Privacy Policy

1. Introduction and terms  

1.1 Who we are 

PKF Francis Clark is a trading name of Francis Clark LLP, which is a Data Controller and registered  with the Information Commissioners Office [ICO] under reference Z2121229. We also trade through  a number of other legal entities, which are either subsidiaries or are closely related by virtue of  common ownership.  

The full list of legal entities is:  

  • Francis Clark LLP  
  • PKF Francis Clark Limited 
  • Francis Clark Tax Consultancy Limited
  • CIS Tax Advice Limited  
  • FC Payroll Solutions
  • Francis Clark Financial Planning Limited (trading as Francis Clark Financial Planning)
  • Francis Clark Trust Company

This privacy notice relates to all of the above legal entities (the ‘FC Group’).  

Some additional elements of this Privacy Notice relate specifically to Francis Clark Financial  Planning Limited and their specific use of your data.  

We may amend this privacy notice from time to time. If we do so, we will supply you with and/or  otherwise make available to you a copy of the amended privacy notice.  

Where we act as a data processor on behalf of a data controller (for example, when processing  payroll), we will provide an additional schedule setting out required information as part of that  agreement. That additional schedule should be read in conjunction with this privacy notice.  

If you want to request more information about the Francis Clark LLP privacy policy or information  regarding data protection you should contact us using the details provided below:  

Mail: For the attention of the Head of Privacy, Francis Clark LLP, Sigma House, Oak View Close,  Edginswell, Torquay TQ2 7FF  

Email: [email protected]  

Telephone: 01803 320100 and ask to speak to the Head of Privacy  

1.2 How the law protects you 

We are committed to protecting and respecting your personal data and privacy. This privacy and  cookie policy relates to our use of any personal data we collect from you from any of our services.  Whenever you provide such information, we are legally obliged to use your information in line with  all applicable laws concerning the protection of personal data.  

As well as this Privacy Policy, your privacy is protected by law. The General Data Protection  Regulation (‘GDPR’) that came into force on 25th May 2018 ensures that we use your personal  information only if we have a proper reason to do so. This includes sharing it outside the FC Group.  The law says we must have one or more of these reasons for using your data: 

  • To fulfil a contract we have with you to provide our services 
  • Where it is our legal duty
  • When it is in our legitimate interest 
  • When you consent to the use of the data 

A legitimate interest is when we have a business or commercial reason to use your information. But  even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate  interest, we will tell you what that is. 

1.3 Who we are – Francis Clark Financial Planning Ltd  

Francis Clark Financial Planning is a trading name of Francis Clark Financial Planning Limited, which  is under common control of and majority owned by partners in Francis Clark LLP Chartered  Accountants and their immediate families.  

Francis Clark Financial Planning is a Data Controller in its own right and is registered with the  Information Commissioners Office [ICO] under reference Z9439489.  

If you want to request more information about the specific use of your data by Francis Clark Financial  Planning or information regarding data protection you should contact us using the details provided  below:  

Mail: For the attention of the Compliance Director, Francis Clark Financial Planning,  Centenary House, Peninsula Park, Rydon Lane, Exeter EX2 7XE  

Email: [email protected] 

Telephone: 0800 832 1785 and ask to speak to the Compliance Director  

2. Your rights  

Under the GDPR your rights are:  

2.1.1 To be informed – We must make available this privacy notice with the emphasis  on transparency over how we process your data.  

2.1.2 Access – You are entitled to find out what details we may hold about you and why.  2.1.3 Rectification – We are obliged to correct or update your details.  

2.1.4 Erasure – This is also known as the request to be forgotten.  

2.1.5 Restrict processing – You have the right to ‘block’ or suppress the processing by  us of your personal data.  

2.1.6 Data portability – You have the right to obtain and reuse your personal data that  you have provided to us.  

2.1.7 Object – You have the right to object to us processing your data in relation to direct  marketing and or profiling.  

2.1.8 Rights in relation to automated decision making and profiling – We do not  use automatic decision making or processing.  

3. The data we collect about you  

3.1 We process Personal data. Personal data we process may include your (or your employer’s  or our client’s) name, address, date of birth, family relationships and email address. It also  may include your IP address and cookies (website). 

3.2 We will collect personal data from you in relation to the provision of our services to you,  including details relating to your tax affairs, bank accounts, investments, payroll information,  accounting records and other statutory returns.  

3.3 We may require documentary details from you such as a driving licence, passport or birth  certificate, in order to comply with our obligations under identification, money laundering and  anti-terrorism legislation.  

3.4 Our collection methods are:  

3.4.1 Through our website;  

3.4.2 Through engagement (or potential engagement) of our services;  

3.4.3 By communications, including email, telephone, post or social media;  3.4.4 Networking;  

3.4.5 Through engagement of service providers;  

3.4.6 From 3rd parties and / or publicly available resources (for example from your  employer or from Companies House).  

3.5 When using our digital services, such as our website or other digital services, we gather data  from you using cookies and other internet tracking software, such as Google Analytics. The  purpose of this is to understand how you are using our services, and to provide you with  better and enhanced information.  

3.6 Francis Clark Financial Planning may collect information about you when engaged for  financial planning services. This information will relate to your personal and financial  circumstances. It may also include special categories of personal data such as data about  your health, if this is necessary for the provision of services.  

3.7 We may also collect information when you voluntarily complete client surveys or provide  feedback to us.  

3.8 We may need to gather personal information about your close family members and  dependants in order to provide our service to you effectively. In such cases it will be your  responsibility to ensure that you have the consent of the people concerned to pass their  information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate,  ask you to pass the privacy information to them.  

4. How your data will be used  

We use information held about you to:  

4.1.1 Provide services to you (or your employer or our client) under a contract, as set  out in a Letter of Engagement between us;  

4.1.2 ensure that content from our website is presented in the most effective manner for  you and for your devices;  

4.1.3 provide you with information, products or services that you request from us or  which we feel may interest you, where you have consented to be contacted for  such purposes or by Legitimate Interests;  

4.1.4 allow you to participate in interactive features of our service when you choose to  do so, e.g. asking a question through our website; 

4.1.5 carry out necessary maintenance to our infrastructure;  

4.1.6 notify you about changes to our services; and  

4.1.7 fulfil our legal obligations including money laundering and identification checks,  complying with anti-terrorism financing and Criminal Finances Act legislation.  

4.1.8 To use in the investigation and/or defence of potential complaints, disciplinary  proceedings and legal proceedings.  

4.1.9 To enable us to invoice you for our services and investigate/address any attendant  fee disputes that may have arisen.  

4.2 If you refuse to provide us with certain information when requested, we may not be able to  perform the contract we have entered into with you. Alternatively, we may be unable to  comply with our legal or regulatory obligations.  

We may also process your personal data without your knowledge or consent, in accordance  with this notice, where we are legally required or permitted to do so.  

4.3 We also embrace the use of social media and may wish to process any comments made  public by you.  

4.4 The primary legal basis that we intend to use for the processing of your data is for the  performance of our contract with you. The information that we collect about you is essential  for us to be able to carry out the services that you require from us effectively. Without  collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.  

4.5 Where special category data is required we’ll obtain your explicit consent in order to collect  and process this information.  

5. Legitimate interest and marketing  

5.1 We may process your data for the purposes of our own legitimate interests provided that  those interests do not override any of your own interests, rights and freedoms which require  the protection of personal data. This includes processing for marketing, business  development, statistical and management purposes.  

5.2 If you are an existing client or contact, we will send you information about other products,  events and services that we feel may be of interest to you. You have a right at any time to  ask us to stop contacting you for marketing purposes.  

5.3 We will never sell your data to a third party for marketing purposes.  

5.4 We may process your data for the purposes of our own legitimate interests provided that  those interests do not override any of your own interests, rights and freedoms which require  the protection of personal data. This includes processing for marketing, business  development, statistical and management purposes.  

5.5 We will never sell your data to a third party for marketing purposes.  

5.6 If you are an existing client or contact, we’d like to send you information about our products  and services and those of other companies in our group which may be of interest to you. If  you agree to receive marketing information, you may opt out at a later date.  

5.7 You have a right at any time to stop us from contacting you for marketing purposes or giving  your information to other members of the group. If you no longer wish to be contacted for 

marketing purposes, please contact us by email or post. Insert link as appropriate if displaying  your privacy notice online.  

6. How your data will be shared 

6.1 We will share your information within the FC Group for administration purposes, to develop  ways to meet our clients’ needs and to carry out marketing activities. Otherwise your  information will be retained within the FC Group except where disclosure is required or  permitted by law or when we use third party service providers (data processors) to supply  and support our services to you.  

6.2 We may also pass your data to third party external organisations where we are required by  law, where it is necessary to administer the relationship between us or where we have  another legitimate interest in doing so.  

6.3 We use third party service providers such as agents, subcontractors and other organisations  to help us provide services to you. These would include:  

6.3.1 Cloud accounting and payroll providers including Xero, Quickbooks, Sage, Receipt  Bank, Exact, Silverfin, First Corporate, Corient, Star Payroll and Payrite  

6.3.2 E-mail, Wi-Fi and IT storage providers including MimeCast, Virtual Cabinet,  Microsoft, Sharefile & Dropbox  

6.3.3 Croner TaxWise Ltd  

6.3.4 FibreCRM, Mailchimp, Vuture, telemarketing agencies, research agencies and  mailing houses  

6.3.5 Off site storage and cleaning services  

6.3.6 Intelliflo  

6.3.7 O&M Pensions, Financial Express, Distribution Technology, Cashcalc, GBG plc,  iPipeline, Iress  

6.3.8 Amazon – storage solution  

6.4 All of our third party service providers are required to take commercially reasonable and  appropriate security measures to protect your personal data. We only permit our third party  service providers to process your personal data for specified purposes and in accordance  with our instructions.  

6.5 As part of the services offered to you, we may send your data outside of the European  Economic Area (‘EEA’). Where this is the case, we will take reasonable steps to ensure that  your data is protected in the same way as if it was being used in the EEA. For example,  where third party suppliers store data in the US, we will ensure that their services fall within  the Privacy Shield. https://www.privacyshield.gov 

7. Data retention  

We will only retain your personal data for as long as is necessary to fulfil the purposes for  which it is collected.  

When assessing what retention period is appropriate for your personal data, we take into  consideration:  

  • the requirements of our business and the services provided; 
  • any statutory or legal obligations; 
  • the purposes for which we originally collected the personal data;
  • the lawful grounds on which we based our processing; 
  • the types of personal data we have collected;  
  • the amount and categories of your personal data; and
  • whether the purpose of the processing could reasonably be fulfilled by other means. 

During the course of our relationship with you we’ll retain personal data which is necessary  to provide services to you. We’ll take all reasonable steps to keep your personal data up to  date throughout our relationship.  

We’re also subject to regulatory requirements to retain your data for specified minimum  periods. These are, generally: 

  • Five years for investment business
  • Three years for mortgage business
  • Indefinitely for pension transfers and opt-out business
  • Three years for insurance business 

These are minimum periods, during which we have a legal obligation to retain your records.  

We reserve the right to retain data for longer where we believe it’s in our legitimate interests  to do so. In any case, we’ll not keep your personal data past the date of your death.  

You have the right to request deletion of your personal data. We’ll comply with this request,  subject to the restrictions of our regulatory obligations and legitimate interests as noted  above.  

8. Data deletion  

Under GDPR you have the right to erasure under specific circumstances. A request for your  personal data to be deleted will be decided on a case by case basis and must be submitted  in writing to the contact details provided in this policy.  

9. Data correction  

We will correct or update your data at the earliest opportunity provided you make the request  in writing to the contact details provided in this policy, clearly specifying which data is incorrect  or out of date.  

10. Data security 

We have put in place commercially reasonable and appropriate security measures to prevent  your personal data from being accidentally lost, used or accessed in an unauthorised way,  altered or disclosed. In addition, we limit access to your personal data to those employees,  agents, contractors and other third parties who have a business need to know. They will only  process your personal data on our instructions and they are subject to a duty of  confidentiality.  

We have put in place procedures to deal with any suspected data security breach and will  notify you and any applicable regulator of a suspected breach where we are legally required  to do so. 

11. Data inspection 

11.1 We strive to be as open as we can be in terms of giving people access to their personal data.  A Subject Access Request under the GDPR is your right to request a copy of the information  that we hold about you. Such requests must be in writing to the contact details provided in  this policy. If we do hold your personal data we will respond in writing within one calendar  month of your request (where that request was submitted in accordance with this policy).  

11.2 The information we supply will:  

11.2.1 Confirm that your data is being processed;  

11.2.2 Verify the lawfulness and the purpose of the processing;  

11.2.3 Confirm the categories of personal data being processed;  

11.2.4 Confirm the type of recipient to whom the personal data have been or will be  disclosed, and  

11.2.5 Let you have a copy of the data in an intelligible form.  

11.3 Please note that you may need to provide identification in order to prove who you are to  access your data.  

11.4 If you agree, we will try to deal with your request informally, for example by providing you  with the specific information you need over the telephone.  

11.5 In the instance that we do not hold information about you we will also confirm this in writing  at the earliest opportunity.  

12. Changes  

12.1 We keep our privacy notice under regular review and you should check back regularly to  ensure you are aware of changes to it. We may display this notice to you from time to time  to help ensure you are aware of its contents.  

13. Withdrawal of consent  

Where you have consented to our processing of your personal data, you have the right to withdraw  that consent at any time. Please inform us immediately if you wish to withdraw your consent.  

Please note:  

13.1.1 The withdrawal of consent does not affect the lawfulness of earlier processing  

13.1.2 If you withdraw your consent, we may not be able to continue to provide services  to you  

13.1.3 Even if you withdraw your consent, it may remain lawful for us to process your data  on another legal basis (e.g. Because we have a legal obligation to continue to  process your data)  

14. Complaints 

14.1 You have the right to complain about the processing of your personal data. Please contact  us using the details provided above. If you are still unsatisfied you have the right to complain to the Information Commissioners Office. (https://ico.org.uk/concerns)

Speak to our advisers now