Hallmark Later Life Lending Limited takes the privacy of personal data seriously and the legal and compliant treatment of this data is at the core of our operations.
We therefore ask you to please read the following important information which explains how we collect, store and use your personal data.
Hallmark Later Life Lending Limited is registered under the General Data Protection Regulations (GDPR) 2018.
- Who are we?
Hallmark Later Life Lending Limited is an independent firm, offering financial advice to individuals, trustees and their businesses.
Hallmark Later Life Lending Limited is Registered in England, company number 12568245 at Pendricks Barn Stidcott, Tytherington, Wotton-Under-Edge, England, GL12 8QD and / or click for registration details https://beta.companieshouse.gov.uk/company/12568245
- What do we mean by Personal Data?
By personal data (or personal information), we mean information that relates to you and is used to identify you, either directly or in conjunction with other material we hold.
- How do we collect information from you?
We collect personal information about you as and when you consent to us doing so by signing our Data Consent forms, or by indicating consent on our online forms. We gather your consent in writing before entering into business relations with you.
- What type of information do we collect?
The information we collect may include
- Title, names, date of birth, gender, nationality, civil/marital status, contact details, addresses and documents that are necessary to verify your identity
- Employment and remuneration information, (including salary/bonus schemes/overtime/sick pay/other benefits), employment history
- Bank account details, tax information, loans and credit commitments, personal credit history, sources of income and expenditure, family circumstances and details of dependents
- Health status and history, details of treatment and prognosis, medical reports (further details are provided below specifically with regard to the processing we may undertake in relation to this type of information)
- Any pre-existing investments, mortgages, pensions and/or Insurance products and the terms and conditions relating to these
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We may also ask for evidence of your identity, for example your passport, driving license, proof of residence or income.
We do not ask for any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
- Why do we collect information from you?
We use your personal information for the following:
- Provision of advice and services or to provide you with the information, products and services you have requested from us.
- To comply with legislation in relation to anti money laundering regulations and the Financial Services Act.
- How do we protect your personal information?
Any personal information we collect, record, or use in any way, be it on computer, hard copy or in any other form, is secured through our safeguarding processes to ensure that we meet our obligations under the GDPR.
- What are your rights surrounding your personal information?
The GDPR enhances your rights surrounding your personal data. This includes:
- The right of access – you have the right to request a copy of any personal information we hold on you. This will be provided in a structured format, free of charge, within 30 days of your request. Requests can be made in writing, by phone or by email, to any of our contact details provided above – for the attention of Mike Hoare.
- The right to rectification – you have the right to request us to rectify any of your personal data which you believe is inaccurate or incomplete. We will respond within one month (this can be extended by two months where the request for rectification is complex). Requests can be made in writing, by phone or by email, to any of our contact details provided above.
- The right to erasure – you have the right to request ‘to be forgotten’, i.e. for us to delete all records of your personal data. We will comply with your request, unless we have a legal obligation to continue to hold your personal data, in which case we will inform you of the reason we are unable to complete your request.
- The right to restrict processing – you have the right to ‘block’ or suppress processing of personal data – in this case we will retain just enough information about you to ensure that the restriction is respected in future.
- The right to data portability – you may request a copy of your personal data, in order to use it for your own purposes across different services, e.g. moving it from one IT environment to another in a safe and secure way. We will provide the data in a structured, commonly used and machine-readable form, e.g. CSV files. This will be provided free of charge and within one month (this can be extended by two months where the request is complex).
- The right to object – you have the right to object to us processing your personal data for direct marketing purposes, and historical or statistical purposes, and we will respect this request as soon as we receive it (by post / email / phone, details of which are provided above).
- Who do we share your personal information with?
We will only share your personal data with third parties when it is necessary for the service you have asked us to provide, and we will have contracts and safeguards in place to ensure that they treat the privacy of your personal data with the same importance as we do. You will be advised of the specific third parties with whom we may share your data.
These third parties, amongst others, may include:
- Third parties such as Her Majesty’s Revenue & Customs, our regulators The Financial Conduct Authority, and law enforcement agencies based in the UK who may require reporting of processing activities in certain circumstances.
- We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
- We will never sell your personal data to a third party.
- Updates to this Policy
This policy was last updated in March 2018.