All audiences
Welcome to Triple Point. Please select your audience type. This preference will be saved for 90 days.
Select audience type
The information in this area of the website is for UK-based financial advisers only.
If you are an individual interested in investing, you should select the Individual Investment area instead, as this contains the information relevant to investors and is designed for consumers.
Contact us
  • Adviser Solutions

    Adviser Solutions

    Supporting advisers to grow wealth, generate income, and preserve client legacies through: Triple Point Estate Planning Service, Triple Point Venture VCT Plc and Income Service.

  • Institutional investors

    Institutional investors

    Backing local government and family office investment through: Social Housing, Clean Heat, Energy Transition and Private Credit.

  • Looking for funding

    Looking for funding

    Partnering with UK businesses and founders to support growth through: Private Credit lending and leasing and Triple Point Ventures.

  • Individual investors

    Individual investors

    Giving Investors the tools and insight they need to stay informed and in control of their investment: Triple Point Venture VCT Plc and Triple Point Estate Planning Service.

  • News & Insights
    news-icon

    News & Insights

    Read latest news and press articles related to Triple Point

Featured

  • About us

    About us

    Find out what who we are, what we stand for and what we do.

Privacy Policy

Triple Point Group Privacy Policy

About Triple Point

Triple Point Investment Management LLP (“TPIM”) is part of the Triple Point group of companies (the “Triple Point Group” or “TPG”). It is a regulated financial services business with Financial Conduct Authority (“FCA”) number 456597. It is registered in England and Wales with company number OC321250 and is registered with the Information Commissioner’s Office (“ICO”), number Z1021055. ‘Triple Point’ is a trading name of TPIM and is used by other members of the Triple Point Group.

Triple Point Administration LLP (“TPAL”) is a regulated business with FCA number 618187. It is registered in England and Wales with company number OC391352, and is registered with the ICO, number ZA049704.

All of the above entities are part of the Triple Point Group and are all based at Triple Point’s head office at 1 King William Street, London, EC4N 7AF.

Please take the time to read this Privacy Policy, which forms part of our standard terms and conditions for all products and services across the TPG, including those branded Triple Point Income Service (“Terms and Conditions”).

If you have any further questions about our Privacy Policy, or our use of your personal information, you can contact us at:

         Compliance Team

         Triple Point Group

         1 King William Street

         London

         EC4N 7AF

         Telephone:  020 7201 8990

         Email:  contact@triplepoint.co.uk

What is the purpose of our policy?

This Privacy Policy sets out how we collect and use your personal information. We recognise the importance of maintaining the privacy and security of your personal information and are committed to doing so responsibly.

Personal information is any detail about you that can be used either on its own, or with other data, to identify you.

For the purposes of:

  • the Data Protection Act 2018,
  • the UK GDPR (as defined in, and supplemented by, the Data Protection Act 2018);
  • the General Data Protection Regulation (Regulation (EU) 2016/679); and
  • any other applicable domestic legislation (the “Data Protection Laws”),

TPG (and the relevant TPG company with which you contract) is the data controller of your personal data.

Personal information that we collect

Personal information may be given to us directly by you, or by individuals or companies that act on your behalf to share such information with us (e.g. if you use an Independent Financial Advisor). Alternatively, we may receive or collect information from other sources, such as data created when you visit our websites or information received when we request identity checks for anti-money laundering purposes to comply with our regulatory obligations.

Categories of personal data that we may hold may include:

  • Your title, name, nationality, and date of birth;
  • Your contact details, such as email addresses, physical addresses and telephone numbers;
  • Information about your financial position, investor certification status, and other information required when you invest with us;
  • Information about your education and professional qualifications, your curriculum vitae (‘CV’, including your employment and education history), your right to work status and National Insurance information and other information required as part of our candidate tracking and/or screening processes;
  • Identification information as required by law, such as copies of passports, utility bills, driving licenses, and other identification evidence, used and stored for anti-money laundering and anti-fraud purposes;
  • Records of correspondence between you and us, including letters, emails and phone calls;
  • Information collected from our websites, including both information you provide by filling in forms on our websites, and website usage information, login details and similar, used to help us monitor traffic and optimise the user experience. More information is contained in our Cookie Policy;
  • Records of any survey results that you may have completed for research purposes; and
  • your image, audio and likeness (as captured on a webinar, in photographs or on recordings we make of an event, and on CCTV where an event is hosted at our premises).

We may also collect the following special categories of personal data where it is necessary for the purposes set out in this Privacy Policy (please also see the section on ‘Special Categories of Data’ for more details about how we process this type of personal data):

  • information concerning your health and medical conditions (e.g. disability and dietary needs);
  • criminal acts caught on our CCTV cameras;
  • information about any criminal history you might have (as part of our KYC, financial due diligence or candidate screening processes); and
  • diversity information about your racial or ethnic origin, religion or similar beliefs, and sexual orientation.

Updating your Personal Details

If any of your personal details change, please notify us promptly.

You can do so in some cases by logging into your online account and updating your details there directly, e.g. with Triple Point Income Service accounts.

Alternatively, you can email contact@triplepoint.co.uk to advise us of any changes.

In some cases, such as a change of name, further supporting information may be required to enable us to comply with regulations before we can record the changes. We may also seek to verify certain information by telephone for the purpose of data security and avoiding fraud.

How we use personal information

We use personal information for the following purposes:

  • to maintain our records and keep them up to date;
  • to respond to questions that are submitted to us;
  • to provide the services, effect the transactions, and manage the investments that we have been commissioned to provide and to communicate with you about these, including providing statements and notices;
  • to identify and prevent illegal activity including money laundering and fraud;
  • to carry out any checks that are required by applicable laws and regulations;
  • to ensure that content on our websites is presented in the most effective and convenient manner for you and for your computer or mobile devices, and to monitor usage and interest in different areas of our websites;
  • to carry out general statistical analysis;
  • to assess creditworthiness in accordance with our Terms and Conditions;
  • to provide you with information relating to our products and services
  • to carry out our obligations, and exercise our rights, in relation to legal agreements that you are party to; and
  • for internal administrative purposes.

The legal basis for our use of your information

We need a lawful basis to collect and use your personal data under Data Protection Law. In the United Kingdom, the UK GDPR establishes six legal bases on which we can rely to process your personal data (there are additional requirements for special category data). This includes processing information on the basis of:

  • your consent (for example, to send you direct marketing by e-mail);
  • processing necessary for the performance of a contract with you;
  • processing that is necessary for compliance with a legal obligation (for example, to comply with our reporting obligations to the FCA); and
  • our (and/or your) legitimate interests (please see below for more information).

Personal information may be legally collected and used if it is necessary for a legitimate interest of the organisation using the data, as long as that interest is not overridden by the privacy rights of the individual whose data is being used.  Triple Point’s legitimate interests include responding to solicited enquires, providing information, research, fraud prevention, credit checks, training and monitoring, statistical analysis and employment and recruitment requirements. Unless otherwise stated in this Privacy Policy, the lawful basis for our use of your personal data will primarily be that this information is required for one or more of the legitimate interests described above.

If you would like to change our use of your personal data, please get in touch with us using the details in the “Contact us” section below.

Special Categories of Data

In certain circumstances, in order to provide some services to you (or as part of our recruitment processes), we may need to process types of personal data that the relevant Data Protection Law considers falling into a special category (“special category data”).

Special category data is personal data that needs more protection because it is sensitive. Data Protection Law defines it as including the following categories of data:

  • data revealing your racial or ethnic origins, your political opinions, religious or philosophical beliefs, or any trade union membership you may hold; and
  • data concerning your health, your sex life or your sexual orientation.

We will only ever process special category data in a manner that is permitted under Data Protection Law and under the following circumstances:

  • where you have provided your explicit consent (examples might include where you have provided information on your dietary requirements, and allergies or where you inform us of the requirement for wheelchair access in respect of an in-person event);
  • where such processing is necessary for the establishment, exercise or defence of legal claims (including sharing with our insurers and legal advisers) or the prevention or detection of crime (for example, detecting criminal actions through the use of CCTV or reporting allegations to the police); or
  • where it is in your vital interests to do so, and you are incapable of giving consent (for example to inform any specified emergency contact, the NHS or emergency services in the event of your illness or other emergencies).

In most circumstances, we will not need you to send us any reports or documents about you that contain a special category of data (for example, letters from your doctors or care providers). You should never send these to us unless we specifically ask you to do so.

Who else may have access to your information

Your data may be accessed by different parts of, or companies within the Triple Point Group.

We may disclose your information to third parties:

  • if you request us to do so or give us permission to do so;
  • if we are required to disclose or share your personal data in order to comply with any legal or regulatory obligations;
  • if necessary to do so for us to apply or enforce any agreements to which you are a party;
  • to protect our rights and property, or to ensure our safety, or that of our customers or other parties;
  • to check your identity and/or to prevent fraud and/or to legitimately assess credit risks (where your data is used for credit checks, the credit database will keep a record of the request and may use it if other applications are made in your name);
  • to subcontractors and agents, for the purposes of operating our websites, including the Advancr and Triple Point Income Service websites, in which case we will ensure that such subcontractors also apply responsible data protection and privacy policies;
  • to subcontractors, agents and application tracking system (ATS) platform providers, for the purposes of operating our candidate screening and hiring processes, in which case we will ensure that such subcontractors also apply responsible data protection, confidential and privacy policies;
  • for audit purposes and to meet obligations to legitimate regulatory or tax authorities;
  • if we sell or acquire other businesses which necessitate the sharing of personal data, in which case we will ensure that counterparties also apply responsible data protection and privacy policies;
  • to third-party technology providers in connection with client relationship management, internal business efficiencies and security in each case in compliance with and adherence to appropriate technical and organisational security measures.
  • if instructed to do so by your financial adviser as part of an agreement to provide products or services to you.

 If we share your information with third parties, we will ensure they are obliged to process your information in compliance with applicable data protection legislation (or, if such legislation is not deemed to have equivalence with the Data Protection Laws, in compliance with the requirements for a restricted transfer pursuant to the UK GDPR – more information in respect of which can be found on the ICO’s website here). We will only provide such third parties with the information they need for the purposes set out above.

Where information is provided for the purposes of our candidate screening and/or hiring processes, and has been provided via our third party ATS platform, it will be retained for a period of 1 year after the relevant process has concluded, unless we have expressly agreed otherwise with the relevant candidate (or is otherwise being retained in compliance with our internal data retention policies/procedures). We will seek to retain such information to enable us to promote new opportunities to unsuccessful candidates, to answer queries from the relevant candidate and carry out statistical analysis. Candidates will have the ability to opt out of our (and our subcontractor’s) continued retention of their data (albeit some data may be retained for legal or regulatory reasons or as part of our, or our subcontractors’, automated archive and/or disaster recovery systems, wherein which the deletion of such information in full or in part may impair or otherwise impair the workings of such systems).

Our websites may contain links to other sites, content, or videos (embedded or direct links) that are maintained by third parties. If you follow a link to any of these websites, please note that such sites are not maintained or controlled by us, and those third parties will have their own privacy policies, which will apply at that point.

Storing personal information

We are committed to ensuring the responsible handling and security of personal details held.

Once we have received personal data, we use a variety of manual and automated procedures to ensure it is secure and to prevent unauthorised access, unlawful processing, accidental loss, destruction, or damage of your data.

Your personal data is stored on our secure servers or those of our suppliers which may be situated outside of the European Economic Area (“EEA”). Your information may also be processed by staff who are based outside of the EEA for the purposes set out in this Privacy Policy. Where we transfer personal information outside of the EEA we will ensure that adequate contractual safeguards are in place (e.g. the European Commission’s standard contractual clauses or “model clauses” or the UK GDPR’s standard contractual clauses and international data transfer agreement), to ensure the security of your personal information is maintained when the third party processes it.

We remind and urge you to adopt responsible best practices for your passwords and your own data security more generally. We have set out certain requirements in our Terms and Conditions. 

We also remind you that the transmission of information over the internet is not secure and whilst we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted electronically to us; such transmission is at your own risk. Email technology has unfortunately evolved without native encryption (sending an email is often compared with sending a postcard through conventional mail) therefore, please do not email personal information or login details that you would be concerned about were it to be intercepted. We ask that you re-confirm important information like bank account details by telephone as a precaution against interception.

Retention of your personal information

We will keep your personal information for no longer than is necessary for the purposes for which it is processed, in accordance with our internal policies.

The length of time that TPG will keep data will depend on:

  • the reasons for which we are processing the data;
  • any relevant legal or regulatory requirements that may affect the information (such as the FCA data retention requirements, statutory limitation periods, Data Protection Law retention periods etc.); or
  • any ongoing contractual obligations we might have.

For example, the FCA requires us to retain records about your identification for a period of at least 5 years (but potentially up to 7 years) after our relationship with you has ended, and statutory limitation periods for any potential disputes can last up to 12 years.

Once the retention period has expired, the information will be confidentially disposed, permanently deleted, or in some cases archived.

Please note that we cannot commit to removing any information that:

  • is stored in the ordinary course in any electronic archiving or automatic backup system where the retrieval or destruction of such information would require the modification, destruction or deletion of such system; or
  • is required to be retained by reason of law, compliance (including bona fide internal compliance procedures), regulation or other governmental or court order or instrument in force at the time, provided that any information retained will at all times remain subject to the confidentiality obligations between us and the relevant data subject.

 Your rights

Aside from our own policies and approaches to data, you have various rights by law which are set out below:

  • Right of access (also called a subject access request or SAR)

You have the right to know what information we hold about you and to ask to see your records. There are some exemptions, which means you may not always receive all the information we process, and there are specific statutory timeframes within which we are required to reply to any valid SAR.

Article 15, UK GDPR provides a data subject with the right to obtain from a data controller “confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to said personal data …”.  Consequently, we will only conduct such searches as are necessary to identify instances of the relevant data subject’s personal data within our records and will only provide such documents and data as are relevant to their request.

We will not usually charge you for a SAR (unless we think your request is manifestly unfounded or excessive, which is assessed on a case-by-case basis). You will, however, be asked for proof of identity as the person dealing with your request may not be a staff member you have met before. We need to be sure we are only releasing your personal data to you or to a party authorised by you to receive such information (such as a ).

  • Right to object

You also have a right to object to us processing data where we are relying on it being within our legitimate interests to do so (for example, to send you direct marketing to your business email).

  • Right to restrict processing

In certain situations, you have the right to ask for processing of your personal data to be restricted, for example, because there is some disagreement about its accuracy or legitimate usage.

  • Right of erasure (‘right to be forgotten’)

In some cases, you have the right to be forgotten i.e. to have your personal data deleted from our database. Where you have requested that we do not send you marketing materials, we will need to keep some limited information in order to ensure that you are not contacted in the future.

Please note, whilst we will do our best to affect any request to erase a data subject’s information, we cannot commit to removing any information that:

  • is stored in the ordinary course in any electronic archiving or automatic backup system where the retrieval or destruction of such information would require the modification, destruction or deletion of such system; or
  • is required to be retained by reason of law, compliance (including bona fide internal compliance procedures), regulation or other governmental or court order or instrument in force at the time, provided that any information retained will at all times remain subject to the confidentiality obligations between us and the relevant data subject.
  • Right of rectification

If you believe our records are inaccurate or incomplete, you have the right to ask for those records concerning you to be updated.

  • Right to data portability

Where we are processing your personal data because you have given us your consent to do so, you have the right to request that the data is transferred from one service provider to another.

  • Right to lodge a complaint

You also have the right to make a complaint directly to the relevant supervisory authority, which in the UK is the ICO. You can find details about how to do this on the ICO’s website at: www.ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.

You can also complain directly to us at the contact details below.

Where we rely on your consent to use your personal data, you have the right to withdraw that consent at any time.

To discuss or exercise any of these rights, please let us know in accordance with the “Contact us” section at the end of this Policy.

Response timeframe

We will try our best to respond to all legitimate requests without undue delay and, in any event, within one calendar month of our receipt of said request. In some cases, it may take us more than a month to deal with a request (for example, if it is particularly complex or you have made several requests). We will inform you within the first month whether we will need more time and the reasons for this.

Contact us

If you have any concerns or further questions about our Privacy Policy or would like to exercise one of your rights, please get in touch by writing to us by:

Post:

Compliance Team

Triple Point Group

1 King William Street

London

EC4N 7AF

or Email: Contact@triplepoint.co.uk

Finally, we do welcome and value all feedback, both positive and negative, and if you have any feedback for us please let us know.