When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
The information we collect about you includes the following:
|
1 |
Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline |
|
2 |
Unique identifiers e.g.
|
|
3 |
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy. E.g., your children/spouse |
|
4 |
Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant. |
|
5 |
Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history; This information is necessary for our Fact Find with our clients. |
|
6 |
Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office. |
|
7 |
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information. The types of plans we require this information for would be life cover plans, specified illness cover plans, income protection plans for example. |
|
8 |
Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO. |
|
9 |
Financial details e.g., bank account details, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details. We also will gather information on your typical spending habits. |
|
10 |
Claims Data (From you and any relevant third parties). In dealing with your plans, we may at times have to deal with the relevant claims dept of the relevant life company. |
|
11 |
Online information: e.g., information about your visits to our website. We do not currently use cookies. |
|
12 |
Social media information (e.g., likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook, Instagram. |
|
13 |
Searches that we undertake in relation to sanctions, money laundering and credit checks. Searches only carried out for purposes of PEP or Money Laundering. |
When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.
|
1 |
Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product |
|
2 |
Statutory and other regulatory requirements – we are required to carry out various obligations which include:
|
|
3 |
Communicate and marketing to you – As a client we will send you a yearly update on plans held. We will also send a generic email each quarter highlighting fund/market performance or a relevant topic. |
|
4 |
To contact you if required or to respond to any communications that you might send to us. |
|
5 |
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request. |
|
6 |
Handling complaints |
|
7 |
To notify you about changes to our service |
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. |
We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.
Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 087 772 9268 or Richard@ferrisfinancialplanning.ie
When we update this Privacy Notice, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.
This privacy policy was last reviewed in April 2023 – Version 2
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
|
1 |
Performance of a Contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service. |
| 2 |
Legal Obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates, Regulatory purposes to the Central Bank. |
| 3 |
Consent Sometimes we may rely on consent as a legal basis for processing your information. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
| 4 |
Legitimate Interests Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. |
If you require further information on any of the above basis for processing your data, we can provide you with further details.
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.
| 1 |
Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters. You can refer to their privacy statements on their website for more information about their privacy practices. |
|
2 |
Third-party Processors We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR. |
|
3 |
Internal and External Auditors where necessary for the conduct of company audits or to investigate a complaint or security threat. |
|
4 |
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business. |
Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).
Ferris Financial Planning Ltd shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
Ferris Financial Planning Ltd may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.
The retention period for each category of personal data will be set out in our Retention Schedule along with the criteria used to determine this period, including any statutory obligations we have. Should you require further information we would be happy to provide.
Personal data will be disposed of securely.
Ferris Financial Planning Ltd will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
| 1 |
Right of access – you have the right to request a copy of the information that we hold about you. |
|
2 |
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. |
|
3 |
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege). |
|
4 |
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. |
|
5 |
Right of portability – you have the right to have the data we hold about you transferred to another organisation. |
|
6 |
Right to object – you have the right to object to certain types of processing such as direct marketing. |
|
7 |
Right to object to automated processing – including profiling. |
|
8 |
Right to make a complaint – if we refuse your request under rights of access, we will provide you with a reason as to why. |
All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.
If you wish to make a complaint about how your personal data is being processed by Ferris Financial Planning Ltd or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner – Richard Ferris
You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Web: www.dataprotection.ie
Email: info@dataprotection.ie
See website for updated contact details to reach the appropriate section within the DPC.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.
An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result. There is no human involvement in the decision making. An example of this may be when applying for mortgage protection. If a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide. Some further examples of automated decisions that we undertake are listed below.
e.g., ISME ratings, insurance underwriting
An example:
Financial advisors using profiling in their business. The main categories are
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.
Establishing affordability and providing quotations for financial services products.
Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.
If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:
