Privacy Policy

Privacy Policy

INDEX

  1. What type of information do we collect from you?
  2. On what basis can we process your information?
  3. What are we going to do with your information?
  4. How long do we keep your data for?
  5. Who do we share your information with?
  6. Is your data secure?
  7. Usernames and passwords
  8. Unauthorised access to personal data
  9. How to access and update your information?
  10. How to request erasure of your data
  11. How to withdraw your consent
  12. How to restrict or object us using your data?
  13. Moving your information to another organisation
  14. Complaints about the use of your personal data

 

IMC Financial Services are committed to protecting and respecting your privacy.

This policy together with our ‘Terms and Conditions‘ sets out the privacy practices for IMC Financial Services. In this policy we state how we process personal data collected about you (collected via your interactions with our online content, such as contact forms and tools, and/or provide directly by you).

Please read this statement carefully to understand why data is being collected and what we do with that data, as by accessing, browsing or otherwise using our imcfs.co.uk website, you confirm that you have read, understood and agree to the terms of this Privacy Policy, and therefore, you agree to the collection and use of your data in accordance with this statement, until further notice or update of your preferences.

Our website and services may contain links to other independent websites. These sites may ask you to provide information to them. Please be aware that such requests and information provided is not under our control, and we are not responsible for the privacy practices of those other sites. We encourage you to be aware when you leave our website (imcfs.co.uk) to read the privacy statement of each and every website that you enter.

For the purpose of the Data Protection Act 1998 and General Data Protection Regulation EU 2016/679, the data controller is IMC Financial Services, a company registered in England under the company number 07594779, whose registered address is Lambourn House, 17 Sheen Lane, Mortlake, London SW14 8HY.

IMC Financial Services may change this policy from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes.

 

INFORMATION COLLECTED AND USE

  1. What type of information do we collect from you?

When you access our website (https://imcfs.co.uk) and/or express your interest in the use of our Services, IMC Financial Services and any other third parties who host, maintain or support our delivery of Services may collect personal and technical information about you.

The personal information we collect from you will typically include the following:

  • Full name and contact details (including your date of birth, contact number, email and postal address).
  • Any phone number or email used to get in touch with our Customer Service department and office.
  • Information relating to your identity where we are required by law to collect this to comply with the Money Laundering Regulations 2017 and the Immigration Act (such as passport and/or driving license).
  • Information on your close connections where we are required to conduct conflicts of interests under regulatory obligations.
  • Your banking details as per required when you are applying for Services where your credit worthiness must be evaluated (for example, Services such as mortgage applications).
  • Information on any access requirements you have necessary to enable us to find suitable Services for you, which may consist of special category personal data comprising details of any disability or other health information about you (for example, Services such as life protection or insurance).
  • Details about your interests where we wish to send you marketing information about similar products and/or Services.

The technical information collected is anonymous (none of the personal data mentioned above is collected) and will include the usage information aboutvisits to our website (via ‘cookies’ which enables our website to remember information about you and your preferences). Please read our ‘Cookie Policy‘ for further details. The technical information collected includes:

  • Internet Protocol (IP) address used to connect your device to the Internet.
  • URL clickstream to and from our site (including date and time).
  • Device operating system and platform.
  • Device location data (if function is not disabled on your device).
  • Browser and plugin types and versions.
  • Login usernames (for security reasons and required for the use of the website client login ‘FinPlan Portal’ platform).
  • Time zone settings.
  • Pages and/or products viewed and/or searched for.
  • Time spent on certain page and page interaction information (such as scrolling, clicks and mouse-overs).
  • Methods used to land and exit from the website and/or page.
  • Page response times
  • Download errors.
  • Communication history between you and our company, including a record of the email, telephone and postal correspondence created a) when you contact us as part of a product or Service query, b) during the contractual period of the delivery of Services.

Where we need to collect personal data by law (for example, to meet our obligations to prevent fraud and money laundering) or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to a) perform the existing contract and/or services as requested, b) enter in a contract and/or services as requested. In this case, we may have to cancel a contract or service you have with us, but we will notify you if this is the case at the time.

 

  1. On what basis can we process your information?

The legal grounds under data protection legislation for processing your personal data are as follows:

  • It is necessary for the performance of a contract to which you are a party, or to take steps prior to entering into a contract with you, for us to provide you with our products and Services;
  • You have given us explicit consent to the processing of your personal data for one or more specific purposes, namely 1) where you have given us consent to receive electronic marketing by us and/or 2) to process your Special Category Personal Data described above. You do not need to provide us with marketing consent in order to receive our Services;
  • It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this, we shall consider a number of factors, such as what you were told at the time you provided your data, what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you. Our legitimate interests include processing necessary to improve and to promote our Services and product and to better understand our customers’ interests and knowledge of the financial market and to administer the technical aspects of our Service and products;
  • Where we need to comply with a legal obligation; or in rare circumstances;
  • Where we need to protect your interests (or someone else’s interests); and/or
  • Where it is needed in the public interest or for official purposes.

 

  1. What are we going to do with your information?

We will hold and use personal information about you in the following ways:

  • To fulfil our obligations to you when providing you with our Services;
  • To share your information with others where necessary to fulfil our Services for you or where acting as agent for a third party on your behalf;
  • To comply with our statutory and regulatory obligations, including verifying your identity, prevention of fraud and money laundering and to assess your credit worthiness;
  • Communicate with you to providing our Services, for example with your enquiries and requests;
  • Statistical purposes so we can analyse figures to help us manage our business and plan strategically for the future;
  • To provide you, or to enable third parties to provide you, with information about goods or Services we feel may interest you: where you have provided permission for us to do so or, if you are an existing customer where we choose to contact you by electronic means (including newsletter and email) with information about our own goods and Services similar to those which you have already obtained from us or negotiated to obtain from us (for those marketing messages you can unsubscribe at any time);
  • Track your use of our service, including your navigation of our website in order to improve the website performance and user experience;
  • To ensure that content from our website is presented in the most effective manner for you and for your device;
  • To notify you about changes to our Service(s).

 

  1. How long do we keep your data for?

We will retain your personal data for different periods depending on the Service you have chosen to use us for, which may be a longer period than that for which we need to hold your data to provide those Services, i.e. where we are under regulatory or statutory duties to hold your data for a longer period or need to retain it in the event of a legal claim or complaint.

 

  1. Who do we share your information with?

We will pass your details to the following organisations (our “data processors”) who carry out certain activities on our behalf as part of us providing our services: Exchange, Trigold, payment service providers, mortgage providers, insurance companies, cloud computing host providers, technical support service providers, advertising networks services, email marketing services, financial services, business partners, sub-contractors, services, etc.

We will also pass your details where necessary to your property solicitors and those of the other party to your transaction. We will also disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
  • If our company or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation, or to protect the rights, property, or safety of our company, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We will not share your information with third parties for marketing purposes without first obtaining your prior consent.

 

SECURITY

  1. Is your data secure?

We are committed to ensuring that your information is secure. Your data is held on secure servers within the European Economic Area (“EEA”) with all the necessary technological and operation measures put in place to safeguard it from unauthorised access. Where possible any identifiable information will be encrypted or minimised.

Whereas cases of your data being held out of the EEA, we have taken all the necessary steps to ensure that the data processor is aware of the General Data Protection Regulation EU 2016/679 to ensure compliance with our obligations under these regulations, to keep personal data up to date and secure.

All information collected via our website is stored and encrypted (using SSL technology) on our secure servers. We are continuously auditing our website’s performance and security, to prevent any downfalls which may put at risk the website’s security and data collected. If you have any reasons to believe that our website is not performing at its best in securing your data, please get in touch via andrewjackson@imcfs.co.uk.

 

  1. Usernames and passwords

If we have given you a username and password which enables you to access certain parts of your data on our systems, you are responsible for keeping it confidential. Please do not share it with anyone.

 

  1. Unauthorised access to personal data

The data that we collect from you may be stored and processed by staff operating inside and outside the EEA, who work for us or for one of our suppliers. Such staff may be engaged in the fulfilment of the contract and/or services to you. IMC Financial Services has taken all the necessary steps to ensure that your data is treated securely and in accordance with this policy and the new General Data Protection Regulation EU 2016/679.

We undertake business and website audits which enable us to further develop our strict procedures and security features to prevent unauthorised access.

 

YOUR RIGHTS

  1. How to access and update your information?

You have a right to request a copy of the personal information we hold about you, known as a data subject access request. You also have the right to request that information we hold about you which may be incorrect, or which has been changed since you first told us, to be updated or removed. These requests are free of charge and can be sent to DPO Andrew Jackson, Lambourn House, 17 Sheen Lane, Mortlake, London SW14 8HY.

 

  1. How to request erasure of your data

You can ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where you have withdrawn consent for us to process it (as explained below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

 

  1. How to withdraw your consent

You have the right at any time to withdraw any consent you have given us to process your personal data. Please note if you withdraw your consent it will not affect the lawfulness of any processing of your personal data we have carried out before you withdrew your consent. Should you wish to do so you can change your consent preferences at any time by contacting DPO Andrew Jackson at 020 8392 6117 or 020 8392 6111.

 

  1. How to restrict or object us using your data?

You can ask us to suspend the way in which we are using your information in certain scenarios, or object to our processing your data where we are relying on a legitimate interest ground (or those of a third party) and you feel it impacts on your fundamental rights and freedoms, or where we are processing your personal data for direct marketing purposes. In some cases where you object, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Please note that if you want us to restrict or stop processing your data this may impact on our ability to provide our Services. Depending on the extent of your request we may be unable to continue providing you with our Services.

Any queries or concerns about the way in which your data is being used can be sent to DPO Andrew Jackson, Lambourn House, 17 Sheen Lane, Mortlake, London SW14 8HY.

 

  1. Moving your information to another organisation

In the event that we process your data by automated means where you have either provided us with consent for us to use your information or where we used the information to perform a contract with you, you have the right to request that we send to you or to another organisation, a copy of the personal data we hold about you, for example when you are dealing with a different service provider. If you would like us to move, copy, or transfer your information please let us know by email to andrewjackson@imcfs.co.uk. We will respond to you within one month after assessing whether this is possible, taking into account the technical compatibility with the other organisation in question.

 

  1. Complaints about the use of your personal data

If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated by writing to DPO Andrew Jackson, Lambourn House, 17 Sheen Lane, Mortlake, London SW14 8HY.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the UK data protection regulator, the Information Commissioner’s Office.  Further details can be found at www.ico.org.uk or 0303 123 1113.

In this section

Please refer to these Legal pages prior to any engagement with our Site.