Privacy Policy
Contents
- Privacy Policy
- Purpose of this notice
- What is personal data?
- When will we collect personal data?
- Personal information we collect from you
- Other sources where we collect information about you
- How will we use your personal data?
- Special Categories of Data/Sensitive Personal data
- Using your personal information to communicate with you
- Who might we share your information with?
- Credit reference agencies and fraud prevention agencies
- International data transfers
- How long do we keep hold of your information?
- How do we keep your data secure?
- Your rights
- Automated processing
- How automated processing makes decisions
- Marketing
- Website
- Other websites
- What can you do if you are unhappy with how your personal data is processed?
- Changes to our privacy policy
- How to contact us?
Privacy Policy
TQ Invest (referred to in this policy as "we", "us" or "our") is a trading name of Capital Professional Limited For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
Purpose of this Policy
This policy explains what kind of personal information we collect in connection with our services and how we will process (use) this information.
This policy describes how we collect, use, share, retain and safeguard personal data.
This policy also sets out your individual rights. We explain these later in the policy but in summary these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data.
What is personal data?
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, date of birth, gender, and contact details but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. Personal data does not include data where the identity has been removed (anonymous data).
Personal data may contain information which is known as special category personal data. This may be information relating to an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to sexual orientation.
Personal data may also contain data relating to criminal convictions and offences. This data is treated in the same manner as special category personal data, where we are legally required to comply with specific data processing requirements.
When will we collect personal data?
We collect information about you when you engage us for execution only services.
We may also collect information when you voluntarily complete client surveys or provide feedback to us and when you request information about our services, client events, promotions, and campaigns.
Depending on the services being provided, we may need to collect personal data relating to others such as close family members and dependants. In most circumstances, you will provide us with this information. Where you disclose the personal data of others, you must ensure you are legally entitled to do so and have the consent of the people concerned. You should also share this policy with your family and dependants. We can provide a copy of this privacy policy for them on request.
You may provide us with personal data when signing up to our services, through application forms, when completing contact forms, when you contact us via the telephone, when writing to us directly or where we complete forms in conjunction with you.
When you first visit our website, we will place a cookie on your computer.
We may record your communications with us when contacting our customer care, complaints, and other customer focused functions.
Where we collect data directly from you, we are considered to be the controller of that data i.e., we are the data controller. Where we use third parties to process your data, these parties are known as processors of your personal data. Where there are other parties involved in managing your investment, we will be a joint data controller of your personal data.
A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.
A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.
Personal information we collect from you
The information we hold about you will often be provided by you directly (for example, when you apply for a service or product) but sometimes it we collect data from other sources. As a provider of financial services, we will collect and hold the following categories of personal data:
- Your personal details (for example, your name, date of birth, identification details like passport information).
- Your contact details (for example, your postal address, phone number, email address and mobile number).
- Biometric information (for example, voice recognition when you call our call centre or agents).
- Special categories of personal data such as data relating to medical health and your lifestyle.
- Financial details (for example, salary and other income, details of accounts held with other providers, loans, mortgage, and other debts; and your bank account and bank card details).
- Education and employment details and employment status.
- Information about criminal convictions and offences.
- Your interactions with us. This includes via the website and social media.
- Personal data about other people (such as your family, joint account holders, people you appoint under a power of attorney (your attorney) or as trustees).
- Information about your digital devices when you interact with us online. This includes the IP address that your device is connected to, the type of device you use, the operating system and screen resolution, and your use of our website.
Other sources where we collect information about you
We may also collect information relating to you from the following:
- Information from our records about any products and services you currently have, you have had or have applied for in the past from us or any other Ascot Lloyd Group company.
- Personal information that has been held by an organisation which we or another member of the Ascot Lloyd Group has acquired.
- Credit reference agencies who may check their information against other databases. This information may also be collected about others who you provide information about.
- Credit reference agencies may provide us with credit reference check information about others whose information you have provided to us such as your family, joint account holders, people you appoint as your attorney or trustees. This may leave a ‘soft’ footprint on their credit profile and you should make them aware of this.
- Fraud prevention agencies.
- Organisations that provide personal data that they collect or that they get from other third parties. This information will help us to improve the quality of personal data we hold, and to provide more relevant products and services to you.
- Your employers may provide information about your employment, salary, and employment status.
- People appointed to act on your behalf – your attorney or trustees.
- Publicly available sources, such as media stories and online registers or directories. This includes businesses that you own or are associated with including investment companies, trusts or partnerships. We also collect information on the directors, partners, trustees, authorised officers, or agents of those businesses.
How will we use your personal data?
We must always have a legal basis (lawful reason) to process your personal data. The primary legal basis that we use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. If you object to the collection, sharing and use of your personal data we may be unable to provide you with our services.
In most cases, processing your personal data and the legal basis for doing so will be as follows:
Legal basis |
Why we process your data |
Contract purposes |
To enable us to carry out actions that are necessary for us to provide you with the product or service (for example, receiving payments) under a contract with you. |
Legal obligations |
To enable us to meet our legal obligations (for example, we need to get proof of your identity so that we can meet our anti-money laundering obligations). |
Legitimate interests |
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. |
Consent |
Where you give us specific permission to use your information for a specific purpose. |
In the public interest |
It some cases it is in the substantial public interest (for example, to give you support you need if you are or become a vulnerable customer) to use your sensitive personal data/special categories of personal data. |
Based on our legal basis for using your personal information, the table below expands on how we use your personal information. Note that we may process your personal data for more than one legal basis depending on the specific purpose for which we are using your data:
How we use your information. |
The legal basis for using the information |
To provide our services to you, to manage these services and to personalise our services to you. |
Performance of a contract with you. As required by the law. Our legitimate interests to provide enhanced services and to protect our business interests and the interests of our customers. |
To communicate with you to confirm your instructions to us and to assess and improve our services for training, quality, and improvement purposes. Our communications with you, electronic methods and telephone calls which may be recorded and monitored. |
As required by law. In our legitimate interest to develop and improve our processes and systems, to provide the right training to our staff and to provide our clients with high standards of service. |
To make checks, including checking verifying your identity and the identity of joint account holders to make sure we are speaking to the right persons. |
Performance of a contract with you. As required by law. Our legitimate interests to detect, prevent and investigate potential fraud, money laundering and other financial crime and to protect our business, your investments, and your personal data. |
To detect and prevent fraud, money laundering and other financial crimes including identity theft. We may use: CCTV at our premises to monitor and collect images and/or voice recordings. Caller line identification technology to verify your identity. Your location and device information for identity verification purposes. |
As required by law. Our legitimate interests to verify your identity, so that we can protect our business and comply with any related laws that apply to us. It is a specific requirement of the product or service you have with us. You have the right to ask us to stop applying fraud protection to your account by contacting us in writing or by phone. |
To communicate with you in relation to our products/ services, legal or regulatory information, and to manage your agreement with us. |
Performance of a contract with you. As required by the law. |
To communicate with you regarding any complaints you may have about our products and services. |
Performance of a contract with you. As required by the law. Our legitimate interests to investigate and address all complaints. This will enable us to maintain or improve our standards |
To develop and improve products and services by analysing information, including helping us to decide if you are suitable for a product or service. |
Performance of a contract with you. Our legitimate interests to improve products and services relevant to our customers and to remain competitive. |
To market and personalise our communications and products/ services to you. Unless you have opted out of our marketing services or the law prevents us from doing so, we will send you information about our products and services. |
Our legitimate interests to provide you with information about our services that may be of interest to you to develop our products/services and grow our business. You have given your permission for us to send you electronic marketing (for example by email). |
To observe the laws and regulations that apply to us and to cooperate with the regulators and law enforcement. |
As required by law. Our legitimate interests to protect our business. In the wider public interest. |
Special Categories of Data/Sensitive Personal data
Some of the information we need to collect is sensitive personal data (also called special category data). We may need to process personal data relating to your health, biometric data and data on criminal convictions and offences. We usually use personal sensitive data on the legal basis that:
- We have your permission to do so.
- It is in the wider public interest.
- To establish, take or defend any legal action. We will always observe the laws that apply to us.
Where we tell you that providing certain personal data or special category information is mandatory for a specific product or service, and you decide not to provide that information, we cannot provide you with the service as we will be unable to meet our legal obligations.
What we use your sensitive personal data for |
The legal basis for doing so |
For due diligence checks. This may disclose information about criminal offences or convictions or may reveal information on your political opinions. |
In the wider public interest. |
Biometric data may be used to check your identity and for the purpose of detecting and preventing fraud and money laundering. |
You have given permission for optional use of biometric technology such as voice vocal pattern recognition systems to identify you. |
Your medical information may be used as described previously, to provide quotations for certain products or for highlighting special medical circumstances including visual or hearing impediments. |
In the wider public interest. We have your permission to do so. |
To observe any laws and regulations that apply to us and to cooperate with regulators and law enforcement. |
In the wider public interest. |
Using your personal information to communicate with you
We will send you messages by post, telephone, text message, email and other digital methods, including, apps, push notifications (messages that pop up on mobile devices) and through new methods that may become available in the future. These messages may be:
- To help you manage your products or services.
- Information to meet our regulatory obligations, such as about changes to your agreements.
- To keep you informed about the features and benefits of the products and services we provide to you.
- To tell you about products and services (including those of other companies we work with) that may be of interest to you. You can ask us to stop or start sending you marketing messages at any time by writing to us, calling us or via the online portal.
Who might we share your information with?
In order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, accountancy, or legal services as well as product and platform providers that we use to arrange financial products for you. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. Some example third parties follow:
Who we share your personal data with |
Ascot Lloyd Group. We work closely with other Group companies. We may share your personal data within our Group. This is normal practice within our industry where it is necessary to share information to manage and administer your investments and to administer our business. |
Product providers including investment platforms and investment managers to provide you with the relevant services. |
UK and overseas regulators, law enforcement agencies and other authorities in relation to their duties such as preventing crime (whether directly or through third parties such as credit reference agencies) or those engaged in carrying out social or economic statistical research. |
Your advisers including your accountants, lawyers, or other professional service providers, that you have authorised to represent you, or any other person you have told us is authorised to give instructions on your behalf such as your attorney or trustee. |
Fraud prevention agencies. We will always inform fraud prevention agencies if you give us false or fraudulent information. They will also allow other organisations within the UK or abroad, including law enforcement agencies to use this information to detect and prevent fraud or other crimes. We can provide you with details of the fraud prevention agencies we share information with if you request this information. |
Our advisors including our accountants, auditors, lawyers, lenders or other professional service providers, where this is required for the provision of their professional services, by law or regulation. |
Electronic identify verification agencies in order fulfil our obligations in respect of prevention of money-laundering and other financial crime we will send your details to third party agencies for identity verification purposes. |
Third-party providers who you (or another party you have authorised to give instructions on your behalf) ask us to share information with. If we share your information with these third parties, we will have no control over how they use it. You, or the person/persons with authority over your dealings with us, will need to agree this directly with the third party. |
Sharing personal data of others on your instruction. If you share personal details of others with us (including joint account holders, lawyers, accountants, attorneys and trustees) and you ask us to share their personal data with third parties, you should confirm that they understand the information in this policy about how we will use their personal data. For example, credit reference checks may be carried out for persons who you appoint your attorney or trustees. |
Our service providers or agents, including their subcontractors to help us administer and manage our business. Where third parties are involved in processing your personal data, we will have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they will only act in accordance with our written instructions. |
Our business partners who provide services and other service providers and agents who provide services on our business partners behalf. |
Any third party after a sale, acquisition, or restructure of any Group company. If such a change happens to our business, then the new owners may use your information in the same way and as set out in this privacy policy. |
Any sellers after we acquire a company as part of the transitional arrangements relating to the acquisition of the business. Any prospective purchasers of the whole or any part of our business as part of the due diligence process relating to the sale of the business. |
Anyone we transfer or delegate (or may transfer or delegate) our rights or obligations to, as allowed under the terms and conditions of any contract you have with us. |
Credit reference agencies as described below. |
Credit reference agencies and fraud prevention agencies
We use reference agencies and fraud prevention agencies to carry out credit and identity checks on you. For this, we will send your personal data to the credit reference agencies or fraud prevention agencies and they will in return send us information about you. The credit reference agencies may also share your personal data with other organisations, and those organisations may use the information to make decisions about you. This may affect your ability to get credit. We may continue to collect information about you from credit reference agencies after the business relationship we have with you has ended.
We do not give information investments to credit reference agencies. The Credit Reference Agency Information Notice (CRAIN) describes how the three main credit reference agencies in the UK use and share personal data. The CRAIN is available on the credit reference agencies’ websites.
In some circumstances we may share your information, or information about your spouse/partner or other members of your household with credit reference check agencies for the following reasons:
- To check details on applications for products and services.
- To track your address so that we can communicate with you if you have previously had our products.
- To checking details on proposals (applications) and claims for insurance.
- To regularly check your identity as required by regulations or the law.
- To give identity-confirmation if you have asked the government, or another third party, to confirm your identity.
- To make checks when you ask for investment products.
- To create ‘modelling tools’, (for example, ways of assessing the likelihood that a customer will invest in or open a new product, or methods to help us improve our products and services for customers).
- To update your personal data and to make corrections to our records so that we meet our legal or regulatory obligations.
Your information held by credit reference agencies may be linked to people who are associated with you. For example, your spouse/partner or other members of your household. These linked records are called associated records. Enquiries we make to a credit reference agency may be answered from both your own record and any associated records. Another person’s record will be associated with yours when:
- You are making a joint application.
- You hold a joint credit account.
- You tell us about a financial association with another person (for example, that they are your business partner).
- The credit reference agencies already have such associated records.
An associated record will be considered for all future applications made by either or both of you. The association continues until one of the associated persons files and is successful in a ‘disassociation’ request. You can check for any associations with you by getting your credit record direct from the credit reference agencies.
We, and fraud prevention agencies, may also share your personal data with law enforcement agencies to detect, investigate and prevent crime. If fraud is detected, you could be refused certain services or products. Fraud prevention agencies can hold your personal data for different periods of time. If you are considered to be a risk for fraud or money laundering, your personal data can be held for up to six years.
International data transfers
We may transfer your data to third parties based outside the European Economic Area. This is necessary for the purposes of administering our business and managing your investments or performing the contract with you. Such parties are not permitted to use your personal data for any other purpose than for what has been agreed with us. These parties are also required to safeguard your personal data through the use of appropriate technical and organisational data security measures and are prohibited from disclosing or sharing your data with other third parties without our prior authorisation, or unless as required by law.
When we share your information with organisations in other countries, we will make sure that they agree to apply high levels of protection for personal data as we do. For example, we will put in place relevant clauses in our contract with them to make sure that data is adequately protected in line with the law.
How long do we keep hold of your information?
During the course of our relationship with you we will retain personal data which is necessary to provide services to you or for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We will take all reasonable steps to keep your personal data up to date throughout our relationship. Once our relationship with you has ended, we will only keep your personal data for a period of time that is appropriate for the type of personal data, and what we hold it for.
We are also subject to regulatory requirements to retain your data for specified minimum periods. We reserve the right to retain data for longer where we believe it is in our legitimate interests, or we have a legal obligation to do so.
In general, and subject to regulatory rules, we will not keep your personal data for longer than six years after our relationship with you has ended or your death.
In some circumstances you have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
How do we keep your data secure?
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data within our Group and authorised third parties. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your rights
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data. These rights are known as ‘individual rights’ under the Data Protection Act 2018. The following list details these rights:
- The right to be informed about the personal data being processed.
- The right of access to your personal data (the right to ask us to provide you with what personal data we hold about you, commonly known as a "data subject access request").
- The right to object to particular ways we are processing of your personal data.
- The right to restrict how we use your personal data.
- The right to ask for correction of your personal data.
- The right to ask us to delete your personal data where appropriate.
- The right to data portability (to ask us to give you (or a third party chosen by you) an electronic copy of your personal data).
- The right not to be subject to automated decision-making including profiling
You can exercise your rights at any time. In accordance with the law, we will not charge you for responding to your request unless we consider it to be repetitive, unfounded, or excessive when we may charge an administration fee. Alternatively, we could refuse to comply with your request in these circumstances.
In exercising your rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes. We will notify you of these legal reasons, if applicable, at the time of your request.
You should understand that when exercising your rights, a substantial public or vital interest may take precedent over any request you make. Where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
The flow of data within the financial services sector is complex and we ask you to keep this in mind when exercising your rights of access to your information. Where we may be reliant on other organisations to help satisfy your request this may impact on timescales.
Automated processing
The methods we use for analysing personal data in relation to our services involves profiling. This means that we use software that can evaluate your personal circumstances and other factors to predict outcomes or risks. We may also use such profiling, or other automated methods, to make decisions about you in relation to the following:
- Anti-money laundering and sanctions checks.
- Identity and address checks.
- Monitoring your products or services with us for fraud and other financial crime for the purpose of preventing you from committing fraud or from you being a victim of fraud.
- Screening of people who may be considered as ‘politically exposed’.
- Making assessments as required by our regulators and other appropriate authorities to make sure we meet our regulatory obligations (for example, making decisions about people who are at risk of becoming financially vulnerable).
- Making a decision about whether a client is dormant (that is, no longer used) and, if so, deleting the information as appropriate.
These activities are known as ‘automated decision-making’ and are only allowed if there is a legal reason for this type of decision-making. We may make automated decisions about you in the following situations:
- Where automated decisions are necessary for us to enter into a contract with you. For example, on what types of products or services are suitable for you or if we decide to offer our products or service to you at all. This will be based on your credit history and other financial information collected about you.
- Where automated decisions are required or authorised by law (for example, to prevent fraud).
- Where automated decision-making is a reasonable way of observing regulations or guidance, such as our obligation to treat customers fairly.
How automated processing makes decisions
Activity |
Decision |
Protecting us against criminal or fraudulent activity
|
We will assess several factors, such as whether you have provided false information in the past or other information about your credit history, to decide whether if you are a fraud or financial-crime risk (for example, if offering services to you may not be in line with financial sanctions). |
Dormant records
|
If your account has not been used for a long period, this will automatically trigger action by us, and we would delete your records in line with our data retention schedules. |
Personalisation |
Based on various factors such as your credit history and how you use our products and services, we will make recommendations to you. You can ask us to stop. |
Anti-money laundering and sanctions checks |
We may decide that you are a fraud or money laundering risk if the automated processing finds that your behaviour is consistent with money laundering or known fraudulent behaviour or you appear to have deliberately provided false information. If we, or a fraud prevention agency, so decide we may:
|
Where we make solely automated decisions you have the right:
- not to be subject to a decision that is based solely on automated processing if the decision affects your legal rights or other important matters
- to understand the reasons behind decisions made about you by automated processing and the possible consequences of the decisions, and
- to object to profiling in certain situations, including for direct marketing.
If at any point you wish to query any action that we take on the basis of this or wish to request ‘human intervention’ to review the action, you have the right to do so. Please contact us to find out more.
Marketing
We would like to send you information about our products and services and those of other companies in our group which may be of interest to you. If you have agreed to receive marketing information, you may opt out at a later date. We do not pass your details to third parties for their marketing purposes.
You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the group. Please note you may withdraw your consent to the use of your personal data for receipt of marketing communications at any time by contacting us at
This does not include information that we send to you as part of our initial or ongoing service or in relation to a financial product you hold with us, for example a valuation or statement.
Website
Cookies: We also place a small text file that is commonly known as a cookie on your computer. Cookies are text files that gather small amounts of information, which your computer or mobile device stores when you visit a website. When you return to the website, they recognise these cookies on your device. Cookies are used to identify visitors and to simplify accessibility, and to monitor visitor behaviour when viewing website content, navigating our website and when using certain features. We use cookies to track visitor use of the website and to compile statistical reports on website activity.
You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result. For more information see our Cookies Policy. [link to Cookies Policy]
We also use cookies in some of our emails to help us understand how you interact with our emails, and to help us improve our future email communications. These cookies also help us make sure that the marketing you see online are more relevant to you and your interests. For further information visit www.allaboutcookies.org.
Google analytics: use cookies to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
Other websites
Our website may contain links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.
What can you do if you are unhappy with how your personal data is processed?
In the first instance please contact our compliance team if you are unhappy with any aspect of the processing of your data, contact details provided below.
You also have a right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk):
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to our privacy policy
We keep our privacy policy under regular review and may change or update this privacy policy at any time. If such changes will have a major effect on how we use your personal data or on you personally, we will give you enough notice to allow you to exercise your rights (for example, to object to the processing).
This privacy policy was last updated on 28th June 2022.
Informing us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
How to contact us?
If you have any questions regarding this policy and its content or you wish to exercise your legal rights, please contact our compliance team via email at
45 Church Street
Birmingham
B3 2RT