Bright Square Pensions are the scheme administrators of the Fusion Wealth SIPP.
For the purpose of the General Data Protection Regulation (“GDPR”), the Data Controller is Bright Square Pensions Limited.
Important note about your financial adviser
Your personal information
Information we collect from you
For certain Bright Square Services, the provision of your full name, postcode, e-mail address, date of birth, primary passport country and country of birth are all required from you in order to register you for a Bright Square Service. When submitting general enquiries through a Bright Square Service, your name and e-mail address are required from you to enable us to respond to your enquiry. We will inform you at the point of collecting information from you, whether you are required to provide any other information to us.
Uses made of your information
Lawful basis for processing
We rely on the fulfilment of Our contractual obligations in providing you with the Bright Square Services as the lawful basis for processing your personal data. This may be pursuant to any terms and conditions or end user licence agreements you have entered into with Us.
We also rely on “legitimate interests” for processing your personal data. The legitimate interest is processing your personal data as part of responding and contacting you regarding any enquiries you make in relation to the Bright Square Services We offer.
Purposes of processing
We use information held about you in the following ways:
In addition to the above uses We may use your personal data to notify you about additional Bright Square Services which may be of interest to you. For such uses We will only contact you by electronic means (e-mail) if you have provided Us with your email address when We collect your personal data.
If you do not want Us to use your personal data in this way please either (i) tick the relevant box situated on the form or page on which We collect your personal data (for example, a registration); (ii) unsubscribe from our electronic communications using the method indicated in the relevant communication; or (iii) inform Us at any time by contacting Us at the “Contact” details set out below.
Where you are a person who has not attained the required age to provide valid consent to the processing of your personal data (as determined by applicable law), any processing of your personal data will be subject to the consent of your appointed legal guardian.
Third Party Marketing
We will not sell, share or pass your personal data to a third party for marketing purposes unless you have expressly consented to Us doing so.
Disclosure of your information
As part of your use of certain Bright Square Services, your personal data may be passed on to third parties. With certain Bright Square Services, your personal data will be disclosed to your Adviser. Your personal data may also be disclosed to Our service providers, including technology suppliers such as Creative Technologies Limited and Dunstan Thomas Group Limited. We may also use suppliers such as Bottomline Technologies Limited to facilitate direct debit payments and the GB Group PLC to assist Us with any of our money laundering requirements.
In addition to the above, We may pass your personal data to other third party providers, agents, subcontractors and associated organisations for the purposes of: (i) completing tasks, responding to enquiries and providing services to you on Our behalf; and (ii) storing, protecting and securing your personal data.
Payment is handled separately. Your payment card details are never collected by Us. If you want to find out more about how your bank processes your personal data, you can refer to their own privacy notice.
We may disclose your personal data to any member of Our corporate group, which means Our subsidiaries, Our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable).
We may also disclose your personal data to third parties:
Other than as set out above, and save insofar as is necessary in order for Us to carry out Our obligations arising from any contracts entered into between you and Us, We will not share your data with third parties unless We have procured your express consent to do so.
Storing your personal data
We take appropriate measures to ensure that any personal data is kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, We cannot guarantee the security of your data transmitted to any Bright Square Services; any transmission of your data to a Bright Square Service is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.
Keeping your personal data up to date
If your personal details change you may update them: (i) by accessing the relevant page of any online portal We provide you with access to as part of the Bright Square Services; or (ii) by certain online portals accessed through your Adviser; or (iii) by contacting Us using the contact details below. We may also receive requests to make changes to your personal data from your Adviser as part of the services they provide to you. We may update personal data on your behalf if this is updated by you or your Adviser through the Fusion Wealth Platform Service. If you have any questions about how We use data collected which relates to you, please contact Us by sending a request by email to the contact details below.
We will endeavour to update your personal data by the end of the next working day following any new or updated personal data being provided to Us, in order to ensure that the personal data We hold about you is as accurate and up to date as possible.
How long We keep your personal data
We will hold some of your personal data indefinitely for retrospective reporting and metric purposes, in order to comply with the requirements of Our regulators from time to time or applicable law. Any personal data We do not hold for these purposes will be retained for up to 6 years following such time you cease being a user of any Bright Square Services (e.g. you are no longer an account holder).
If you contact Us as a prospective customer using Our e-mail address or via Our website contact form, requesting general information about our services, We will hold that personal data you choose to provide such as your name, address, e-mail address, for 12 months from our last point of contact.
If you contact Us as a prospective customer using Our e-mail address or via Our website contact form, requesting quotes and information about Our services in respect of specific projects, We will hold that personal data you choose to provide such as your name, address, e-mail address, for 12 months from Our last point of contact.
Where We store your personal data
All information We hold about you is stored on servers within the EEA.
The data that We collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for Us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders, the processing of your payment details and the provision of support services.
Such countries do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal data will be subject to appropriate safeguards e.g. European Commission approved contract (as permitted under Article 46(5) of the General Data Protection Regulation) that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
If you would like further information on the safeguards We use as part of any transfer of your personal data outside of the EEA, please contact Us (see ‘Contact’ below).
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please email, call or write to Us using the “Contact” details below;
How to complain
We hope that We can resolve any query or concern you raise about Our use of your information. The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
We reserve the right to modify this Policy at any time. Any changes We may make to our Policy in the future will be notified and made available to you using the applicable Bright Square Service.
James Lasenby is the Company’s appointed Compliance Officer in respect of its data protection activities. He can be contacted at email@example.com.
For new sales enquiries, please call 01403 334411
For all other enquiries, please call 01403 334477