Data subjects consent to holding data.
By signing our client facing documentation, and in particular, our client terms of business document, you, as a data subject are giving consent for Trewtax Services to hold data on yourself, your spouse/partner (if appropriate) and brief details of other family members that you might supply to us on our fact finding and other forms.
This data may include sensitive personal data, which is defined as: data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.
You may withdraw Trewtax Services permission to hold any data at any time by writing to us at our business address.
Use of data held.
The data held may be used for the purposes of:
· Advising you concerning the services Trewtax offers to its clients.
· The processing of business that you conduct through Trewtax Services.
· The ongoing reporting and administrative matters that arise regarding the business that you have conducted through Trewtax Services.
For regulatory reasons, some of the data Trewtax Services hold must be retained for 5 years after the last contact with you as a client. This is predominantly in relation to future enquiries from our regulators.
You may request us to either delete or transfer data to third parties of your choice (this may be subject to agency law limitations), should you so wish. In turn, we will advise you whether such deletion or transfer will affect the services we provide you.
The rights of data subjects.
As a data subject, your rights have recently been enshrined in EU and international law. They can be summarized as follows:
· A right to require information about data being processed about you.
· Access to the data in certain circumstances.
· The right to have data that is wrong-corrected.
· The right to restrict certain types of processing.
· Right to object to data being used for direct marketing.
· The right to ask for data to be sent to the you, the data subject, in a format that is regarded as being standard and easily transferred.
· The right to be forgotten. To have the data held on you erased-as a data subject. And to inform any interested parties this has been done. This is subject to the 5-year regulatory rules, as explained above.
If the data we hold on your behalf has been subject to a data breach we will inform you as soon as we are aware of the problem.
Data breaches may occur due to technological breakdowns or where data has been transferred to a third party, either in error, or more unusually, through theft or misrepresentation.
Please rest assured that we take the management of your data very seriously and employ robust practical and technological solutions to protect it.
If we become aware of any potential fraud surrounding your data held with us, we will inform you without delay and will suggest methodologies you may be able to use to mitigate the situation. If necessary, we will contact all third parties and product providers that you have accessed via Trewtax Services to try to ensure that they do not deal with third parties purporting to be the policy/investment holder.
The existence of Data Protection Agencies (DPA) varies from country to country. If there is a designated DPA in your country of residence must report any data breaches to them within 72 hours of becoming aware of the problem.
The responsibilities of holding data
Trewtax Services takes its responsibilities of holding data very seriously. Current international law requires that Trew Tax Services thoroughly understand its own business to ensure the control and safety of data at all times.
By its very nature, and indeed as a legal requirement, this policy needs to be brief and to the point. Please do not hesitate to raise any questions with us, however. We will be very happy to assist your enquiry.