Firco Group may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy has been updated and is effective from 11th January 2020.
During the course of dealing with us, we will ask you to provide us with detailed personal information relating to your existing circumstances, your financial situation and, in some cases, your health and family health history (Your Personal Data). This section is important as it allows us to explain to you what we will need to do with Your Personal Data, and the various rights you have in relation to Your Personal Data.
What do we mean by “Your Personal Data”?
Your Personal Data means any information that describes or relates to your personal circumstances. Your Personal Data may identify you directly, for example your name, address, date of birth, national insurance number. Your Personal Data may also identify you indirectly, for example, your employment situation, your physical and mental health history, or any other information that could be associated with your cultural or social identity.
In the context of providing you with assistance in relation to your investments, savings, pensions, mortgage, finance and/or insurance requirements Your Personal Data may include:
- Title, name, date of birth, gender, nationality, civil/marital status, contact details, addresses and documents that are necessary to verify your identity
- Employment and remuneration information, (including salary/bonus schemes/overtime/sick pay/other benefits), employment history
- Bank account details, tax information, loans and credit commitments, personal credit history, sources of income and expenditure, family circumstances and details of dependents
- Health status and history, details of treatment and prognosis, medical reports (further details are provided below specifically with regard to the processing we may undertake in relation to this type of information)
- Any pre-existing mortgage, finance and/or insurance products and the terms and conditions relating to these
The basis upon which our firm will deal with Your Personal Data
When we speak with you about your investments, savings, pensions, mortgage, finance and/or insurance requirements we do so on the basis that both parties are entering a contract for the supply of services.
In order to perform that contract, and to arrange the products you require, we have the right to use Your Personal Data for the purposes detailed below.
Alternatively, either in the course of initial discussions with you or when the contract between us has come to an end for whatever reason, we have the right to use Your Personal Data provided it is in our legitimate business interest to do so and your rights are not affected. For example, we may need to respond to requests from mortgage lenders, insurance providers and our Compliance Service Provider relating to the advice we have given to you, or to make contact with you to seek feedback on the service you received.
On occasion, we will use Your Personal Data for contractual responsibilities we may owe our regulator, The Financial Conduct Authority, or for wider compliance with any legal or regulatory obligation to which we might be subject. In such circumstances, we would be processing Your Personal Data in order to meet a legal, compliance or other regulatory obligation to which we are subject.
The basis upon which we will process certain parts of Your Personal Data
Where you ask us to assist you with for example your insurance or ethical investments, in particular life insurance and insurance that may assist you in the event of an accident or illness, we will ask you information about your ethnic origin, your health and medical history (Your Special Data). We will record and use Your Special Data in order to make enquiries of insurance / investment providers in relation to insurance products that may meet your needs and to provide you with advice & guidance regarding the suitability of any product that may be available to you.
If you have parental responsibility for children under the age of 13, it is also very likely that we will record information on our systems that relates to those children and potentially, to their Special Data.
The arrangement of certain types of insurance may involve disclosure by you to us of information relating to historic or current criminal convictions or offences (together “Criminal Disclosures”). This is relevant to insurance related activities such as underwriting, claims and fraud management.
We will use special Data and any Criminal Disclosures in the same way as Your Personal Data generally, as set out in this Privacy Notice.
Information on Special Category Data and Criminal Disclosures must be capable of being exchanged freely between insurance intermediaries such as our Firm, and insurance providers, to enable customers to secure the important insurance protection that their needs require.
How do we collect Your Personal Data?
We will collect and record Your Personal Data from a variety of sources, but mainly directly from you. You will usually provide information during the course of our initial meetings or conversations with you to establish your circumstances and needs and preferences in relation to investments, savings, pensions, mortgages, finance and insurance. You will provide information to us verbally and in writing, including email.
We may also obtain some information from third parties, for example, credit checks, information from your employer, and searches of information in the public domain such as the voters roll. If we use technology solutions to assist in the collection of Your Personal Data for example software that is able to verify your credit status. We will only do this if we have consent from you for us or our nominated processor to access your information in this manner. With regards to electronic ID checks we would not require your consent but will inform you of how such software operates and the purpose for which it is used.
What happens to Your Personal Data when it is disclosed to us?
In the course of handling Your Personal Data, we will:
- Record and store Your Personal Data in our paper files, mobile devices and on our computer systems (websites, email, hard drives, and cloud facilities). This information can only be accessed by employees and consultants within our firm and only when it is necessary to provide our service to you and to perform any administration tasks associated with or incidental to that service.
- Submit Your Personal Data to Product Providers, Mortgage Lenders, Commercial Lenders and/or Insurance Product providers, both in paper form and on-line via a secure portal. The provision of this information to a third party is essential in allowing us to progress any enquiry or application made on your behalf and to deal with any additional questions or administrative issues that lenders and providers may raise.
- Use Your Personal Data for the purposes of responding to any queries you may have in relation to any mortgage, finance product or insurance policy you may take out, or to inform you of any developments in relation to those products and/or polices of which we might become aware.
Sharing Your Personal Data
From time to time Your Personal Data will be shared with:
- Investment or pension providers Mortgage lenders, Finance lenders and/or Insurance providers
- Third parties who we believe will be able to assist us with your enquiry or application, or who are able to support your needs as identified. These third parties will include but may not be limited to, our compliance advisers, product specialists, estate agents, providers of legal services such as estate planners, conveyancing, surveyors and valuers (in each case where we believe this to be required due to your particular circumstances).
- We would also like to keep you informed of pension, mortgage, insurance, investment and any other services provided by us or associated companies with which we have a formal business arrangement; which we think may be of interest to you. We would like to contact you by way of letter, email or telephone call. If you do not wish to receive such marketing information, please tick the box on Firco Service & Costs Agreement.
In each case, Your Personal Data will only be shared for the purposes set out in this Customer Privacy Notice, i.e. to progress your investments, savings, pensions, mortgage, finance and/or insurance enquiry and to provide you with our professional services.
Please note that this sharing of Your Personal Data does not entitle such third parties to send you marketing or promotional messages: it is shared to ensure we can adequately fulfil our responsibilities to you, and as otherwise set out in this Customer Privacy Notice.
Transferring information overseas
We may transfer your information to organisations in other countries on the basis that anyone to whom we pass it protects it in the same way we would and in accordance with applicable laws.
We do not envisage that the performance by us of our service will involve Your Personal Data being transferred outside of the European Economic Area. However, in the event that we transfer information to countries outside of the European Economic Area (which includes countries in the European Union as well as Iceland, Liechtenstein and Norway), we will only do so where:
- the European Commission has decided that the country or the organisation we are sharing your information with will protect your information adequately;
- the transfer has been authorised by the relevant data protection authority; and/or
- we have entered into a contract with the organisation with which we are sharing your information (on terms approved by the European Commission) to ensure your information is adequately protected. If you wish to obtain a copy of the relevant data protection clauses, please contact us by writing to:
in writing: The Data Protection Officer, Firco, 62 Dunbabin Road, Childwall, Liverpool L16 7QH
Telephone: 0151 372 0388
Security and retention of Your Personal Data
Your privacy is important to us and we will keep Your Personal Data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard Your Personal Data against it being accessed unlawfully or maliciously by a third party.
We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.
Your Personal Data will be retained by us either electronically or in paper form for a minimum period of 6 years following the advice/service you receive from us, although your data could be held for a longer period where this may be needed to meet the requirements of our regulatory bodies.
Your rights in relation to Your Personal Data
- request copies of Your Personal Data that is under our control
- ask us to further explain how we use Your Personal Data
- ask us to correct, delete or require us to restrict or stop using Your Personal Data (details as to the extent to which we can do this will be provided at the time of any such request)
- ask us to send an electronic copy of Your Personal Data to another organisation should you wish
- change the basis of any consent you may have provided to enable us to market to you in the future (including withdrawing any consent in its entirety)
How to make contact with our Firm in relation to the use of Your Personal Data
If you have any questions or comments about this section, or wish to make contact in order to exercise any of your rights set out within it please contact:
in writing: The Data Protection Officer, Firco, 62 Dunbabin Road, Childwall, Liverpool L16 7QH
Telephone: 0151 372 0388
If we feel we have a legal right not to deal with your request, or to action, it in different way to how you have requested, we will inform you of this at the time.
You should also make contact with us as soon as possible on you becoming aware of any unauthorised disclosure of Your Personal Data, so that we may investigate and fulfil our own regulatory obligations.
If you have any concerns or complaints as to how we have handled Your Personal Data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted:
in writing: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Some of the data center’s more notable security features are as follows:
- In-house vulnerability scanning for all infrastructure, servers, databases and applications are conducted regularly, vulnerability scanning reports are processed internally and remedied quickly. Any customer impacting changes are reported on our public status blog, but only after we’ve made the changes to reduce the chance of exposure.
- The WP Engine’s computing environment undergo external penetration testing by an independent, qualified vendor at least once per year. WP Engine contracts with a third-party vendor to perform penetration testing. Penetration testing results are formally communicated to WP Engine and remediation plans developed to address items noted within.
- The data center environment undergoes a SAS 70 Type II examination at least annually.
- All computing equipment is in a physically secure facility, where electronic access controls are used to prevent unauthorized access to computing facilities
- Firewalls configured based on the principle of least privilege, where firewalls only allow approved applications, protocols, and services required to meet business needs
- Intrusion detection or intrusion prevention systems are used to monitor and/or protect your network
- Background screenings are conducted for all personnel (employees and contractors) that have access to critical infrastructure, servers, applications, or data
- Documented security baselines to harden and secure IT systems. WP Engine’s security firms establish baselines and ensure we are adhering to them. These change over time as new information and processes are put into place.
- WP Engine maintains reasonable security precautions consistent with industry best practices, as documented in standards such as ISO/IEC 27002
The site uses WordFence a security plugin which has the newest firewall rules, malware signatures and malicious IP addresses needed to prevent attacks and keep the websites safe. This also includes a brute force prevention aspect which maxes out after 3 login attempts, after which the IP attacking the site gets blocked. We also receive notification of any attempts.
The server that hosts this site continually monitors developments in data security, privacy, and compliance around the globe, including the GDPR. The server has always upheld the core principles behind GDPR as evidenced by its early adoption of the Privacy Shield program, and is expected to be in compliance when it is implemented.
- Daily Backups – Automated, redundant systems for your critical applications.
- Enterprise-Grade Security – Proactive WordPress security keeps your data and your website safe.
- Firewall – Multiple, powerful firewalls between your data and threats.
- Malware scan – Proactive detection and elimination of malware.
- Evercache – Proprietary caching technology for massive scalability and speed.
- 1-Click Restore – Instant backup and restore with easy Snapshot Backups.
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
When we ask you for personal information online, it will only be in response to you actively applying for or using one of our online forms, products or services.
If you are giving us information for the first time, we shall explain the purposes for which we shall use it at that time. If you are a client already, this explanation will be in our Privacy Notice which you can find above.
We may use personal information you provide for the purpose of providing more relevant content to you.
Some cookies are deleted when you close down your browser. These are known as session cookies. Others remain on your device until they expire or you delete them from your cache. These are known as persistent cookies and enable us to remember things about you as a returning visitor.
This website uses persistent cookies.
If you want to restrict or block cookies on our site, you can do this through your browser settings. The ‘help’ function within your browser should tell you how, or you can find out by visiting www.allaboutcookies.org, or search the internet for other independent information on how to delete cookies. You can set your browser to delete all past cookies and to disallow third-party cookies.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.youronlinechoices.com. Alternatively, you can search the internet for other independent information on cookies.
- Provide products and services that you request and to provide a secure online environment
- Give you a better online experience and track website performance
- Help us make our website more relevant to you
Cookies that are essential for us to provide a product or service you have requested and to provide a secure online environment. Without cookies, we are unable to provide some products or services that you might request. Other ‘essential’ cookies keep our website secure. Even if you say no to cookies on this website, we will continue to use these essential cookies.
Essential cookies are used to:
- deliver interactive services, such as: online product or service applications
- maintain online security and protect against online fraud
These cookies make our online services easier to use and help us to understand how people use our websites.
Amongst other things they will:
- Make online banking login faster by remembering you between visits on your personal devices
- Remember relevant information as you browse from page to page to save you re-entering the same information repeatedly
We use this type of cookie to understand and analyse how visitors use our online services and to look for ways to improve them. For example, a cookie might tell us that lots of people give up on an application process at a particular step – so we can try to make that step easier to complete.
The analytics cookies we use include:
- Adobe Analytics, to improve our websites and services. This service and the cookies help us understand the popularity of our content and make better consumer experiences.
These cookies are used to ensure that we present information relevant to you. For example, if you have a personal account with us, we will recognise this and avoid showing you special offers only available to people with business accounts.
Cookies may also be set if you click on a link within the email.