Triple Point Group Privacy Policy
Triple Point Investment Management LLP (“TPIM”) is part of the Triple Point Group (“TPG”). It is a regulated financial services business with Financial Conduct Authority (“FCA”) number 456597. It is registered in England and Wales with company number OC321250 and is registered with the Information Commissioner’s Office (“ICO”), number Z1021055.
Triple Point Administration LLP (“TPAL”) is a regulated business with FCA number 456597. It is registered in England and Wales with company number OC391352, and is registered with the ICO, number ZA049704.
Advancr Ltd is an Appointed Representative of Triple Point Investment Management which is authorised and regulated by the FCA. Advancr Ltd, company number 07586478, is registered with the ICO, number ZA171970.
All of the above entities are part of the Triple Point Group and are all based at Triple Point’s head office at 1 King William Street, London, EC4N 7AF.
Please take the time to read this Privacy Policy, which forms part of our standard terms and conditions for all products and services across the TPG, including those branded Triple Point Income Service (“Terms and Conditions”).
If you have any further questions about our Privacy Policy, or our use of your personal information, you can contact us at:
Compliance Team
Triple Point Group
1 King William Street
London
EC4N 7AF
Telephone: 020 7201 8990
Email: contact@triplepoint.co.uk
This Privacy Policy sets out how we collect and use your personal information. We recognise the importance of maintaining the privacy and security of your personal information and are committed to doing so responsibly.
Personal information is any detail about you that can be used either on its own, or with other data, to identify you.
Personal information may be given to us directly by you, or by individuals or companies that have been authorised by you to act on your behalf to share such information with us (e.g. if you use an Independent Financial Advisor). Alternatively, we may receive or collect information from other sources, such as data created when you visit our websites or information received when we request identity checks for anti-money laundering purposes, in order to comply with our regulatory obligations.
Categories of personal data that we may hold may include:
Updating your Personal Details
If any of your personal details change, please notify us as soon as possible. You can do so in some cases by logging into your online account and updating your details there directly, e.g. with Triple Point Income Service accounts. Alternatively you can email contact@triplepoint.co.uk to advise us of any changes. In some cases, such as a change of name, further supporting information may be required to enable us to comply with regulations before we can record the changes. We may also seek to verify certain information by telephone for the purpose of data security and avoiding fraud.
We use personal information for the following purposes:
We need a lawful basis to collect and use your personal data under data protection law. The law sets out the six legal bases which we can rely on in order to process your personal data (there are additional requirements for sensitive personal data). Four of these are relevant to the types of processing that Triple Point carries out. This includes information that is processed on the basis of:
Personal information may be legally collected and used if it is necessary for a legitimate interest of the organisation using the data, as long as that interest is not overridden by the privacy rights of the individual whose data is being used. Triple Point’s legitimate interests include responding to solicited enquires, providing information, research, fraud prevention, credit checks, training and monitoring, statistical analysis and employment and recruitment requirements.
If you would like to change our use of your personal data, please get in touch with us using the details in the “Contact us” section below.
Your data may be accessed by different parts of, or companies within, the Triple Point Group.
We may disclose your information to third parties:
If we share your information with third parties, we will ensure they are obliged to process your information in compliance with applicable data protection legislation, and we will only provide them with the information they need for the purposes set out above.
Our websites may contain links to other sites, content, or videos (embedded or direct links) that are maintained by third parties. If you follow a link to any of these websites, please note that such sites are not maintained or controlled by us, and those third parties will have their own privacy policies which will apply at that point.
We are committed to ensuring the responsible handling and security of personal details held.
Once we have received personal data, we use a variety of manual and automated procedures to ensure it is secure and to prevent unauthorised access, unlawful processing, accidental loss, destruction, or damage of your data.
Your personal data is stored on our secure servers or those of our suppliers which may be situated outside of the European Economic Area (“EEA”). Your information may also be processed by staff who are based outside of the EEA for the purposes set out in this Privacy Policy. Where we transfer personal information outside of the EEA we will ensure that adequate contractual safeguards are in place (e.g. the European Commission’s standard data protection clauses or “model clauses”), to ensure the security of your personal information is maintained when it is processed by the third party.
We remind and urge you to adopt responsible best practices for your passwords, and your own data security more generally. We have set out certain requirements in our Terms and Conditions.
We also remind you that the transmission of information over the internet is not secure and, whilst we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted electronically to us; such transmission is at your own risk. Email technology has unfortunately evolved without native encryption (sending an email is often compared with sending a postcard through conventional mail) therefore please do not email personal information or login details that you would be concerned about were it to be intercepted. We ask that you re-confirm important information like bank account details by telephone, as a precaution against interception.
We will keep your personal information for no longer than is necessary for the purposes for which it is processed, in accordance with our internal policies.
The length of time that data will be kept may depend on the reasons for which we are processing the data and on the law or regulations that the information falls under such as financial regulations, statutory limitation periods, financial services regulation etc., or any contractual obligation we might have.
For example, the FCA requires us to retain records about your identification for a period of 5 years after our relationship with you has ended, and statutory limitation periods for any potential disputes can last up to 12 years.
Once the retention period has expired, the information will be confidentially disposed, permanently deleted, or in some cases archived.
Aside from our own policies and approaches to data, you have various rights by law which are set out below. To discuss or exercise any of these rights, please let us know in accordance with the “Contact us” section at the end of this Policy.
You have the right know what information we hold about you and to ask to see your records. There are some exemptions, which means you may not always receive all the information we process.
We will not charge you for this (unless we think your request is manifestly unfounded or excessive which is assessed on a case-by-case basis). You will be asked for proof of identity as the person dealing with your request may not be the staff member you have met before. We need to be sure we are only releasing your personal data to you.
You also have a right to object to us processing data where we are relying on it being within our legitimate interests to do so (for example, to send you direct marketing to your business email).
In certain situations, you have the right to ask for processing of your personal data to be restricted, for example because there is some disagreement about its accuracy or legitimate usage.
In some cases, you have the right to be forgotten i.e. to have your personal data deleted from our database. Where you have requested that we do not send you marketing materials we will need to keep some limited information in order to ensure that you are not contacted in the future.
If you believe our records are inaccurate or incomplete, you have the right to ask for those records concerning you to be updated.
Where we are processing your personal data because you have given us your consent to do so, you have the right to request that the data is transferred from one service provider to another.
Response timeframe
We will try our best to respond to all legitimate requests within one month. In some cases, it may take us more than a month to deal with your request if it is particularly complex or you have made several requests. We will inform you within the first month whether we will need more time and the reasons for this.
If you have any concerns or further questions about our Privacy Policy, or would like to exercise one of your rights, please get in touch by writing to us by:
Post:
Compliance Team
Triple Point Group
1 King William Street
London
EC4N 7AF
or
Email:
Contact@triplepoint.co.uk
Finally, we do welcome and value all feedback, both positive and negative, and if you have any feedback for us please let us know.
You also have the right to make a complaint directly to the relevant supervisory authority, which in the UK is the ICO. You can find details about how to do this on the ICO’s website at: www.ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.