Our View On Data
We think your personal private data is important to you and should be kept personal and private. You provide us with your personal data so that we can support you in protecting your family. You do not provide us the personal information so that we can sell it. This requires that we have a relationship based on trust and we take this relationship seriously.
We refer to it as your data because we genuinely believe it is. We will only share your data with other organisations: to place the protection products you requested, because you have asked us to get one of our partners to support you or because we have a legal requirement to.
This privacy notice sets out details on: what data we may collect about you, how we use your data and your rights.
Who We Are
Wisey, trading name of Batsrock Financial, is a UK financial advice firm. In order to support you in your financial choices we need to understand your needs and situation; this requires the collection and analysis of data about you. If you decide to take out an insurance policy, we will need to share your data with the insurance provider
Why we collect your information - Policy Holder (and perspective policy holders)
What data we collect |
We will collect data on your situation and financial position, this will include information such as your age, gender, occupation, income, expenditure, as well as information on what security you would like to provide to your family. In addition you may provide us information on your dependents and your trustees. Please inform any trustees and dependents over the age of 13 that we hold this information and refer them to this privacy policy. If you provide us information about dependents under the age of 13, unless you inform us otherwise, we will assume you are providing parental consent for us to hold this information. |
What sensitive data we collect | Sensitive data includes information such as your political views, religion, sexual orientation, health and any criminal convictions. By providing information about your dependents you might disclose information on your sexual orientation. In addition, the life insurance companies require details about your medical background to determine the scope and pricing of cover they are willing to offer. |
Why we collect your data |
The data on your situation and financial position are used to help us to generate the advice that we provide you. The better we understand your unique situation and set of needs, the better we can support you in your decisions. This information, along with your medical information may be used by the insurance company to generate the terms and pricing of any policies they offer. If you choose to enter into an insurance contract, a sub set of the information you provide will be used as the basis for your contract with the insurance company. |
How we collect your data | We will collect all our data about you, directly from you. |
Who we will share your data with |
If you take out an insurance policy, we will share the relevant information with the insurance provider. If you request that one of our partners supports you with additional advice, we will provide them with the relevant information that they require to provide you support. Any agency that has a legal right to the data, for example if it becomes relevant to a criminal action. |
Why we collect your information - Dependent(s) of Policy Holder
What data we collect | We will collect personal information on your name, age, gender, how long the policy holder expects you may be financially dependent on them, and the level of financial support they provide. |
What sensitive data we collect | Sensitive data includes information such as your political views, religion, sexual orientation, health and any criminal convictions. We do not collect any sensitive data about you. |
Why we collect your data | The policy holder has asked us to help them work out how they can protect the financial security of those that care for. They have identified that you are currently financially dependent on them. They provide basic information so we can help them determine how much insurance they should purchase. |
How we collect your data | Your data was provided by the policy holder. |
Who we will share your data with | If the policy holder decides to put the policy into trust, and names you as a beneficiary, your data will be shared with the nominated trustees. |
Why we collect your information - Trustee
What data we collect | We will collect data on your name, address and date of birth. |
What sensitive data we collect | Sensitive data includes information such as your political views, religion, sexual orientation, health and any criminal convictions. We do not collect any sensitive data about you. |
Why we collect your data | You have agreed with the policy holder to become a trustee of their policy. The trust form requires your information to create the trust. |
How we collect your data | Your data was provided by the policy holder |
Who we will share your data with | Your data will be included in the trust form. The policy holder will provide this to the insurance company. |
Why we collect you information - Business partners, including: Insurance companies, appointed representatives, suppliers
What data we collect |
We will collect general information such as your name, business address, contact phone number, job title… Depending on the nature of the relationship, we may require proof of identity for example a copy of your passport. |
What sensitive data we collect | Depending on the nature of the relationship, we may need to know details of any criminal convictions you have. |
Why we collect your data |
The generic information is used to enable us to undertake general record keeping and communication. Proof of identity may be used for fraud prevention, anti-money laundering and other such items as required. Details of criminal conviction will be used if your position means that you might be working with vulnerable people or in a position that could facilitate money laundering or fraud. |
How we collect your data |
Your generic information will be provided by yourself, your company or from public records. Your proof of identity will be provided by yourself or your company. If we require details of criminal conviction you will be asked to provide a DBS check. |
Who we will share your data with | Unless required for legal reasons, we do not expect to share this information. If we need to share your information for business reasons, we will agree this with you in advance of it being shared. |
What marketing and profiling activities do we carry out
Marketing |
We will only send marketing information to business partner and Policy holders. As a policy holder you will be asked during our initial meeting if you would like to receive marketing information, and the mediums you would like to receive it by. As a business partner we will ask if you would like to receive marketing material, and the mediums you would like to receive it by. As a trustee or dependent we will only send you marketing material if you contact us and ask to receive it. In all situations you have the right reverse your decision. |
Profiling |
Profiling is integral to providing financial advice. We assess the risks that you face and help you determine the level of cover you require. This requires that we generate your unique profile. We do not use the profile to determine the support we are willing to provide you. The profile is only used to help you make the right decisions. |
Legal Basis for collecting and processing data
Under data protection law we must have a legal basis for collecting and processing your data. There are 6 legal bases, but we only use 4 of them.
PERSON | CONSENT | CONTRACT | LEGAL COMPLIANCE | LEGITIMATE PURPOSE |
Policy Holder |
The information you share with us so we can support you. Your marketing preferences. |
The information that we pass onto the insurance company. | We have a legal duty to ‘know our customer’. | |
Dependent | If you decide that you would like us to send you marketing material | We have a legal duty to ‘know our customer’. As you are dependent on the customer, we have a duty to know basic information about you. | ||
Trustee | If you decide that you would like us to send you marketing material | As you have agreed to be a trustee of the estate, we need to record certain details. | ||
Business Partners | Your marketing preferences. | If we are both party to the same contract, we might have to have basic information on you | So that we can perform every-day business activities e.g. record keeping. |
- Consent – You have given consent to the processing of your data.
- Contract – Processing is necessary for the performance of a contract that you are party to.
- Legal compliance – Processing is necessary for compliance with our legal obligations
- Legitimate purpose – Processing is necessary for the purpose of the legitimate interests pursued by us or a 3rd party
How long do we keep your data for
We will only keep your data for as long as we need it to provide the services that we provide you.
If you take out a policy, or are a dependent of a policy holder or a trustee, we will maintain a copy of your data for the lifetime of the policy, plus any time required for legal reasons.
If you do not take out a policy, we will maintain a copy of your data along with the advice generated for either 3 years (in case you want to review the advice) or the length of time we are legally required to. We will store it for no more than the longer of these two periods.
Transferring data outside the EU
We do not usually need to transfer your data out of the EU. In the event we do we have controls in place to ensure that your data is protected to the same level as if the transfer had occurred within the EU.
How do we protect your data
We think your personal private data is personal and private to you and has the right to stay that way. We have internal procedures on safeguarding data, that include how we destroy data, how we share data and who has access to the data.
Your rights
Under the General Data Protection Regulation you have a number of rights related to your data. We fully support these rights. If you wish to exercise your rights please contact us using the contact details found below.
Access to your data | You have the right to a copy of the data we hold on you as well as certain details on how we have used it. We will usually provide the information in a password protected PDF file. This will usually be provided by email. |
Rectification | We want to hold the most accurate data on you, as this enables us to provide the best support. If you believe that the data is inaccurate or incomplete you can ask us to update the data. |
Restriction of processing | In certain situations, you have the right to ask us to stop using your information. This may be because the information is inaccurate or you feel we no longer have a legitimate need to use it. |
Withdraw consent | Where we rely on your consent to process the information, you have the right to remove our right to process the information. If you take this step it may limit our ability to support you. |
Erasure | This right enables you, in certain situations, to request that we delete your information. We will review you request and take into account other factors, for example a regulatory requirement, to determine if we are able to action your request. |
Object |
This right enables you, in certain situations, to object to us processing data about you. It is your decision if you wish to receive marketing material from us. You can object to the receiving of this information. You can object to our processing of other information about you. If you object we will consider your objection and determine if we are able to comply with your request or if other legitimate reasons, e.g. legal requirements, overrule your objection. |
Data portability | Within certain limitations, you can request that we provide a copy of your personal data to a third party |
Automated decision making | We do not carry out any automated decision making. If we did you would have the right to request that we no longer used an automated method and resorted to a manual method. |
Make a complaint |
You can complain about: 1. how your personal data has been processed Complaints should be sent to us as set out in our “Contacting Us” section |
Contacting us
If you have any questions or comments about our privacy notice, or wish to make contact in order to exercise any of your rights set out within, please contact us using any of the following methods:
- Ring 03333 445 604
- Email DataProtection@wisey.life
- Post: Data Protection, Batsrock Financial Ltd, 21-22 Bath St, Frome, BA11 1DJ.
If you contact us regarding one of your rights, we expect to respond within 5 working days setting out what information we require from you to exercise your right. This would include information such as proof of identity.
Following receipt of the required information, we will contact you within 30 working days with our decision and if relevant the rationale.
If you are not happy with our decision you have the right to lodge an appeal. We will respond to your appeal within 30 days.
At any point, if you are not happy with our approach to data protection, you have the right to lodge a complaint with the Information Commissioners Office; their website address is ICO.org.uk and their helpline number is 0303 123 113
Website and Cookies
Comments |
When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment. |
Media | If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website. |
Contact forms | If you use our contact form, we will record the information in the contacts form and also the visitor’s IP address and browser user agent string to help spam detection |
Cookies |
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day. |
Embedded content from other websites |
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. |
Analytics |
Who we share your data with: We will share your information with our IT support partners including website developers, to enable them to optimise your experience and improve performance. How long we retain your data: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. |
Update to privacy policy
Due to changes in the law, technology or development we may need to make changes to our privacy policy. If we have your email address, we will email you with our updated policy. Otherwise you can check back periodically and check if changes have been made.
Regardless of changes, we will not change our belief that the data is yours, and that you trust us so that we can support you.
This notice was last updated on the 28th September 2023.