Place Plc and its associated companies. In connection with your potential employment, the relevant data controller will be your prospective employer within the St. James's Place group of companies. A full list of these companies appears at annex 1 to this Notice. St. James's Place has appointed a dedicated Data Protection Officer to deal with any queries in relation to data processing and the relevant contact details are provided below.

Personal data means information which identifies you and relates to you as an individual. As your prospective employer, St. James's Place will collect, use and store your personal information for a number of purposes in connection with its consideration of you as a candidate for employment.

In accordance with its obligations St. James's Place will ensure your personal information is:

  • processed fairly and lawfully
  • obtained and processed only for specified and lawful purposes
  • adequate, relevant and not excessive
  • accurate and kept up to date
  • held securely and for no longer than is necessary
  • not transferred to a country outside of the EU unless there is an adequate level of protection in place

St. James's Place will review the nature of information being collected and held from time to time to ensure that these principles are being followed.

We have set out below the main categories of candidate personal information which we process in connection with our recruiting activities on a day to day basis:
  • personal contact information (including your name, home address, personal telephone number(s) and personal e-mail address)
  • work history and other relevant experience including information contained in CV, cover letter or job application form
  • education information including degrees awarded, transcripts and other information provided in support of the job application
  • remuneration history
  • information collected during phone screenings and interviews
  • details regarding the type of employment sought, desired salary, willingness to relocate, job preferences, and other information related to compensation and benefits
  • reference information and information received from background checks (where applicable) including information provided by third parties
  • information related to previous applications to us or previous employment history with us
  • documents evidencing your right to work (including information about your immigration status where relevant)
  • date of birth
  • gender
  • information gathered through our monitoring of our IT systems, building access records and CCTV recording in relation to your communications with us and attendance at our premises
  • personal information which you otherwise voluntarily provide during the course of the recruitment process

The majority of the personal information to be provided by you is mandatory in connection with our recruiting activities. Failure to provide mandatory personal information may affect our ability to accomplish the purposes stated in this Notice, including considering your suitability for employment and/or entering into an employment contract with you.

The list set out above is not exhaustive, and there may be other personal information which St. James's Place collects, stores and uses in the context of the application and recruitment process. St. James's Place will update this Notice from time to time to reflect any notable changes in the categories of personal information which it processes.

The majority of the personal information which we process will be collected directly from you. However, your personal information may also be provided to us by third parties, such as recruitment agencies, former employers, official bodies (such as regulators or the Disclosure and Barring Service) and/or medical professionals.

As part of our referencing and vetting procedures, we will contact certain third parties in order to verify your personal information (including personal information that you provide as part of the application and recruitment process). These third parties will include:
  • former employers, in order to verify your previous employment history
  • universities and/or other establishments for higher education that you attended, in order to verify your education history
  • for specific roles we will undertake electronic ID checks, sanctions and politically exposed persons checks via a third-party agency

We will also gather data from publicly available sources such as the electoral roll, court judgments, insolvency registers, internet search engines and social media sites.

We will only conduct background checking in relation to successful candidates that have accepted a conditional offer of employment with us, and we will specifically inform such candidates that we will be contacting these third parties in advance of doing so.

St. James's Place uses your personal information for a variety of purposes to take steps necessary to enter into an employment contract with you, to comply with legal obligations or otherwise in pursuit of its legitimate business interests. We have set out below the main purposes for which candidate personal information is processed:
  • to identify and evaluate job applicants, including assessing skills, qualifications and experience
  • verifying candidate information and carrying out employment, background and reference checks, where applicable, and in order to prevent fraud
  • communicating with you about the recruitment process and your application
  • to comply with our legal, regulatory, or other corporate governance requirements

In addition to using your personal information to consider you for the role you applied for, we will retain and process your personal information to inform you about, and to consider you for other roles that may be appropriate for you. If you do not want us to consider you for other roles which we consider may be appropriate for you, please inform your recruitment contact.

Again, this list is not exhaustive and St. James's Place may undertake additional processing of personal information in line with the purposes set out above. St. James's Place will update this Notice from time to time to reflect any notable changes in the purposes for which its processes your personal information.

St. James's Place will share candidate personal information with other parties only in limited circumstances where this is necessary for the purposes of entering into an employment contract, to comply with a legal obligation, or otherwise in pursuit of its legitimate business interests as follows:
  • recruitment agencies
  • background vetting specialists
  • occupational health providers and other medical professionals
  • HMRC and/or any other applicable government body
  • accountants, lawyers and other professional advisers
  • the Financial Conduct Authority and/or the Prudential Regulatory Authority and/or any other applicable regulatory body
  • specialists undertaking psychometric & personality tests
Wherever possible the personal information is shared under the terms of a written agreement between St. James's Place and the third party which includes appropriate security measures to protect the personal information in line with this Notice and our obligations. The third parties are permitted to use the personal information only for the purposes which we have identified, and not for their own purposes, and they are not permitted to further share the data without our express permission.
Certain categories of data are considered "special categories of personal information" and are subject to additional safeguards. St. James's Place limits the special categories of personal information which it processes as follows:
  • Health Information
We may process information about a candidate's physical or mental health in the course of the recruitment process. In particular:
  • we will process information about an individual candidate's physical or mental health to comply with our obligations to make reasonable adjustments for disabled employees as part of the recruitment process;
  • as part of our pre-employment screening, successful candidates are asked to complete a medical questionnaire administered by Health Assured Ltd in order that we can take account of any medical issues relating to a new employee, including our obligation to make reasonable adjustments in the workplace. Health Assured Ltd will only share information from this questionnaire with us with your express consent.

We will always treat information about health as confidential and it will only be shared internally where there is a specific and valid purpose to do so. We have implemented appropriate physical, technical, and organisational security measures designed to secure your personal information against accidental loss and unauthorised access, use, alteration, or disclosure.

If a candidate is successful, any health information processed as part of the recruitment process that is relevant to St. James's Place's compliance with its obligations in connection with employment will be retained and processed in accordance with the Employee Privacy Notice. If a candidate is unsuccessful, any health information obtained as part of recruitment process will be deleted with the rest of the candidate's personal information within months of their rejection.

St. James's Place's policy is to retain personal information only for as long as needed to fulfill the purpose(s) for which it was collected, or otherwise as required under applicable laws and regulations. Under some circumstances we may anonymise your personal information so that it can no longer be associated with you. We reserve the right to retain and use such anonymous data for any legitimate business purpose without further notice to you.

For unsuccessful candidates:

  • We will typically retain personal information collected during the recruitment process for a maximum period of 6 months from the end of the process subject to any exceptional circumstances and/or to comply with particular laws or regulations.
If you are offered and accept employment with us, some of the personal information we collected during the application and recruitment process will become part of your employment record and we may use it in connection with your employment in accordance with the Employee Privacy Notice. The remaining data will be stored for a period of 6 months then deleted.

Please click below for more information about the products we offer which include pensions and annuities.

St. James’s Place Wealth Management is a FTSE 100 company, specialising in delivering face-to-face wealth management advice to individuals, trustees and businesses. As well as addressing simple and straightforward issues such as mortgages, we can help to resolve more complex problems for clients, whether it be investment for growth, Inheritance Tax or retirement planning. We also offer St. James’s Place Wealth Management products, which include pensions, annuities.

The data controller will depend on the product you take out with us and will be an entity within the St. James’s Place plc’s group of companies. If you are unsure about who the data controller of your personal information is, you can contact us at any time using the contact details in section 10 below.

For the purposes of this section and section 4, "we" and "our" shall refer to the relevant data controller as above according to the product that you have and "product" shall refer to the relevant product you hold.

We will collect and use different personal information about you for different reasons, depending on our relationship with you and the product held.

Sometimes we will request or receive “special categories of personal information” (which is information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, and trade union membership).

We also use details of any unspent criminal convictions provided for fraud prevention purposes.

Where you provide personal information to us about other individuals (for example, members of your family or other dependents) we will also be data controller of their personal information and we are responsible for protecting their personal information and using it appropriately. This notice will therefore apply to those individuals and you should refer them to this notice.

In order to make this notice as user friendly as possible, we have split it into different sections. Please click on the section below that best describes your relationship with us and the service you receive from us.

This section will apply if you are an existing client of ours and you have purchased a St. James’s Place pension or an annuity product from us.

  • General information such as your name, address, phone numbers and email addresses, date of birth and gender.
  • Identification information including passport, driving licence, national identity card (for non-UK nationals), government issued ID verification and address verification documents such as council tax letters or bank statement and evidence of benefit entitlement.
  • Employment information such as job title, employment history and professional accreditations.
  • Financial information relevant to the products we provide, including:
    • Bank details
    • Financial reviews (fact finds)
    • Information relating to your personal finances such as your financial liabilities and assets, income and outgoings.
  • Information obtained from carrying out identification checks and checking sanction lists and politically exposed persons (PEP) screening, including bankruptcy orders or where you have been flagged as a PEP.
  • Information about your family including information about your dependants.
  • Information obtained during telephone recordings where recorded.
  • Your marketing preferences and details of your customer experience with us.
  • Information such as IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy in section 11 below.
  • As part of our regulatory requirements, details about any criminal convictions and any related information which have been obtained from our sanctions checks and PEP screening This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to. We may collect details about your health which are relevant to your application (e.g. as part of a pension need we may ask you about any medical conditions that affect you to establish whether you are deemed to be a vulnerable client). In limited circumstances, we may also collect information which relates to your trade union membership (for example when gathering your employment details), genetic or biometric data or data concerning your sex life or sexual orientation where you instruct us on joint products.

We will collect information directly from you when:

  • you apply to purchase, vary or renew a St. James's Place product; and
  • you contact us by email, telephone and through other written and verbal communications.

We will also collect your personal information from:

  • Your St. James's Place Partner where applicable.
  • The St. James's Place Wealth Management client relationship management system and hosted platforms.
  • Publicly available sources such as the electoral roll, court judgments, insolvency registers, internet search engines and social media sites.
  • Other St. James's Place group companies.
  • Third parties such as Experian who provide anti money laundering and fraud prevention services who we have appointed to carry out electronic ID checks, sanctions and politically exposed persons checking services.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We need to use your personal information to enter into or perform the client agreement that we hold with you for the product in question. For example, we need to use your personal information to provide the products that you have purchased from us.
  • We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
  • We have a valid business reason to use your personal information which is necessary for our everyday business operations and activities, for example to maintain business records, to review our business models, to undertake strategic and operational business analysis of the products we offer, to maintain management information, and for internal audit purposes.
    In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

When we use your “special categories of personal information", we must have an additional “lawful basis" and we will rely on the following lawful basis in these circumstances:

  • There is a substantial public interest in the prevention and detection of unlawful acts such as where we suspect fraud.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty – such as carrying out fraud, credit and anti-money laundering checks.
  • We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
  • You have given your explicit consent to our use of your special categories of personal information. In some cases we are not able to offer you certain advice or financial products unless we have your health information.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To carry out identification checks. 

  • It is necessary to enter into your client agreement.
  • We have a valid business reason (to carry out necessary compliance checks).
  • We have a legal and regulatory obligation.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.
  • We need to establish, exercise or defend legal rights.

To provide services in accordance with your product agreement

  • It is necessary to enter into or perform your product agreement.
  • We have a valid business reason (to ensure that we fulfil our contractual obligations to clients).
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To carry out annual reviews and reviews of ongoing suitability of your current arrangements as required.

  • It is necessary to enter into or perform your client agreement.
  • We have a valid business reason (to ensure that we are providing appropriate services according to your circumstances).
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To prevent and investigate fraud.

  • It is necessary to enter into or perform your client agreement.
  • We have a valid business reason (to prevent and detect fraud and other financial crime).
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.

To comply with our legal or regulatory obligations.

  • We need to use your information in order to comply with our legal obligations.
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.

To communicate with you and resolve any complaints that you might have.

  • It is necessary to enter into or perform your client agreement.
  • We have a valid business reason (to communicate with you, record and investigate complaints and ensure that complaints are handled appropriately).
  • We need to use your information in order to comply with our legal and regulatory obligations.
  • We need to use your information in order to establish, exercise or defend legal rights.

To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).

  • We have a valid business reason (to develop and improve the products and services we offer).
  • You have given us your explicit consent.

For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information.

  • We have a valid business reason (to run our business efficiently and effectively)
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To apply for and claim on our own insurance.

  • We have a valid business reason (to maintain appropriate insurance)
  • We need to use your information in order to establish, exercise or defend legal rights.

To provide marketing information where you have provided your consent

  • You have given us your explicit consent.

 

To provide marketing information by post, by telephone and in other circumstances where we don't require your consent.

  • We have a valid business reason (to send you selected communications about other products and services we offer)

 

We will not sell or transfer your personal information to anyone unless we have a valid purpose as set out above and we will only disclose it to the following parties:

  • Third parties who facilitate the arrangement of products that you purchase from us such as product providers, and insurers where you are buying income protection products. Where we have shared your personal information with these third parties, they will also be a data controller and responsible for how they use your personal information. Their uses of your personal information will be governed by their own fair processing notices.
  • Your Partner within the St. James's Place Partnership so that the product you have purchased can be integrated into the wealth management service provided to you by your Partner.
  • Other St. James's Place group companies.
  • Third parties who have entered into contractual arrangements with us to provide services we need to carry out our everyday business activities such as partner support specialists, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax advisers.
  • Compliance consultants including the Consulting Consortium
  • Financial crime and fraud detection agencies.
  • Our regulators including the Financial Conduct Authority and the Financial Ombudsman Service.
  • Selected third parties in connection with any sale, transfer or disposal of our business.
  • Our insurers.
  • The police, HMRC and other crime prevention and detection agencies.

General information such as your name, address, phone numbers and email addresses, date of birth and gender.

  • Identification information including passport, driving licence, national identity card (for non-UK nationals), government issued ID verification and address verification documents such as council tax letters or bank statement and evidence of benefit entitlement.
  • Employment information such as job title, employment history and professional accreditations.
  • Financial information relevant to the products we provide, including:
    • Bank details
    • Financial reviews (fact finds)
    • Information relating to your personal finances such as your financial liabilities and assets, income and outgoings.
  • Information obtained from carrying out identification checks and checking sanction lists and politically exposed persons (PEP) screening, including bankruptcy orders or where you have been flagged as a PEP.
  • Information about your family including information about your dependants.
  • Information obtained during telephone recordings.
  • Your marketing preferences and details of your customer experience with us.
  • Information such as IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy in section 11 below.
  • We may collect details about your health which are relevant to your application (e.g. as part of a pension need we may ask you about any medical conditions that affect you to establish whether you are deemed to be a vulnerable client). In limited circumstances, we may also collect information which relates to your trade union membership (for example when gathering your employment details), genetic or biometric data (or data concerning your sex life or sexual orientation where you instruct us on joint products.

We will collect information directly from you when:

  • you enquire about a St. James's Place product or apply to purchase a St. James's Place product; and
  • you contact us by email, telephone and through other written and verbal communications.

We will also collect your personal information from:

  • your St. James’s Place Partner
  • other St. James's Place group companies.
  • third parties such as Experian who provide anti money laundering and fraud prevention services who we have appointed to carry out electronic ID checks, sanctions and politically exposed persons checking services.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We have a valid business reason to use your personal information which is necessary for our everyday business operations and activities, for example to maintain business records, to review our business models, to undertake strategic and operational business analysis of the products we offer, to maintain management information, and for internal audit purposes.
  • We need to use your personal information to enter into the product agreement with you for the product in question. For example, we need to use your personal information to set up the products that you are looking to purchase from us.
  • We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
    In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

When we use your “special categories of personal information", we must have an additional “lawful basis" and we will rely on the following lawful basis in these circumstances:

  • There is a substantial public interest in the prevention and detection of unlawful acts such as where we suspect fraud.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty – such as carrying out fraud, credit and anti-money laundering checks
  • We need to use such special categories of personal information to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
  • You have given your explicit consent to our use of your special categories of personal information. In some cases we are not able to offer you a quote for one of our products unless we have your health information.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To carry out identification checks

  • It is necessary to enter into your product agreement.
  • We have a valid business reason (to carry out necessary compliance checks).
  • We have a legal and regulatory obligation.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.
  • We need to establish, exercise or defend legal rights.

To answer any queries you may have and to provide you with a quote for the product in question.

  • It is necessary to enter into your product agreement.
  • We have a valid business reason (to communicate with you and ensure that the product is appropriate for your requirements).
  • You have given us your explicit consent.

To arrange a product for you.

  • It is necessary to enter into your product agreement.
  • We have a valid business reason (to ensure that the product is appropriate for your requirements).
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To prevent and investigate fraud.

  • It is necessary to enter into your product agreement.
  • We have a valid business reason (to prevent and detect fraud and other financial crime).
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.

To comply with our legal or regulatory obligations.

  • We need to use your information in order to comply with our legal obligations.
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent.

To communicate with you and resolve any complaints that you might have.

  • It is necessary to enter into or perform your product agreement.
  • We have a valid business reason (to communicate with you, record and investigate complaints and ensure that complaints are handled appropriately).
  • We need to use your information in order to comply with our legal and regulatory obligations.
  • You have given us your explicit consent
  • We need to use your information in order to establish, exercise or defend legal rights.

To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).

  • We have a valid business reason (to develop and improve the products we offer).
  • You have given us your explicit consent.

For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information.

  • We have a valid business reason (to run our business efficiently and effectively)
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To apply for and claim on our own insurance.

  • We have a valid business reason (to maintain appropriate insurance)
  • We need to use your information in order to establish, exercise or defend legal rights.

To provide marketing information where you have provided your consent

  • You have given us your explicit consent.

 

To provide marketing information by post, by telephone and in other circumstances where we don't require your consent

  • We have a valid business reason (to send you selected communications about other products and services we offer)

 

We will not sell or transfer your personal information to anyone unless we have a valid purpose as set out above and we will only disclose it to the following parties:

  • Third parties who have entered into contractual arrangements with us to provide services we need to carry out our everyday business activities such as partner support specialists, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax advisers.
  • Third parties who provide a service in relation to the management of your investments or facilitate the arrangement of products we recommend such as product providers, portfolio and fund managers, insurers where you are buying income protection products. Where we have shared your personal information with these third parties, they will also be a data controller and responsible for how they use your personal information. Their uses of your personal information will be governed by their own fair processing notices.
  • Other St. James's Place group companies.
  • Third parties who provide sanctions checking services including Experian.
  • Compliance consultants including the Consulting Consortium
  • Financial crime and fraud detection agencies.
  • Our regulators including the Financial Conduct Authority and the Financial Ombudsman Service.
  • Selected third parties in connection with any sale, transfer or disposal of our business.
  • Our insurers.
  • The police, HMRC and other crime prevention and detection agencies.

This section will apply if your personal information has been provided to us as part of a quote or an application for a St. James's Place Wealth Management product, for example if you are listed as a beneficiary in an application for an annuity product. This section will set out how we use your information.

  • General information such as your name, address, phone numbers and email addresses, date of birth and gender.
  • Your relationship to our client.
  • Financial information relating to your financial liabilities, for example details of you and your partner's property portfolio to enable us to establish that a pensions product our client is looking to purchase is appropriate.
  • Any information which is relevant to the product we provide for our client.
  • We may collect details about your health which are relevant to the product we will be providing to our client.

In limited circumstances, we may also collect information concerning your sex life or sexual orientation for example where you are in a civil partnership with our client.

  • Directly from our client.
  • From documents directly provided to us by our client, such as application forms for annuity policies where you are listed as a dependant or employment related documents and you are listed as a business partner of our client.
  • Our client's Partner directly;
  • The St. James's Place Wealth Management client relationship management system and hosted platforms.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
  • We have a valid business reason to use your personal information which is necessary for our everyday business operations and activities, for example to maintain business records, to review our business models, to undertake strategic and operational business analysis of the products we offer, to maintain management information, and for internal audit purposes.
    In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

When we use your “special categories of personal information", we must have an additional “lawful basis" and we will rely on the following lawful basis in these circumstances:

  • You have given your explicit consent to our use of your special categories of personal information which may have been provided to us by your family member or business associate who is our client
  • There is a substantial public interest such as the prevention and detection of unlawful acts such as where we suspect fraud.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty – such as carrying out fraud, credit and anti-money laundering checks.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To provide products to our clients

  • We have a valid business reason (to fulfil our contractual obligations to our clients and advise on the most appropriate product for their personal circumstances)
  • You have given us your explicit consent and this has been provided to us by our client prospective client. 
  • We need to use your information in order to establish, exercise or defend legal rights.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.

To prevent and investigate fraud.

  • We have a valid business reason (to prevent and detect fraud and other financial crime).
  • We have a substantial public interest to prevent fraud
  • We need to use your information in order to establish, exercise or defend legal rights.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have your explicit consent and this has been provided to us by our client or prospective client.

To comply with our legal or regulatory obligations.

  • We need to use your information in order to comply with our legal obligations.
  • We have a valid business reason (to run our business efficiently and effectively).
  • We need to use your information in order to establish, exercise or defend legal rights.
  • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty.
  • We have a substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
  • We have your explicit consent and this has been provided to us by our client or prospective client.

For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information.

  • We have a valid business reason (to run our business efficiently and effectively)
  • You have given us your explicit consent.
  • We need to use your information in order to establish, exercise or defend legal rights.

To provide marketing information where you have provided your consent.

  • You have given us your explicit consent.

 

To provide marketing information by post, by telephone and in other circumstances where we don't require your consent.

  • We have a valid business reason (to send you selected communications about other products and services we offer)

 

We will not sell or transfer your personal information to anyone unless we have a valid purpose as set out above and we will only disclose it to the following parties:

  • Third parties who facilitate the arrangement of products we recommend such as product providers and insurers where our client is buying income protection products. Where we have shared your personal information with these third parties, they will also be a data controller and responsible for how they use your personal information. Their uses of your personal information will be governed by their own fair processing notices.
  • Our client's Partner within the St. James's Place Partnership (as appropriate) so that the product purchased by our client can be integrated into the wealth management service provided to our client by the relevant Partner.
  • Other St. James's Place group companies.
  • Compliance consultants including the Consulting Consortium
  • Financial crime and fraud detection agencies.
  • Our regulators including the Financial Conduct Authority and the Financial Ombudsman Service.
  • Selected third parties in connection with any sale, transfer or disposal of our business.
  • Our insurers.
  • The police, HMRC and other crime prevention and detection agencies.
  • Third parties who have entered into contractual arrangements with us to provide services we need to carry out our everyday business activities such as partner support specialists, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax advisers.

If you are a business partner such as products providers, portfolio or fund managers and contractors who carry out business functions on our behalf, this section will be relevant to you and sets out our uses of your personal information.

  • General information such as your name, address, business phone numbers and email addresses.
  • Employment information such as job title, business cards and professional accreditations.
  • Information about your clients and the services and products you offer.
  • Your bank details and information obtained from checking sanction lists and credit checks
  • Information which we have gathered from publically available sources such as internet search engines and generally obtained as part of the due diligence process conducted by St. James's Place group companies.
  • Directly from you.
  • From other St. James's Place group companies.
  • From publically available sources such as internet search engines.
  • From service providers who carry out sanctions checks.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We need to use your personal information to enter into or perform the contract that we hold with you.
  • We have a legal or regulatory obligation to use such personal information. For example, we may be required to carry out certain background checks.
  • We have a valid business reason to use your personal information which is necessary for our everyday business operations and activities, for example to keep records of investments and the reasoning behind such investments, to maintain business records, to carry out due diligence, to review our business models and undertake strategic and operational business analysis.
    In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To carry out fraud, credit and anti-money laundering checks on you

  • It is necessary to enter into a contract with you.
  • We have a valid business reason (to assess your suitability as a business partner).
  • We need to use your information in order to comply with our legal obligations.

 

To carry out due diligence on you.

  • We have a valid business reason (to ensure that you can provide guarantees in terms of confidentiality and security measures you implement to protect the information we are sharing with you about our clients).

 

To comply with our legal or regulatory obligations.

  • We need to use your information in order to comply with our legal obligations.

 

For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information.

  • We have a valid business reason (to run our business efficiently and effectively)

 

For compliance and monitoring purposes such as recording and managing complaints made against you by our customers.

  • It is necessary to enter into a contract with you.
  • We have a valid business reason (to ensure we are compliant and carrying out appropriate monitoring activities).

 

We will not sell or transfer your personal information to anyone unless we have a valid reason as set out above and we will only disclose it to the following parties:

  • Where you are providing a product or services to one of our clients on our behalf, the relevant St. James's Place Partner where the client receives wealth management services from that Partner.
  • Other St. James's Place group companies.
  • Third parties who provide sanctions checking services including Experian.
  • Our regulators including the Financial Conduct Authority and the Financial Ombudsman Service.
  • Selected third parties in connection with any sale, transfer or disposal of our business.
  • Our insurers.
  • Third parties who have entered into contractual arrangements with us to provide services we need to carry out our everyday business activities such as partner support specialists, document management providers, back office system providers, secure login and email providers, storage warehouses, IT suppliers, actuaries, auditors, lawyers, outsourced business process management providers, our subcontractors and tax advisers.

If you use our website, this section will be relevant to you and sets out our uses of your personal information.

  • General information submitted via the website, for example where you provide your details in the contact section such as your name, contact details and company name.
  • Information such as IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy which can be found in section 11 below.

We will collect your information directly from our website.

There are a number of reasons we use your personal information and for each use we need to have a "lawful basis" to do so.

We will rely on the following “lawful basis” when we process your "personal information":

  • We have a valid business reason to use your personal information, necessary for our everyday business operations and activities, for example to maintain business records and to monitor usage of the website.
    In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.

Purpose for processing

Lawful basis for using your personal information

Lawful basis for using your special categories of personal information

To respond to any enquiries you have submitted.

  • We have a business reason (to respond to your enquires).

 

We will not sell or transfer your personal information to anyone unless we have a valid purpose as set out above and we will only disclose it to:

  • Other St. James's Place group companies;
  • If you receive wealth management services from a St. James's Place Partner, the relevant Partner if relevant to the services you receive; and
  • Third parties who we have entered into contractual arrangements with to provide services we need to carry out our everyday business activities such as IT suppliers and website providers.

Where you are an existing client

We may use your personal information to provide you with information about our products or services which may be of interest including e-briefings and newsletters, where you have provided your consent for us to do so.

If you wish to opt out of marketing, you may do so by clicking on the "unsubscribe" link that appears in all emails which are sent by your Partner or telling us when we call you. Otherwise you can always contact us using the details set out in section 10 to update your contact preferences.

Please note that, even if you opt out of receiving marketing messages, you may still receive communications from your Partner in connection with the products we offer you.

We will only keep your personal information for as long as reasonably necessary to fulfil the purposes set out in sections 2 - 4 above, to comply with our legal and regulatory obligations or for as long as necessary to respond to concerns you raise with the advice you received. As a financial service firm, we are regulated by the Financial Conduct Authority (the FCA) who imposes certain record-keeping rules which we must adhere to.

There are a small number of instances where your personal information may be transferred to countries outside of the European Economic Area ("EEA") such as when we transfer information to our other companies in the St. James’s Place group or to third party suppliers who are based outside the EEA or when third parties who act on our behalf transfer your personal information to countries outside the EEA. Where such a transfer takes place, we will take the appropriate safeguarding measures to ensure that your personal information is adequately protected. We will do so in a number of ways including:

  • entering into data transfer contracts and using specific contractual provisions that have been approved by European data protection authorities otherwise known as the "standard contractual clauses" You can find out more about standard contractual clauses at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en;
  • transferring personal information only to companies in the United States who are certified under the "Privacy Shield". The Privacy Shield is a scheme whereby companies certify that they provide an adequate level of data protection. You can find out more about the Privacy Shield https://www.privacyshield.gov/welcome or
  • we will only transfer personal information to companies in non-EEA countries who have been deemed by European data protection authorities to have adequate levels of data protection for the protection of personal information. You can find out more about this https://ico.org.uk

We are also entitled under European data protection laws to transfer your personal information to countries outside the EEA where it is necessary for the performance of the contract we have with you.

Depending on our relationship and your particular circumstances, we might transfer personal information anywhere in the world. An example of our regular data transfers outside the EEA is set out below:

Country of transfer

Reason for the transfer

Method we use to protect your information

  • China, Hong Kong, Singapore

 

  • Provision of data to international offices to support clients living overseas.

 

  • We have standard contractual clauses in place.

 

What is automated decision making?

Automated decision making refers to a situation where a decision is taken using personal information that is processed solely by automatic means (i.e. using an algorithm or other computer software) rather than a decision that is made with some form of human involvement. We do not currently use automated decision making as all decisions are reviewed by an individual.

What is profiling?

Profiling is any form of automated processing of personal information which evaluates certain personal aspects and we use profiling tools to assist in risk assessment and marketing activities.

We will use profiling in a number of circumstances including the following:

  • where you are a prospective client we will use your postcode to determine which Partner is closest to you;
  • for existing clients – where there are any investment fund switches, we will use systems to monitor irregular activity; and
  • using a financial strategy segment profiling tool which uses information such as date of birth, occupation and financial information to determine appropriate investment wealth bands.

You have several rights which you can exercise at any time relating to the personal information that we hold about you and use in the ways set out in this notice. Please contact us at any time using the details set out in section 10 if you wish to exercise these rights; we will not usually charge you.

We respect your rights and will always consider and assess them but please be aware that there may be some instances where we cannot comply with a request that you make as the consequence might be that:

  • in doing so we could not comply with our own legal or regulatory requirements for example we are under obligations to hold records of our dealings with you for certain periods of time; or
  • in doing so we could not provide services to you and would have to cancel your client agreement, for example we could not enter into investments on your behalf if we had deleted your personal information.

We will of course inform you if any of the above situations arise and if we are unable to comply with your request.

You are entitled to a copy of the personal information we hold about you and certain details of how we use it.

We are happy to provide you with such details but in the interests of confidentiality, we follow strict disclosure procedures which may mean that we will require proof of identify from you prior to disclosing such information.

We will usually provide your personal information to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal information will be provided to you by electronic means where possible.

It would be helpful if you could please complete the Data Subject Request Form to request a copy of the information we hold so that we can ensure we have all the relevant information we need to appropriately respond to your request.

Please help us to keep your personal information accurate and up to date so if you believe that there are any inaccuracies, discrepancies or gaps in the information we hold about you, please contact us and ask us to update or amend it.

In certain circumstances, you have the right to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to use your personal information.

Where we rely on your consent to process your personal information, you have the right to withdraw such consent to further use of your personal information.

You are entitled to request your personal information to be deleted in certain circumstances such as where we no longer need your personal information for the purpose we originally collected it. When you exercise this right, we need to consider other factors such as our own regulatory obligation, to assess whether we can comply with your request.

You have a choice about whether or not you wish to receive marketing information from us and you have the right to request that we stop sending you marketing messages at any time. You can do this either by clicking on the "unsubscribe" button in any email that we send to you or by contacting us using the details set out in section 10.

Please note that, even if you opt out of receiving marketing messages, we may still send you communications which are relevant to the nature of services we offer you.

In certain circumstances, where we only process your personal data because we have a legitimate business need to do so, you have the right to object to our processing of your personal data.

In certain circumstances, you can request that we transfer personal information that you have provided to us to a third party.

When you exercise this right, we need to consider other factors such as our own regulatory obligations, to assess whether we can comply with your request

Whilst we use software to carry out automated decision making (as set out in section 8 above), we will always have some form of human involvement to check any decisions made that arise out of such automated decisions. This complies with your data protection rights to have a decision taken by automated means reviewed.

If you believe that we have breached data protection laws when using your personal information, you have a right to complain to the Information Commissioner's Office (ICO).

You can visit the ICO's website at https://ico.org.uk/ for more information. Please note that lodging a complaint will not affect any other legal rights or remedies that you have.

If you would like any further information about any of the matters in this notice or if you have any other questions about how we collect, store or use your personal information, you may contact our St. James's Place Data Protection Officer at St. James's Place plc, St. James's Place House, 1 Tetbury Road, Cirencester, Gloucestershire, GL7 1FP, United Kingdom, dpo@sjp.co.uk and 01285718453.

You can also contact your Partner at the contact details set out in their Privacy Policy (as provided to you on their headed paper) if you would like any further information about how they collect, store or use your personal information.

The Roxburgh Ltd website uses cookies - small text files that are stored on your computer or in your browser - to help us to monitor how visitors use our site and allow us to maintain the optimum experience for website users. The website does not store or capture personal information about you when you visit it, it merely records traffic information. This means information about all of our visitors collectively, for example the number of visits the website receives. In order to respect our visitors' rights of privacy, this information is anonymous and no individual visitor can be identified from it.

You can disable and delete cookies by changing the appropriate setting within your browser's 'Help', 'Tools' or 'Settings' menu. Please note that by disabling cookies you may not benefit from some of the features of our site. You can find out more about deleting or controlling cookies by visiting aboutcookies.org.

For more information on our Cookies policy, please visit https://www.roxburghonline.co.uk/cookie-policy/.

At St. James’s Place, we take our responsibility to look after your personal information and privacy seriously. In today’s world, we have all seen a growing trend in cybercrime and security breaches. We have a number of security measures in place to help prevent fraud and cybercrime.

If we become aware that a personal data breach has occurred and is likely to result in a high risk to the rights and freedoms of our clients, Partners or employees, we will inform them without undue delay.

We have a dedicated group, the ‘Information Security Oversight Committee’, that provides oversight and guidance to our information security and privacy programme.

The executive body responsible for privacy and data security is the Information Security Oversight Committee (ISOC) - chaired by the Data Protection Officer. ISOC has a reporting line that enables effective escalation of issues up to the Board where appropriate.

We educate and train our employees, Partners and contractors on their information security, fraud prevention and privacy obligations annually.

Our employees, Partners and contractors take part in an annual Information Security training and awareness program and must agree to adhere to the Data Protection Act and our own Information Security Policy that are designed to keep your information safe. These are refreshed each year to reflect the current trends that are being observed across the information security landscape. Information Security awareness also forms part of our new employee induction program.

We also educate our employees in identifying potential financial crime and internal fraud; any suspicious activity is reported to our Financial Crime Prevention team.

When you login, or send us information on the internet we protect the security of this information while it is being transmitted by encrypting it using Secure Sockets Layer (SSL).

When you use your web browser to login, view or share information with us, all electronic information exchanged is encrypted using 2048bit SSL (Secure Sockets Layer) certificate. You can identify this by looking for the HTTPS:// and the padlock in the address bar at the top of your browser:

padlock in the address bar at the top of your browser

We will always interact with you in a safe, secure and consistent manner

To keep your information secure and to protect our clients from fraud, St. James’s Place will only interact with you in the following ways. If in doubt, call your St. James’s Place Partner directly or alternatively email the St. James’s Place Data Protection Office at dpo@sjp.co.uk.

When interacting with you, we will:

Only send funds that you have requested to be withdrawn to a verified bank account in your name.

Verify who you are when speaking to you on the phone, by asking you security questions.

We will not:

Ask you for your password over the phone.

Send you an unsolicited email with a link to our login page asking you to enter your Online Wealth Account credentials.

Ask you for payment or credit card details by email or telephone.

Call you to notify you of a problem, and then request you call us back immediately to discuss the problem further.

We continually review our physical and logical security controls in place across the business.

Physical controls – As well as protecting your digital information, St. James’s Place also protects their premises and physical locations where personal data may be used and stored. These measures include security guards, security entrances, secure disposal of confidential waste and hardware, CCTV, personal card access and locks on doors and file storage cabinets, with a ‘clear desk’ policy to ensure all information is locked away and protected.

Logical controls – St. James’s Place uses technical security measures to make sure our systems where we store and use personal information are protected from unauthorised access. Tools such as authentication controls, antivirus, firewalls, malware detection and back-up procedures are used across the business.

All employee emails and devices are encrypted to enable secure transfer and storage of personal information.

We conduct security testing of our applications and services in a controlled testing environment before they are made available for our clients to use on an ongoing basis.

We perform security risk assessments for each of our sites to identify and control risks.

We have a business resiliency plan with disaster recovery and business continuity testing.

The purpose of Business Continuity Management and the St. James’s Place Business Continuity Plan, is to provide an effective, predefined and documented framework to respond to an incident affecting the Group’s activities. The key drivers in developing the business recovery plans are;

  • To mitigate the risks that could lead to the significant disruption of our products and services to our clients.
  • To provide a recovery plan that supports a timely and full restoration of our products and services for our clients

However, whilst we take appropriate technical and organisational measures to safeguard your Personal Information, please note that we cannot guarantee the security of any data that you transfer over the internet to us.

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies (text files placed on your computer) to help the website operators analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.

In addition, we use Google's remarketing technology to advertise online. In doing so, Google will place or read a unique ad-serving cookie on your computer and will use non-personal information about your browser and your activity on our sites to serve ads on their content network. Please click here for more information about remarketing or to opt-out of the Google remarketing cookie.

We will only collect personal information about you if you send us an e-mail enquiry via the 'contact us' facility or you register to receive your Unit Trust Manager's Reports by email. In order for this to happen, you will need to fill out the on line 'contact us' form or complete the registration details. The type of information being collected for an enquiry will be apparent from the layout of the 'contact us' form, which also tells you how this information will be used. The type of information collected to register to receive the Unit Trust Manager's Reports by email will be apparent from the details requested when you register. The information collected when you register will only be used to email your Unit Trust Manager's Reports and for no other reason.

We take all reasonable precautions to protect our visitors' information, both on and off line. If your personal information changes, please let us know and we will correct, update or remove any information that we hold about you on our active databases. We may however need to retain archive copies of that personal information for legal or audit purposes. If you have any queries regarding the way in which St. James's Place handles data collected from you on this website, please visit the contact us page.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out in the above four paragraphs.

Please note that if you communicate with us electronically, including by e-mail, telephone or fax, this communication may be randomly monitored and/or recorded to protect the interests of our business and our customers. This includes for the purposes of maintaining customer/service quality standards, detection of and/or prevention of crime and to ensure that St. James's Place employees comply with legal obligations and St. James's Place policies and procedures (including our customer relations practices).

We may provide hyperlinks from this web site ('the Site') to web sites of other organisations including websites of associated companies. Please note that this Privacy Policy applies only to this Site and that St. James's Place will not liable for the contents of linked web sites or any transactions carried out with organisations operating those web sites.

From time to time we may need to make changes to this notice, for example, as the result of changes to law, technologies, or other developments. We will provide you with the most up-to-date notice and you can check our website periodically to view it.

This notice was last updated on 03/06/2020.

Designed & produced by D2 Interactive