Cathedral Financial Consultants Ltd is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
This document is being provided to you in line with our obligations under the General Data Protection Regulation (GDPR), which will come into force on 25th May 2018. From that date, the GDPR, together with applicable Irish requirements, will amend existing data protection law and place enhanced accountability and transparency obligations on organisations when using your information. The GDPR will also introduce changes which will give you greater control over your personal information, including a right to object to processing of your personal information where that processing is carried out for our business purposes.
It is the intention of this privacy statement to explain to you the information practices of Cathedral Financial Consultants Ltd in relation to the information we collect about you and what rights you have in relation to your personal information. When we refer to ‘we’ it is Cathedral Financial Consultants Ltd.
For the purposes of the GDPR the Data Controller is:
- Cathedral Financial Consultants Ltd
- Address: 16 Roden Place, Dundalk, Co Louth.
- Telephone number: 042 9339098
- email: email@example.com
Data Protection Officer
- Data Protection Officer email: firstname.lastname@example.org
1. Who are we
Cathedral Financial Consultants Ltd is regulated by the Central Bank of Ireland as an Investment Intermediary under the Investment Intermediaries Act 1995, and as an Insurance Intermediary under the European Communities (Insurance Mediation) Regulations 2005.
We provide broad based advice on a fair analysis basis and arrange transactions or products suited to your needs in relation to:
- Life Assurance -level, Convertible & Decreasing Term, Whole of Life
- Serious Illness Cover
- Permanent Health Insurance/Income Protection
- Pensions and PRSA’s
2. What personal data Cathedral Financial Consultants Ltd use and where it is obtained:
Cathedral Financial Consultants Ltd may collect and hold the following personal Data
- data to identify you, including your contact information i.e. name, address, telephone number(s), email address, gender, date of birth, occupation, PPS number, photographic identification, address verification, nationality;
- your financial details/financial circumstances as necessary i.e., employment, income, assets, liabilities, existing risk, pension and investment products held, bank account details (where applicable);
- your marital or civil status;
- other sensitive information e.g. medical information which you provide to us, where necessary for the service to be provided;
- information about you provided by others e.g. your spouse/partner, professional advisors, etc.;
- information which you have consented to us using;
- information provided when exercising your rights.
Sometimes we may use your information even though you are not our customer. For Example, you may be a beneficiary under a trust, a director of a client company, and employee of a client, a member of your employer’s pension scheme, or be a potential customer applying for one of our products or services.
We collate information at the initial point of contact with you, whether it be face to face contact, telephone or email contact or by visiting our website. We aim to update this information whenever you require a further service or product.
3. How and why we use your information
We collate, use and share information only where there is a legal basis for doing so. This includes where you have given us information in order to provide you with a service, product, or arrange a transaction for you.
Typically, the legal basis for using your data is to provide a service or arrange a transaction which you have requested. The legal basis will also include complying with our legal and regulatory obligations, e.g. under our Central Bank authorizations, interaction with the Data Protection Commission, Financial Services and Pensions Ombudsman, Revenue, Pensions Authority, when conducting Anti-Money Laundering checks, law enforcement agencies.
Where you have agreed or explicitly consented to the using of your data in a specific way, you may withdraw your consent at any time. This can be done by emailing us at email@example.com or in writing to Cathedral Financial Consultants Ltd, 16 Roden Place, Dundalk, Co Louth.
- We may use your data if necessary to protect your “vital interests” in exceptional circumstances e.g. where we suspect a fraud may be in the course of perpetration.
- Data may also be used for our legitimate interests (which you may object to) such as managing our business, providing service information, conducting marketing activities, training and quality assurance, and strategic planning.
- We will also process any personal data that you voluntarily submit to us via our website for the purposes of contacting you, if required, in connection with your query or to respond to any communications that you might send us.
We also us the non-personal data such as demographic information regarding, for example, user IP address where they have been clipped or anonymized, browser types and other anonymous statistical data involving the use of our website. We use this non-personal data to help design and organize our website.
We may provide non-personal data to third parties, where such information is combined with similar information of other users of the website e.g. we might inform third parties regarding the number of unique users visit our website, the demographic breakdown of other community users of our website, or the activities that visitors to our website engage in while on our website. The third parties to whom we may provide this information may include potential or actual advertisers, providers of advertising services (including websites tracking services), commercial partners, sponsors, licensees, researchers, and other similar parties.
4. Who we share your information with?
When providing our services to you, we may share your information with:
- your authorized representatives;
- product providers with which we propose to arrange business on your behalf;
- service providers who provide us with support services;
- statutory and regulatory bodies where we are legally obliged to do so;
- pension fund administrators, where applicable;
- pensions scheme trustees or your employer in relation to the provision of pension benefits, where applicable.
- third parties with whom (i) we need to share your information to facilitate transactions or services you have requested, and (ii) you have agreed that we may share your information e.g Family members or friends, accountant, solicitor, executor or legal representative
- Our trusted third party ancillary partners such as Mailchimp & Sixtwodigital.
You may be a customer of both Cathedral Financial Consultants Ltd and these third parties, and we and our partners may collect and share information about you, such as your contact detail. We are not responsible for third parties’ use of your personal data where such use is permitted for their own purposes. Please consult their privacy policies for further information.
Please see a list of the current agencies that we hold and links to their privacy notices:
BCP Asset Management: http://www.bcp.ie/privacy-policy
Conexim Advisors Ltd: http://www.conexim.ie/privacy-and-cookie-policy
Credebt Exchange: https://www.credebtexchange.com/legal/privacy
Davy Stockbrokers: https://www.davy.ie/legal/policies/privacy-and-cookies.html
Friends First: https://www.friendsfirst.ie/privacy
Global Reach: https://www.globalreach-partners.com/privacy-policy
Irish Life: https://www.irishlife.ie/privacy-policy/
Standard Life: https://www.standardlife.ie/privacy /
Trustee Principles: http://www.trusteeprinciples.ie/legal
Bespoke Investments Ltd:
Bespoke Trustees Ltd:
General Investment Trust:
Walsh Gibbons: http://walshgibbons.ie/privacy-policy /
Cathedral Financial consultants Ltd may make amendments to the above list in the future by adding or removing an agency from the above list.
5. How long we hold your data?
How long we hold your data for is subject to legislation and regulatory rules we must follow, set by authorities such as the Central Bank of Ireland, Office of the Data Protection Commission, Financial Services and Pensions Ombudsman. The timescales may also depend on the type of financial or insurance, investment, or pension product provided to you. Our aim is to hold your data for no longer that is necessary and subject then to the timescales imposed by our legal obligations.
6. Implications of not providing your data
If you do not provide information we may not be able to:
- provide requested products or services to you;
- continue to provide and/or renew existing products or services;
- assess suitability; and
- where relevant, give you a recommendation for a financial product or service which you require.
7. Transfer of information outside the European Economic Area (EEA)
It is our aim to retain any information which we hold within the EEA. However, given the nature of our business relationships with certain product providers, such providers may have legitimate business reasons to transfer information outside the EEA. The product providers with which we arrange business on your behalf are obliged to comply with the provisions of the GDPR in relation to the transfer of data within or outside the EEA.
8. Processed in an appropriate manner to maintain security
Data security is imperative to ensuring the protection of our customers data. In the event of a data breach the risks to our customers can be personal, financial, reputational, and potentially involve identity theft. In addition, there is the potential damage to our business should a breach occur, particularly in the areas of the loss of trust of our customer, business reputation, financial, and regulatory sanction. We must ensure that we adhere at all times to our Information Security Policy and procedures.
Given the potential impact should our security systems be breached, Cathedral Financial Consultants Ltd would like to make you aware that we adhere to our company policies in relation to Information Security and in particular to the:
- Password protection of PC’s;
- Updating of passwords on a regular basis, using passwords that are not easily identifiable;
- Automatic locking of idle terminals;
- Keeping computer terminal screens out of sight of customers and others who should not view them;
- Internet access and usage, and email usage policies;
- practices in relation to USB keys or other portable data devices;
- Maintaining of up to date virus checking software and firewalls;
- Conducting of virus checks on all IT hardware on a regular basis;
- strict policy of updating IT systems and access when staff change e.g. new employees, people who leave the organisation, changes in roles, with access to data on a ‘need to know’ basis;
- Encryption of devices that leave the organisations premises such as laptops.
In relation to our website use, your personal date is held on a secure server. The nature of the internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the internet or intranet. No transmission of data over the internet can be guaranteed to be 100% secure. However, we take all reasonable steps, including appropriate technical and organisational measure to protect your personal data.
9. Cookie Information
Cookies are small pieces of information stored in simple text files, placed on your computer by a website. Cookies can be read by the website on your subsequent visits. The information stored in the cookie may relate to your browsing habits on the webpage, or a unique identification number so that the website can remember you on your return visit. Generally speaking, cookies do not contain personal information from which you can be identified, unless you’ve furnished such information to the website. You can change the settings on your internet browser to refuse all cookies if you wish.
Cookies do not in any way compromise the security of your computer. Visitors can use most of our website with no loss of functionality if cookies are disabled from the web browser.
10. How we use automated processing or “analytics”
We may analyze your information using automated means:
- to help us understand your needs and develop our relationship with you;
- to help us to offer you products and service information we believe will be of interest to you, providing that you have given us consent to use your data for this purpose;
- by using product providers IT systems and similar systems where you apply for a financial product e.g. to obtain underwriting terms from an insurer, analyze your investment risk profile, affordability testing.
The types and sources of the information we process by automated means about you are listed in Section 2 above.
We also use automated processing to assist in compliance with our legal obligations in connection with prevention of money laundering, fraud and terrorist financing.
11. Data Subject Rights – How to exercise your rights
Cathedral Financial Consultants Ltd will facilitate you in line with our data protection policy and the subject access request procedure.
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that Organisation Name refuses your request under rights of access, we will provide you with a reason as to why.
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).
This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
If you make your request electronically, we will try to provide you with the relevant information electronically.
If you wish to exercise any of your rights, you can contact us in writing at the address below.
Postal: Cathedral Financial Consultants Ltd, 16 Roden Place, Dundalk, Co louth
Telephone: 042 9339098
If you are dissatisfied with our services or how we use your data, you have the right to complain to the Data Protection Commission, contact details as follows:
Address: Office of the Data Protection Commission, Canal House, Station House, Portlaoise, R32, AP23, Co. Laois.
Telephone: 076 1104800 or Lo Call Number 1890 252 231
14. Privacy Notice changes
Cathedral Financial Consultants Ltd may change this privacy notice from time to time. When such a change is made, we will post a revised version online at www.cfc.ie.
Changes will be effective from the point at which they are posted. It is your responsibility to review this privacy notice periodically so you’re aware of any changes.
This Privacy Notice is effective from 25th May 2018 until further notice