Triple Point Group Privacy Policy

About Triple Point

Triple Point Investment Management LLP (“TPIM”) is part of the Triple Point Group (“TPG”). It is a regulated financial services business with Financial Conduct Authority (“FCA”) number 456597. It is registered in England and Wales with company number OC321250 and is registered with the Information Commissioner’s Office (“ICO”), number Z1021055.

Triple Point Administration LLP (“TPAL”) is a regulated business with FCA number 456597. It is registered in England and Wales with company number OC391352, and is registered with the ICO, number ZA049704.

Advancr Ltd is an Appointed Representative of Triple Point Investment Management which is authorised and regulated by the FCA. Advancr Ltd, company number 07586478, is registered with the ICO, number ZA171970.

All of the above entities are part of the Triple Point Group and are all based at Triple Point’s head office at 1 King William Street, London, EC4N 7AF.

Please take the time to read this Privacy Policy, which forms part of our standard terms and conditions for all products and services across the TPG, including those branded Triple Point Income Service (“Terms and Conditions”).

If you have any further questions about our Privacy Policy, or our use of your personal information, you can contact us at:

Compliance Team

Triple Point Group

1 King William Street

London

EC4N 7AF

Telephone: 020 7201 8990

Email: contact@triplepoint.co.uk

What is the purpose of our policy?

This Privacy Policy sets out how we collect and use your personal information. We recognise the importance of maintaining the privacy and security of your personal information and are committed to doing so responsibly.

Personal information is any detail about you that can be used either on its own, or with other data, to identify you.

Personal information that we collect

Personal information may be given to us directly by you, or by individuals or companies that have been authorised by you to act on your behalf to share such information with us (e.g. if you use an Independent Financial Advisor). Alternatively, we may receive or collect information from other sources, such as data created when you visit our websites or information received when we request identity checks for anti-money laundering purposes, in order to comply with our regulatory obligations.

Categories of personal data that we may hold may include:

Your title, name, nationality, and date of birth;
Your contact details, such as email addresses, physical addresses and telephone numbers;
Information about your financial position, investor certification status, and other information required when you invest with us;
Identification information as required by law, such as copies of passports, utility bills, driving licenses, and other identification evidence, used and stored for anti-money laundering and anti-fraud purposes;
Records of correspondence between you and us, including letters, emails and phone calls;
Information collected from our websites, including both information that you provide by filling in forms on our websites, and website usage information, login details and similar, used to help us to monitor traffic and optimise the user experience. More information is contained in our Cookie Policy;
Records of any survey results that you may have completed for research purposes.

Updating your Personal Details

If any of your personal details change, please notify us as soon as possible. You can do so in some cases by logging into your online account and updating your details there directly, e.g. with Triple Point Income Service accounts. Alternatively you can email contact@triplepoint.co.uk to advise us of any changes. In some cases, such as a change of name, further supporting information may be required to enable us to comply with regulations before we can record the changes. We may also seek to verify certain information by telephone for the purpose of data security and avoiding fraud.

How we use personal information

We use personal information for the following purposes:

to maintain our records and keep them up to date;
to respond to questions that are submitted to us;
to provide the services, effect the transactions, and manage the investments that we have been commissioned to provide and to communicate with you about these, including providing statements and notices;
to identify and prevent illegal activity including money laundering and fraud;
to carry out any checks that are required by applicable laws and regulations;
to ensure that content on our websites is presented in the most effective and convenient manner for you and for your computer or mobile devices, and to monitor usage and interest in different areas of our websites;
to carry out general statistical analysis;
to assess creditworthiness in accordance with our Terms and Conditions;
to carry out our obligations, and exercise our rights, in relation to legal agreements that you are party to; and
for internal administrative purposes.

The legal basis for our use of your information

We need a lawful basis to collect and use your personal data under data protection law. The law sets out the six legal bases which we can rely on in order to process your personal data (there are additional requirements for sensitive personal data). Four of these are relevant to the types of processing that Triple Point carries out. This includes information that is processed on the basis of:

A person’s consent (for example to send you direct marketing by e-mail);
Processing necessary for the performance of a contract with you;
Processing that is necessary for compliance with a legal obligation (for example, to comply with our reporting obligations to the Financial Conduct Authority)
Our legitimate interests (please see below for more information).

Personal information may be legally collected and used if it is necessary for a legitimate interest of the organisation using the data, as long as that interest is not overridden by the privacy rights of the individual whose data is being used. Triple Point’s legitimate interests include responding to solicited enquires, providing information, research, fraud prevention, credit checks, training and monitoring, statistical analysis and employment and recruitment requirements.

If you would like to change our use of your personal data, please get in touch with us using the details in the “Contact us” section below.

Who else may have access to your information

Your data may be accessed by different parts of, or companies within, the Triple Point Group.

We may disclose your information to third parties:

if you request us to do so or give us permission to do so;
if we are required to disclose or share your personal data in order to comply with any legal or regulatory obligations;
if necessary to do so for us to apply or enforce any agreements to which you are a party;
to protect our rights and property, or to ensure our safety, or that of our customers or other parties;
to check your identity and/or to prevent fraud and/or to legitimately assess credit risks (where your data is used for credit checks, the credit database will keep a record of the request and may use it if other applications are made in your name);
to subcontractors and agents, for the purposes of operating our websites, including the Advancr and Triple Point Income Service websites, in which case we will ensure that such subcontractors also apply responsible data protection and privacy policies;
for audit purposes and to meet obligations to legitimate regulatory or tax authorities;
if we sell, or acquire, other businesses which necessitate the sharing of personal data, in which case we will ensure that counterparties also apply responsible data protection and privacy policies;
to third party technology providers in connection with client relationship management, internal business efficiencies and security in each case in compliance with and adherence of appropriate technical and organisational security measures.

If we share your information with third parties, we will ensure they are obliged to process your information in compliance with applicable data protection legislation, and we will only provide them with the information they need for the purposes set out above.

Our websites may contain links to other sites, content, or videos (embedded or direct links) that are maintained by third parties. If you follow a link to any of these websites, please note that such sites are not maintained or controlled by us, and those third parties will have their own privacy policies which will apply at that point.

Storing personal information

We are committed to ensuring the responsible handling and security of personal details held.

Once we have received personal data, we use a variety of manual and automated procedures to ensure it is secure and to prevent unauthorised access, unlawful processing, accidental loss, destruction, or damage of your data.

Your personal data is stored on our secure servers or those of our suppliers which may be situated outside of the European Economic Area (“EEA”). Your information may also be processed by staff who are based outside of the EEA for the purposes set out in this Privacy Policy. Where we transfer personal information outside of the EEA we will ensure that adequate contractual safeguards are in place (e.g. the European Commission’s standard data protection clauses or “model clauses”), to ensure the security of your personal information is maintained when it is processed by the third party.

We remind and urge you to adopt responsible best practices for your passwords, and your own data security more generally. We have set out certain requirements in our Terms and Conditions.

We also remind you that the transmission of information over the internet is not secure and, whilst we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted electronically to us; such transmission is at your own risk. Email technology has unfortunately evolved without native encryption (sending an email is often compared with sending a postcard through conventional mail) therefore please do not email personal information or login details that you would be concerned about were it to be intercepted. We ask that you re-confirm important information like bank account details by telephone, as a precaution against interception.

Retention of your personal information

We will keep your personal information for no longer than is necessary for the purposes for which it is processed, in accordance with our internal policies.

The length of time that data will be kept may depend on the reasons for which we are processing the data and on the law or regulations that the information falls under such as financial regulations, statutory limitation periods, financial services regulation etc., or any contractual obligation we might have.

For example, the FCA requires us to retain records about your identification for a period of 5 years after our relationship with you has ended, and statutory limitation periods for any potential disputes can last up to 12 years.

Once the retention period has expired, the information will be confidentially disposed, permanently deleted, or in some cases archived.

Your rights

Aside from our own policies and approaches to data, you have various rights by law which are set out below. To discuss or exercise any of these rights, please let us know in accordance with the “Contact us” section at the end of this Policy.

Right of access (also called a subject access request or SAR)

You have the right know what information we hold about you and to ask to see your records. There are some exemptions, which means you may not always receive all the information we process.

We will not charge you for this (unless we think your request is manifestly unfounded or excessive which is assessed on a case-by-case basis). You will be asked for proof of identity as the person dealing with your request may not be the staff member you have met before. We need to be sure we are only releasing your personal data to you.

Right to object

You also have a right to object to us processing data where we are relying on it being within our legitimate interests to do so (for example, to send you direct marketing to your business email).

Right to restrict processing

In certain situations, you have the right to ask for processing of your personal data to be restricted, for example because there is some disagreement about its accuracy or legitimate usage.

Right of erasure

In some cases, you have the right to be forgotten i.e. to have your personal data deleted from our database. Where you have requested that we do not send you marketing materials we will need to keep some limited information in order to ensure that you are not contacted in the future.

Right of rectification

If you believe our records are inaccurate or incomplete, you have the right to ask for those records concerning you to be updated.

Right to data portability

Where we are processing your personal data because you have given us your consent to do so, you have the right to request that the data is transferred from one service provider to another.

Response timeframe

We will try our best to respond to all legitimate requests within one month. In some cases, it may take us more than a month to deal with your request if it is particularly complex or you have made several requests. We will inform you within the first month whether we will need more time and the reasons for this.

Contact us

If you have any concerns or further questions about our Privacy Policy, or would like to exercise one of your rights, please get in touch by writing to us by:

Post:

Compliance Team

Triple Point Group

1 King William Street

London

EC4N 7AF

Email:

Contact@triplepoint.co.uk

Finally, we do welcome and value all feedback, both positive and negative, and if you have any feedback for us please let us know.

You also have the right to make a complaint directly to the relevant supervisory authority, which in the UK is the ICO. You can find details about how to do this on the ICO’s website at: www.ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.