Under the GDPR we are required to notify the Information Commissioner’s Office (ICO) about our use of personal data. You can see our current data notification on the ICO website.
We collect personal data about a range of people:
- Visitors to our websites
- People who contact us (enquirers)
- Clients (including clients of the businesses operating under us)
- Job applicants and our current and former employees or contractors
Why and how we process information
We process personal information to act as an intermediary for financial transactions; typically to advise and apply for property finance such as mortgages or similar for clients. The same applies to advising and arranging insurance policies. We will ask for your consent to do this but as these are contracts with financial institutions our lawful basis for processing data is technically referred to as contract.
To understand how any personal information other than that provided to us through this website is processed you will need to refer to any personal communications you receive from us, check any privacy documents provided when entering into a contract with us or contact us to ask about your personal circumstances.
We also maintain our own accounts and records and retain employee or contractor information to manage our staff / contractors.
When you contact us, we ask for some personal information. You are under no obligation to provide this information to us. Providing that information, enables us to give you the right information or services that you ask for or notify you of further information required to facilitate that service.
If we would like to use your information for any other purpose than those stated above, we will contact you to ask for your consent.
As a minimum, we will hold your name and phone number for the purposes specified above. If you do not become a client of ours, your information will be erased after a period of time in line with our retention policy.
Visitors to our website
The virtual adviser
We will need to use your details in order to produce a mortgage illustration and confirm where the illustration should be sent. Mortgage products are sourced through Twenty7Tec. Upon receipt of your illustration you will be able to choose if you want to be contacted by one of our advisers. Our advisers will discuss your eligibility for the illustrated mortgage product and confirm how you would like to proceed. We will not contact you without your prior consent. If we have not heard from you in 60 days we will archive your information. Under FCA regulations we are required to retain your information.
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with our office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law. We cannot take responsibility for ensuring the safe passage of emails sent to us.
Our clients’ views
We want your views on the service you received and any improvements you think are necessary. We use Trustpilot as a data processor to collect feedback from our customers on our behalf and to support our marketing activities. If this is something you agree to help us with, we will share your name and email address with Trust Pilot in order to generate a review invite and confirm you are a verified customer of Fosters Financial.
Job applicants, current and former employees or contractors
When individuals apply to work with us we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Criminal Records Bureau we will not do so without informing you beforehand unless the non-disclosure is required by law.
Personal information about unsuccessful candidates will be held for six-weeks after the recruitment exercise has been completed, it will then be destroyed or deleted. We retain de-personalised statistical data about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.
Once a person has taken up employment with us, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment.
Once their employment with us has ended, we will retain the file in accordance with the requirements of our retention schedule.
Regulatory functions and reporting
As a regulated firm we must provide information to the FCA regularly or in particular situations. We must collect and store regulatory data from our authorised firms. Most of the information has to be provided to us under the Financial Services and Markets Act 2000. Some of this information will be personal data about our employees/advisers or their clients.
We process information relevant to the above purposes. This may include:
- Personal details; including information about your identity and contact details
- Family details; such as information on cohabitees, partners, children etc.
- Employment and education details
- Financial details; including income, expenditure, assets, debts and credit history
- ‘Special Category’ data; specifically, medical and lifestyle information for insurance policies
- Transaction data from services provided by us
- Technical data; IP address, browser type, device type or other ‘browsing’ data
Who the information may be shared with
We sometimes need to share the personal information we process with the individual themselves and also with other organisations. Where this is necessary we are required to comply with all aspects of the General Data Protection Regulation (GDPR). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons. Where a joint application is made, we are not able to restrict data sharing between applicants.
Fosters Financial LTD will only collect the information needed so that it can provide you with marketing and consulting services, this agency does not sell or broker your data.
Where necessary or legally required we share information with:
- Associates and representatives of the person whose personal data we are processing
- Financial organisations
- The Financial Conduct Authority (FCA)
- The Financial Ombudsmen Service (FOS)
- Law enforcement and prosecuting authorities
- Credit reference agencies
- Debt collection and tracing agencies
- Other companies in the same group
- Our service providers
- Courts and tribunals
- Undertaking research
- Consulting and advisory services
- Our professional advisers
- Staff welfare organisations
- Current, past or prospective employers
- Pension and payroll administrators
We may, on occasion, pass your personal information to third parties exclusively to process work on our behalf; for example, a data destruction provider. We always require these parties to agree to process this information based on our instructions and requirements consistent with this Privacy Notice and GDPR.
To ensure we are able to meet our legal, regulatory and customer obligations, we will retain client information for the following periods:
- Any enquirer who are only have limited interaction with, 90 days
- Any enquirer we interact with, but do not credit search via a lender’s system, 1 year
- Where we credit search you via a lender’s system, submit an application which does not complete, or where you make a complaint, 7 years
- For any finance or insurance application which completes, we will hold records for 7 years after the end of the contract
- Any survey information gathered from enquirers or clients, 18 months
We also hold employee and contractor information, whether prospective or actual, for:
- Candidates unsuccessful at application have their information deleted immediately
- Candidates unsuccessful at interview, 6 weeks
- Employees/contractors after position ends, 7 years (but not payroll or accounts information)
- Employees/contractors after employment ends (remaining payroll and accounts information), 21 years
We use services and/or suppliers who operate within the EEA and while their parent company may be US based, we require all to fully comply with GDPR or similar to ensure a continuously high level of data protection.
Your rights as a data subject
At any point whilst Fosters Financial LTD is in possession of or processing your personal data, all data subjects have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records
- Right to restriction of processing – where certain conditions apply you have a right to restrict the processing
- Right of portability – you have the right to have the data we hold about you transferred to another organisation
- Right to object – you have the right to object to certain types of processing such as direct marketing
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling
In the event we refuse your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge.
At your request we will confirm what information we hold about you and how it is processed.
Access to personal information
You have the right to access your personal information (subject to certain exemptions). If you wish to find out what information we hold that relates to you, you must make your request in writing to;
The Data Protection Officer, Fosters Financial Ltd, 770 The Crescent, Colchester, CO4 9YQ
How to contact us
This privacy notice does not provide exhaustive detail of all aspects of the collection and use of personal information. However, we are happy to provide any additional information or explanation needed. If you have any questions or complaints please contact the Data Protection Officer at:
The Data Protection Officer, Fosters Financial Ltd, 770 The Crescent, Colchester, CO4 9YQ
Telephone 01206 911401 or email email@example.com
What if I am still not satisfied?
If you are not satisfied with how Fosters Financial has responded to your enquiry, you have the right to complain to the Information Commissioner’s Office (ICO), who is the regulator for data protection in the United Kingdom.