As part of your agreement with us, we will ask you to provide us with your contact details as well as information relating to your existing financial circumstances (Your Personal Data). This document is important as it allows us to explain to you what we will need to do with Your Personal Data and the various rights you have in relation to Your Personal Data. This document is for information purposes and does not form part of our contract with you.

Your Personal Data means any information that describes or relates to your personal circumstances.vvYour Personal Data may identify you directly, for example your name, address, date of birth and National Insurance number. Your Personal Data may also identify you indirectly, for example, your policy or plan numbers.

In the context of providing you with assistance in relation to your Investments and/or Insurance Requirements Your Personal Data may include:

• Your title, names, date of birth, gender, nationality, national insurance number, civil/marital status, contact details, addresses and documents that are necessary to verify your identity
• Any pre-existing investment/mortgage/finance and/or insurance products and the terms and conditions relating to these

We will deal with your personal data for the purposes of providing administration and management of your financial policies and plans. We do so on the basis that both parties are entering a contract for the supply of services.

In order to perform that contract we have a right to use Your Personal Data for the purposes of that contract. Either during initial discussions with you or when the contract between us has come to an end for whatever reason, we have the right to use Your Personal Data provided it is in our legitimate business interest to do so and your rights are not affected. For example, we may need to respond to requests from insurance providers and our Compliance Service Provider relating to any advice we have given to you, or to contact you to seek feedback on the service you received.

On occasion, we will use Your Personal Data to fulfil responsibilities we may owe our regulator The Financial Conduct Authority, or for wider compliance with any legal or regulatory obligation to which we might be subject. In such circumstances, we would be processing Your Personal Data to meet a legal, compliance or other regulatory obligation to which we are subject.

Where you ask us to assist you with for example your insurance needs, in particular life insurance and insurance that may assist you in the event of an accident or illness, we will ask you information about your ethnic origin, your health and medical history (Your Special Data). We will record and use Your Special Data to make enquiries of insurance providers in relation to insurance products that may meet your needs and to provide you with advice regarding the suitability of any product that may be available to you.

If you have parental responsibility for children under the age of 13, it is also very likely that we will record information on our systems that relates to those children and potentially, to their Special Data.

The arrangement of certain types of insurance may involve disclosure by you to us of information relating to historic or current criminal convictions or offences (together “Criminal Disclosures”). This is relevant to insurance related activities such as underwriting, claims and fraud management.

We will use Special Data and any Criminal Disclosures in the same way as Your Personal Data generally, as set out in this Privacy Notice.

Information on Special Category Data and Criminal Disclosures must be capable of being exchanged freely between insurance intermediaries such as our Firm, and insurance providers, to enable customers to secure the important insurance protection that their needs require.

To make sure that you understand and agree with our need to process Your Special Data, we will seek your consent at the appropriate time. We will not process Your Special Data until we have received your consent.

We will collect and record Your Personal Data from a variety of sources, but mainly directly from you when filling out your Client Agreement form. You will provide information to us verbally and in writing, including email.

We may also obtain some information from third parties, for example, information provided by your St. James’s Place Partner, information provided to us from the provider of your policies and plans, and searches of information in the public domain such as the voters roll. If we use technology solutions to assist in the collection of Your Personal Data, we will only do this if we have consent from you for us or our nominated processor to access your information in this manner. With regards to electronic ID checks we would not require your consent but will inform you of how such software operates and the purpose for which it is used.

In the course of handling Your Personal Data, we will:

• Record and store Your Personal Data in our paper files, mobile devices, on our computer systems, on our hard drives and in our cloud facilities. This information can only be accessed by employees and consultants within our Firm and only when it is necessary to provide our service to you and to perform any administration and/or training tasks associated with or incidental to that service
• Use Your Personal Data for the purposes of responding to any queries you may have in relation to any investment or insurance policy you have or may take out, or to inform you of any developments in relation to those products and/or polices of which we might become aware

From time to time Your Personal Data will be shared with:

• Investment Providers and insurance providers.
• Third parties who help us perform the duties in our contract with you:
• Our Compliance Service Provider
• Our paper-to-electronic data Service Provider
• Our group parent company - St. James's Place

In each case, your Personal Data will only be shared for the purposes set out in this customer privacy notice, i.e. to provide you with the administration and management services of your financial policies and plans.

Please note that this sharing of Your Personal Data does not entitle such third parties to send you marketing or promotional messages: it is shared to ensure we can adequately fulfil our responsibilities to you, and as otherwise set out in this Customer Privacy Notice.

We do not envisage that the performance by us of our service will involve Your Personal Data being transferred outside of the European Economic Area.

As we have a tripartite agreement with you and you St. James’s Place Partner, we will share your Personal Data with them as follows:

• We will provide Your Personal Data to your SJP Partner and their authorised staff (Your Partner may also share Your Personal Data with PSL).
• If your Partner ceases to be authorised by SJPG, PSL reserve the right to pass your details to another Partner to ensure that you can receive an ongoing service.
• If we share information with our parent company, it will be for business purposes and activities including financial crime prevention (e.g., Anti-Money Laundering (AML) identification and screening requirements) maintaining business records, file keeping, strategic business planning and internal audit, and management information.
• Any documents PSL receive pertaining to your finances are stored electronically and then subsequently confidentially destroyed onsite to protect your identity.
• PSL store your data on our own system called myPSaccount.com. This is administered by our own employees and is hosted in a datacentre in the UK or Europe.
• Where appropriate PSL will arrange for your Partner to have access to online facilities with your providers so that your policies can be cost-effectively monitored.

Your privacy is important to us and we will keep Your Personal Data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard Your Personal Data against it being accessed unlawfully or maliciously by a third party.

We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.

We will retain Your Personal Data either electronically or in paper format for a minimum of six years, or in instances whereby we have legal right to such information we will retain records indefinitely.

Any telephone calls to or from PSL are recorded and stored electronically for training and compliance purposes.

You can:

• Request copies of Your Personal Data that is under our control
• Ask us to further explain how we use Your Personal Data
• Ask us to correct, delete or require us to restrict or stop using Your Personal Data (details as to the extent to which we can do this will be provided at the time of any such request)
• Ask us to send an electronic copy of Your Personal Data to another organisation should you wish
• Where you require to alter any aspect of your policies PSL reserve the right to only accept instructions where accompanied by your signature(s)

If you have any questions or comments about this document, or wish to make contact in order to exercise any of your rights set out within it please contact:

Kevin Dorrian

If we feel we have a legal right not to deal with your request, or to action it in different way to how you have requested, we will inform you of this at the time.

You should also make contact with us as soon as possible on you becoming aware of any unauthorised disclosure of Your Personal Data, so that we may investigate and fulfil our own regulatory obligations.

If you have any concerns or complaints as to how we have handled Your Personal Data you may lodge a complaint with the UK's data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us/ or by writing to Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.