Our Privacy Policy
OVERVIEW
Tideway take your privacy seriously and we ask that you read our Privacy Policy and Cookie Policy carefully as they contain important information about our commitment to:
- protecting the personal data you provide to us;
- telling you how we use the information we gather about you; and
- ensuring that you know the circumstances under which we may disclose your personal data.
Tideway act as a Data Controller and your personal information will be held and processed by us in accordance with applicable data protection law and our Privacy Policy sets out how we collect, handle, store and protect information about you when:
- we provide products or intermediary services to you or our client;
- you visit or use our Website; and/or
- performing any other activities that form part of our business.
This Policy covers the privacy and data protection policies on our Websites and should be read in conjunction with any other applicable policies, terms, and conditions in place between you and Tideway.
Websites
These policies also cover the websites owned or operated by Tideway, including (but not limited to):
http://www.tidewayinvestment.co.uk
https://www.tidewaywealth.co.uk/
Policy Changes
Previous versions of this Policy are available upon request. Tideway reserves the right to amend this Privacy Policy at any time without notice in which case the date of the Policy will be revised. Any revised versions will be added to our website and we would ask that you check our website on a periodic basis to ensure you are familiar with our latest version.
The current version of this Policy can be accessed from the link on the homepage, or at the bottom of our website pages. By accessing the Website following amendments, you are accepting the amended Policy.
- WHAT TYPE OF INORMATION WE COLLECT
You may be asked to voluntarily provide certain personal information details about you such as:
- contact information
- identity information
- financial information
- employment status
- lifestyle information
- health information
- details of any potential vulnerability
- existing product/scheme details
You may also submit personal identifiers, contact points and individual characteristics to us via one of our websites.
Subject to applicable laws, we’ll monitor and record your calls, emails and other communications in relation to your dealings with us. We’ll do this for regulatory compliance, self-regulatory practices, crime prevention and detection, to protect the security of our communications systems and procedures, to check for obscene or profane content, for quality control and staff training, and when we need to see a record of what’s been said. If you take out an account or service with us, we may also monitor activities on your account/service where necessary for these reasons and this is justified by our legitimate interests or our legal obligations.
- HOW WE OBTAIN THE INFORMATION AND WHY WE HAVE IT
How We Obtain
We may collect personal information from you during a face to face meeting via email, using a pre-prepared document or during a telephone call. The majority of the personal information we process is provided to us directly by you. Tideway will use this information for the administration and servicing of your investments and other related activities and to ensure compliance with its obligations under the UK’s legal and regulatory regime. Tideway may disclose the information to its agents and service providers.
Subject to your express consent, and to help us in delivering our services to you, we may also obtain personal information about you indirectly from the Trustees, administrators or providers of existing financial arrangements you may have an existing relationship with.
You may also provide personal information to us when registering or requesting information from one of our websites.
Legal Basis for Processing
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing the personal information we collect from you are as follows:
1. As necessary to perform our contract with you for the relevant service:
- To take steps at your request prior to entering into it;
- To decide whether to enter into it;
- To manage and perform that contract;
- To update our records; and
- To trace your whereabouts to contact you about your account and recovering debt.
2. As necessary for our own legitimate interests or those of other persons and organisations, e.g.:
- For good governance, accounting, and managing and auditing our business operations;
- To monitor emails, calls, other communications, and activities on your account;
- To send you marketing communications and for marketing to you.
3. As necessary to comply with a legal obligation, e.g.:
- When you exercise your rights under data protection law and make requests;
- For compliance with legal and regulatory requirements and related disclosures;
- For establishment and defence of legal rights;
- For activities relating to the prevention, detection and investigation of crime;
- To verify your identity, make credit, fraud prevention and anti-money laundering checks; and
- To monitor emails, calls, other communications, and activities on your account.
4. Based on your consent, e.g.:
- When you request us to disclose your personal data to other people or organisations such as a company handling a claim on your behalf, or otherwise agree to disclosures;
- When we process any special categories of personal data about you at your request (e.g. your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning your health, sex life or sexual orientation); and
- To send you marketing communications where we’ve asked for your consent to do so.
- WHAT WE DO WITH THE INFORMATION WE COLLECT
Our Services
We use the Personal Information and data you have given us, or submitted to us via our websites, to service your account, to improve our services to you, ensure we can adhere to our regulatory obligations when delivering any regulated advice or guidance and/or to provide you with information on Tideway’s products and services.
Sharing Data
Tideway may disclose the information to its agents, employees and service providers in order to provide you with advisory and investment services. We will not provide any personal information to any other persons, except if we are required to make disclosures by any law, any government or private parties in connection with a lawsuit, subpoena, investigation or similar proceeding.
As such, and subject to applicable data protection law we may share your personal data with:
- Tideway Group companies and associated companies in which we have shareholdings;
- Sub-contractors and other persons who help us provide our products and services to you;
- Companies and other persons providing services to us;
- Our legal and other professional advisors, including our auditors;
- Fraud prevention agencies, credit reference agencies, and debt collection agencies at account opening
and periodically during account or service management;
- Other organisations who use shared databases to do income verification and affordability checks and to manage/collect arrears;
- Law enforcement bodies;
- Government bodies and agencies in the UK and overseas (e.g. HMRC who may in turn share it with
relevant overseas tax authorities and with regulators e.g. the Prudential Regulatory Authority, the
Financial Conduct Authority, the Information Commissioner’s Office);
- Courts, to comply with legal requirements, and for the administration of justice;
- The Financial Services Ombudsman;
- The Financial Conduct Authority;
- In an emergency or to otherwise protect your vital interests;
- To protect the security or integrity of our business operations;
- To other parties connected with your account (e.g. joint account holders; or your introducer)
- When we restructure or sell our business or its assets or have a merger or re-organisation;
- Market research organisations who help to improve our products or services;
- Anyone else where we have your consent or as required by law.
Sharing Data with Service Providers
Your personal data may be collected and processed for the purposes above by a third-party service provider engaged by us for these purposes.
Service providers we engage may be based in countries that have different standards of protection for personal data. Recipients will be required by us to protect your information in accordance with applicable data protection laws.
Business Transfers
If the business, stock or assets of Tideway, are acquired or merged with another business entity, we will share all or some of your information with this entity to continue to provide our service to you. You will receive notice of such an event and the new entity will inform you of any changes to the practices in this Privacy Policy. If the new entity wishes to make additional use of your information, you may decline such use at such time.
Disclosure to Third Parties
The personal information you provide to us will only be disclosed to third parties if we have your permission, or as set out in this Privacy Policy.
We may disclose details about the general use of our Websites to third parties – for example, to demonstrate patterns of use to other business partners. Information we pass on for this purpose will not include any personal data by which you may be identified. We endeavour to prevent unauthorised disclosures of your personal data by third parties, but we are not responsible for any unauthorised disclosures or other breaches of security or for the actions of others if the information was passed to them with your authority or with the authority of anyone other than us or our group companies.
Third-Party Websites
Tideway disclaims responsibility for the privacy policies and customer information practices of third-party internet websites hyperlinked from our Website or this Privacy Policy.
E-mail and Marketing
Tideway does not sell its clients’ personal data, nor will we provide your personal data to third parties for their marketing purposes without your consent. Tideway will not send you e-mail messages without first receiving your permission, unless it relates to servicing your account. It is our policy to include instructions for unsubscribing.
European Union
We shall use and store personal information on our internal systems and to transfer it to its associated companies (if applicable), whether inside or outside the European Union, for the purpose of providing services to you. You should also be aware that the level of protection in relation to the processing of personal data may not be the same in other countries as it is in the United Kingdom.
- HOW WE STORE YOUR PERSONAL INFORMATION
Storage
Your personal information is stored on a secure client management system. This ensures that we have appropriate security measures in place to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. Additionally, access to our secure client management system is limited to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We have procedures in place to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We protect your personal data when you transact business on our Website by requiring the use of a browser software program that supports industry standard SSL encryption with 128-bit key lengths. The “128-bit” designation refers to the length of the key used to encrypt the data being transmitted, with a longer key representing a higher level of security.
Retention Policy
We hold client data in accordance with regulatory requirements which may be amended from time to time. The following criteria are used to determine data retention periods for your personal data (whether or not you become a customer) :
- Retention in case of queries. We’ll retain your personal data as long as necessary to deal with your queries (e.g. if your application is unsuccessful) or for a sensible period in order for us to reply to your online query and then deal with queries you raise upon receipt);
- Retention in case of claims. We’ll retain your personal data for as long as you might legally bring claims against us; and
- Retention in accordance with legal and regulatory requirements. We’ll retain your personal data after your account, policy or service has been closed or has otherwise come to an end based on our legal and regulatory requirements.
- YOUR DATA PROTECTION RIGHTS
Under data protection legislation (Data Protection Act 2018 and the General Data Processing Regulations), you have rights as an individual which you can exercise in relation to the personal information we hold about you. These include:
Your right of access
- You have the right to ask us for copies of your personal information. There are some exemptions, which means you may not always receive all the information we process. Where you would like to receive a copy of all personal data held, such request should be in writing (email or post), addressed to our Chief Compliance Officer at our offices and should contain as much information as possible to facilitate our dealing with this request.
Your right to rectification
- You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
Your right to erasure
- You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing
- You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing
- You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests.
Your right to data portability
- This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you.
The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
You are not required to pay any charge for exercising your rights. Should you wish to make a request, please do so using the contact details section; we have one month to respond to you.
- CONTACT US
If you have any questions about this Policy, or our privacy related practices, please contact us:
- through your usual contact at Tideway or by email at compliance@tidewayinvestment.co.uk
- by phone at Tideway +44 (0)20 3143 6100
- by post: 107 Leadenhall Street, London, EC3A 4AF
- HOW TO COMPLAIN
You may also complain to the information Commissioners Office (ICO) if you are unhappy with how we have used your date. The ICO’s address is:
Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline: 0303 123 1113
COOKIES POLICY
What are cookies?
Cookies are small text files that are stored in your computer’s memory and hard drive, in your mobile device or tablet when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website, or other third parties which receive data obtained from that website.
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience.
Why do we use cookies?
Tideway uses some session cookies (eg DB Pension transfer enquiries). This means that the cookies will only operate for the length of a single browsing session. Whilst other cookies have a longer life span to ensure that they fulfil their longer-term purposes (for example the first time you visit our websites you accept our cookies). Please note that, however long the cookies’ active life may be, you can delete cookies (and therefore stop any further data collection by them) as further described below.
Google Analytics cookies are used to track number of visits to our website.
If you are using one of our password-protected sites, then the Website may use cookies or other technology to help us authenticate you, store and recognise your configuration and user attributes, facilitate your navigation of the website and customise its content so that the information made available is likely to be of more interest to you.
In broad terms, we use cookies on our Websites for the following purposes:
Usage preferences: Some of the cookies on our Websites are activated when visitors to our sites make a choice about their usage of the site. Our Websites then ‘remember’ the settings preferences of the user concerned. This allows us to tailor aspects of our sites to the individual user.
Terms and conditions: We use cookies on our Websites to record when a site visitor has seen a policy, such as this one, or provided consent, such as consent to the terms and conditions on our Websites. This helps to improve the user’s experience of the site – for example, it avoids a user from repeatedly being asked to consent to the same terms. We also track whether a user has seen other similar documents (such as an online survey) before – again, to ensure that a user’s experience of our Websites is a smooth one.
Session management: The software that runs our websites uses cookies for technical purposes needed by the internal workings of our servers. For instance, we use cookies to distribute requests among multiple servers, authenticate users and determine what features of the site they can access, verify the origin of requests, keep track of information about a user’s session and determine which options or pages to display in order for the site to function.
Functional purposes: Functional purpose cookies store information that is needed by our applications to process and operate. For example, where transactions or requests within an application involve multiple workflow stages, cookies are used to store the information from each stage temporarily, in order to facilitate completion of the overall transaction or request.
Please note that third parties may use cookies. The kind of cookies and the consequent data processing carried out by such third parties are regulated by their privacy policy. Please see below.
Your cookie preferences
Cookies are necessary in order for you to be able to make full use of Tideway’s Websites. In addition, cookies help us provide you with personalised features on our Websites. If you chose to disable cookies, some of Tideway’s Website functionality might be impaired.
Local Flash Storage
On certain of our Websites, we include content designed for display using Adobe Flash Player, such as animations, videos and tools. Local flash storage (often referred to as “Flash cookies”) can be used to help improve your experience as a user. Flash storage is retained on your device in much the same way as standard cookies but is managed directly by your Flash software.
If you wish to disable or delete information stored locally in Flash, please see the documentation for your Flash software, located at www.adobe.com. Please note that, if you disable Flash cookies, some site functionality may not work.
Third party cookies
When you visit our Websites, you may receive cookies that are set by third parties. These may include cookies set by Google. These cookies are used for the purposes described in the “Why Do We Use Cookies?” section of this policy. We do not control the setting of these third-party cookies, so we suggest you might wish to check the third-party websites for more information about their use of cookies and how to manage them.
To opt out of being tracked by Google Analytics across all websites visit: http://tools.google.com/dlpage/gaoptout
Amending cookie preferences
If you wish to remove cookies set by our Websites from your browser in the future, you may delete them. The instructions for removing cookies from your computer or mobile device depend on the operating system and web browser you use. Please note, however, that withdrawing your agreement to the use of cookies on our sites will impair the functionality of the sites.
Further information about cookies If you would like to find out more about cookies in general and how to manage them, please visit www.allaboutcookies.org.