Mobius Life Limited Data Privacy Notice

Similar documents
Ark Syndicate Management Limited. Privacy and Transparency Notice. Version 1

All Sorts UK Limited Data Protection Policy 17 th May 2018

Privacy Statement. Key Definitions. Data Controller. Processing

European Union General Data Protection Regulation

henriksen limited This document sets out how Henriksen processes data and your rights as the data subject.

Claims Handling We process Your Personal Data in order to record and handle your insurance claim. This may include sharing your Personal Data with:

WHO IS RESPONSIBLE FOR LOOKING AFTER YOUR PERSONAL DATA?

Southern Golden Retriever Rescue Data Protection Policy

PRIVACY STATEMENT. There are terms in bold with specific meanings. Those meanings can be found in the attached Glossary.

Data Protection Privacy Notice for people not directly involved in the accident

DATA PROTECTION INSURANCE MARKET CORE USES INFORMATION NOTICE

Appropriate Policy Document

Privacy Policy Statement

Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy

DATA PROTECTION NOTICE

Privacy Statement v 1.1

Data Protection: Fair processing of student personal information Contents

Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018

Privacy Statement for Intermediaries

Sun Life Assurance Company of Canada (U.K.) Limited. Customer Data Protection Notice

DATA PROTECTION NOTICE

GROUP PRIVACY POLICY. Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ).

ERGO Versicherung AG UK Branch Data Privacy Notice

Management of Personal Information Policy (Privacy Policy)

Firm Registration Form

PRIVACY NOTICE Use of Information Data Controller and Data Processor

1. What Data do we collect and where do we get it from?

Man and Machine - Data Protection Policy

Document Title. Date coming into force: Review Date: Edition No:

Data Protection Cayman Islands

EnerSys UK Pension Scheme (the Scheme) Privacy Notice

DATA PROTECTION POLICY

Newsletter NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN: Similarities and Differences. Atsumi & Sakai

Annuity Death Benefit Payment Authority

Quotation/Inception. Renewal. Policy administration. Claims processing PRIVACY POLICY

SECTION 1 IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER

BINDING CORPORATE RULES

Privacy Notice Student Loans Company Ltd

Long-term Care Insurance Privacy Notice

Privacy Policy and Personal Data

Privacy Notice under the General Data Protection Regulation (GDPR)

ERGO Versicherung AG UK Branch Data Privacy Notice

Privacy Policy. Who we are. Definitions

Amgen Binding Corporate Rules (BCRs) Public Document

Hydro Building Systems UK Limited ( the Company )

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Data Privacy Notice of Sumitomo Mitsui Banking Corporation, Brussels Branch ( SMBC )

Firm Registration Form - Equity Release and Mortgage products

H. KEMP & SON LTD. FUNERAL DIRECTORS (ESTABLISHED 1893) Privacy Policy

This information, or "personal data" as it is often referred to, must be processed according to the principles contained within the Regulation.

Firefighters Pension Scheme

BDML Connect Ltd Privacy Policy_v1.0_March updated Markerstudy Group 2018 Page 1 of 11

Fitzwilliam College Data Protection Policy

Moxtra, Inc. DATA PROCESSING ADDENDUM

Privacy Policy. This privacy policy shall be valid even if you have reserved your transfers through the other sales partners of Plus Group Kft.

Privacy Policy. HDI Global SE - UK

The Controller and Processor Data Protection Binding Corporate Rules of BMC Software

LOCAL GOVERNMENT PENSION SCHEME (LGPS) GENERAL DATA PROTECTION REGULATION - THE IMPLICATIONS FOR THE LGPS

Data Protection Policy. Newbury Academy Trust

Revising policies and procedures under the new EU GDPR

PRIVACY NOTICE 1. WHAT IS A PRIVACY NOTICE & WHY IS IT IMPORTANT?

PRIVACY NOTICE LAST UPDATED: SEPT. 2018

DATA PROTECTION NOTICE

The General Data Protection Regulation (GDPR): action plan for pension scheme trustees

The GDPR how to prepare MiFID II where are we now? Wednesday 21 February 2018

EU Data Processing Addendum

Power of Attorney Application to Appoint an Attorney to Operate an Account(s)

Depending on the circumstances and the stage of your membership, we may hold some or all of the following information about you:

Highland Distillers Pension Scheme (the "Scheme") Privacy Notice

HOW WE PROTECT YOUR PERSONAL INFORMATION PLEASE READ THIS CAREFULLY

DATA PROTECTION NOTICE. The protection of your personal data is important to the BNP Paribas Group 1.

LAMP Services Limited Privacy Notice v1.2 4 th March Controller

PROPFIN LTD. Data Protection Policy

DATA PROTECTION POLICY. Little Baddow Parochial Church Council

DATA PROTECTION NOTICE

DATA PRIVACY & FAIR PROCESSING NOTICE

The Pension and Life Assurance Plan of NG Bailey (Scheme) Privacy notice

The New EU General Data Protection Regulation (GDPR)

Broadbean Technology Limited - Data Processing Agreement (25th May 2018)

DATA PROCESSING ADDENDUM (v1.0)

Hillgate Travel GDPR Response. Privacy Policy

WHAT DECISIONS WILL YOU NEED TO TAKE? GETTING READY FOR THE GDPR PART FOUR LEGAL ISSUES AND TRUSTEE DECISIONS

Privacy Policy. For the purposes of Data Protection Legislation the data controller is the Company.

KCSP Data Protection Policy

GUIDE TO MAKING A MOTOR INSURERS BUREAU CLAIM. Guide to making an MIB claim - Issue 7 (05.18)

Munich Re UK General Branch Information Notice

Pension Trustees. Final Countdown to the GDPR

PRIVACY POLICY OF BPO INSOLVENCY LIMITED (COMPANY REGISTRATION NO ) REGISTERED OFFICE 37 WALTER ROAD SWANSEA SA1 5NW

For commission eligibility and FCA product sales data purposes: if you did not provide advice on this sale please tick

Welcome To Your Data Protection Journey. Paula Tighe Information Governance Executive

DATA PROTECTION STATEMENT

The Nortel Networks UK Pension Plan (the Plan) Privacy Notice

DATA PROCESSING ADDENDUM

* Unless otherwise indicated, this policy will still apply beyond the review date.

CPI PROPERTY GROUP. Group Data Protection Policy. 25 May Summary

JOSTENS EUROPEAN PRIVACY POLICY

Change of Pastorate. Baptist Pension Scheme BBS Consultants & Actuaries Ltd Canard Court St George's Road Bristol BS1 5UU

The Retirement Account

FINANCIAL SERVICES OPPORTUNITIES INVESTMENT FUND LIMITED Company Registration Number: PRIVACY NOTICE

Canada Life Group Critical Illness

Transcription:

Mobius Life Limited Data Privacy Notice

Introduction This data privacy notice confirms how Mobius Life Limited (referred to hereafter as our, us, we or MLL ) obtains, manages, uses, retains and destroys personal data which we process for our customers and associates. Personal data is information (hereafter referred to as data or information ), which can identify a living person or living people (known as an individual or individuals), referred to hereafter as either a data subject, you, your, person, persons individual or individuals ). Examples of the personal data we collect can be your name, your signature, your email address, your address, your phone number, and any other data which will enable us to continue to service your relationship with us. We have produced this document to explain your rights regarding the data we process and the lawful basis we use to process the data. If you are viewing this document online, please refresh the page to ensure you are viewing the current version. Document Date: 25 May 2018. The topics and information within this document have been referenced to make it easy for you to raise an enquiry should you wish to, or refer to if you do not understand something. The contents of this document will be reviewed annually, or more frequently if required due to legislation or regulation. Contents Ref. Topic Page(s) 1. Enquiries 2 2. Complaints 2 3. Information about Mobius Life 3 4. Lawful basis for Controlling & Processing 4 5. Your Rights and Obligations 5 6. Our Rights and Obligations 6 7. Further Information 7 Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 1

1. Enquiries If you have any questions regarding this document or the data we process, our contact details are as follows: For Institutional Pensions (Trustee Investment Plans) or General Enquiries: Email: ClientServices@MobiusLife.co.uk Telephone: +44 (0) 20 7847 3300 Facsimile: +44 (0) 845 268 0200 Address: Mobius Life Limited 7th Floor 20 Gresham Street LONDON EC2V 7JE 2. Complaints If you have a complaint about the way in which your data is being processed by us, you can contact our Data Protection Officer using the following information: Email: Compliance@MobiusLife.co.uk Telephone: +44 (0) 20 7847 3300 and ask to speak to the Data Protection Officer Address: Data Protection Officer Mobius Life Limited 7th Floor 20 Gresham Street LONDON EC2V 7JE You can also complain to the Information Commissioner s Office (ICO): Website: https://ico.org.uk/ Live chat: https://ico.org.uk/concerns/ Email: casework@ico.org.uk Telephone Number: 0303 123 1113 Address: Information Commissioner s Office Wycliffe House Water Lane Wilmslow CHESHIRE SK9 5AF Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 2

3. Information about Mobius Life Limited 3.1 Mobius Life Limited ( MLL ) a) MLL is a regulated Life Insurance Company governed by European Directives, Acts of the UK Parliament, and regulatory rules and guidance by Supervisory Authorities; b) We specialise in providing access to regulated pension products; c) We provide life insurance policies ( long term contracts of insurance ); and d) We aim to treat our customers fairly. 3.2 Registration and Regulation a) We are registered as a data controller with the Information Commissioner s Office as a data controller under registration number Z7092236; b) We are subject to compliance with the Data Protection Act 2018; c) We are subject to compliance with the EU Directive 2016/679 General Data Protection Regulation; and d) We are subject to compliance with international anti-money laundering principles. 3.3 Data Processing When processing your data, we ensure it is: a) Processed lawfully, fairly and in a transparent manner; b) Collected for specified, explicit and legitimate purposes; c) Adequate, relevant and limited to what is necessary; d) Accurate and, where necessary, kept up to date; e) Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed; f) Processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. g) Processed in accordance with your rights. 3.4 Outsourcing Should we decide to transfer ( outsource ) the processing of your data, in part or full, to another company ( associate ) either in the UK, other parts of the European Economic Area ( EEA ), or a country or territory outside of the EEA, we review their systems and controls to ensure they can provide a satisfactory level of protection for your rights and freedoms in relation to the processing of your data, and they agree to adhere to the data processing standards which are set out in 3.3 above, and is lawful. Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 3

4. Lawfulness Basis for Controlling & Processing 4.1 The Data Protection Regulations The legal options available to us for controlling and processing your data. a) Consent: the data subject has given consent to the processing of their personal data for one or more specific purposes, or consent has been given by an authorised person or authorised organisation to provide consent on the data subjects behalf (see 4.4); b) Contract: processing is necessary for the performance of a contract to which the data subject is party to or in order to take steps at the request of the data subject prior to entering into a contract; c) Compliance with legal obligation: processing is necessary for compliance with a legal obligation to which the controller is subject; d) Protection of vital interests of the Data Subject: processing is necessary in order to protect the vital interests of the data subject or of another natural person; e) Public interest/official authority: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and f) Legitimate interest: processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. 4.2 Processing your data a) If you have a policy with us, we use option 4.1 b) ( contract ) to control and process your data, as without the minimal amount of data which we require, we would not be able to distinguish between you and another policyholder or associate. b) Before any processing of your data past the legal basis of contract, we ensure the additional processing is not overridden by your rights, see 5.1 g), 5.1 h) and 6.2 f), by informing you of our intention before we conduct the additional processing. 4.3 Processing representatives data ( associates ) a) Our definition of a representative is a third party who is acting in some way between you and us to supply you and/or us with a service. Some examples for you could be your employer, a financial adviser, an Actuary, a friend etc. b) If the representative is forwarding your information to us, or communicating with us on your behalf we use option 4.1 c) ( Compliance with legal obligation ) as you may ask us where we received your information from. c) Representatives have the same rights in respect of their data, providing we can identify them as an individual, so this document is applicable to them as well. d) If you decide to appoint a representative to act on your behalf by power of attorney, we will classify them as your authorised representative, and we will check to ensure they are authorised by you to represent and act for you. 4.4 Marketing a) Where we have established a lawful basis confirmed in 4.2 or 4.3, we may process your contact details for marketing you directly. b) If we have your contact details and 4.2 a) and 4.3 b) cannot be established as the lawful basis, we may use either 4.1 a) ( consent ) or 4.1 f) ( legitimate interest ). c) We will inform you if any additional processing is required to conduct the marketing (see 6.2 f)), and you can request we stop, restrict and object to receipt of marketing material, by exercising your rights in 5.1 g) and 5.1 h). Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 4

5. Your Rights and Obligations You have the following rights and obligations regarding your data which we hold for processing: 5.1 You have the following rights: a) To request the purpose of why we are processing your data; b) To understand the categories of personal data we hold on you (see data categories in 7.1); c) To have confirmation of who we share your data with and the type of businesses we share your data with; d) To have confirmation of how long we plan to hold your data (see data retention in 7.3); e) To request we update/rectify your data if the data we hold is no longer valid or incorrect; f) To request we delete/erase the data we hold on you; g) To request we either stop or restrict the processing of your data; h) To object to us processing your data, e.g. to sending you marketing material; i) To complain to our data supervisory body, the Information Commissioner s Office. Their contact details are confirmed on page 2; j) To request details of the data source if we have not collected your data directly from you (e.g. it may have been supplied by your employer or authorised representative); k) To understand the logic behind any automated decision-making profiling we use, and to object to us using it by automated means; l) To understand the processes and safeguards we have in place if we transfer your data to another company based either inside or outside of Europe for processing, before or at the latest when your data is first disclosed to them (we will also inform you as to whether they are a data controller or a data processor); m) To request for a copy of the data we hold on you either in paper format or electronically (see subject access requests in 7.2), in an easily visible, intelligible and clearly legible manner, and free of charge for an initial request; n) To request us to send your data to another organisation, known as data portability, when it is technically possible for us to do so; o) To be informed by us if there has been an incident which has become classified as a personal data breach involving your personal data which could cause a high risk to you; p) To be informed by us if we have not carried out your instructions within one month of your request explaining why, and confirming to you your right to raise a complaint with the Information Commissioners Office, see 5.1 i), or seek a judicial remedy (refer the matter to a court of law); q) To receive compensation for either material or non-material breaches of the data protection regulations involving your personal data; r) To ask a non-for-profit organisation to represent you (e.g. citizens advice bureau) and become your authorised representative; s) To understand the data gathered when visiting websites or accessing data portals (see 7.4); t) Where we have obtained your consent for a processing activity, see 4.1 a) and 4.4 b), you have the right to withdraw your consent; and u) Object/Complain if you think your data has been unlawfully processed by us. 5.2 You have the following obligations a) To provide us with accurate data, and inform us if your circumstances change making you illegible to continue to hold a policy with us; and b) To keep your contact details up to date, e.g. change of postal address, email address, phone number etc. Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 5

6. Our Rights and Obligations We have the following rights and obligations regarding your data which we hold for processing: 6.1 We have the following rights a) To not confirm who we are sharing your data with if it is being shared as part of a criminal investigation, e.g. money laundering investigation by the police; b) To extend the period of processing your request from one month to three months, due to either the complexity of your request, or the volume of requests we are processing (we will inform you if this is the case within one month of your request); c) We have the right to profile your data in order to supply data for internal management statistics and to file regulatory returns; d) To refuse to delete/erase your data where we may need it for legal or regulatory requirements; e) To delete/erase the data we hold on you having given you prior notice of our intention to do so, unless it is not practical to notify you; f) To cease processing your data when your personal data is no longer required; g) To request additional identity information from you where we have doubts a request is actually being made by you or your authorised representative; h) Arrange for the processing of your data by another company following adequate reviews of their systems and controls, and notification to you (if applicable); i) Provide you with paper copies of the personal data we hold on you if it is not practical to provide an electronic copy, unless it will adversely affect the rights of others; and j) To request identity checks, credit checks and criminal records checks providing we have a valid reason to do so. 6.2 We have the following obligations a) We ensure your data is processed for a legitimate purpose, i.e. because you want us to, and we will cease processing it if it is not, e.g. our relationship has ended or you are no longer identifiable in our processing activities; b) To act on your request, unless we cannot identify you; c) To inform you if we cannot act on your request within one month, as per 5.1 p), together with reminding you of your right to raise a complaint with the Information Commissioner s Office, or seek a judicial remedy, also see 6.1 b); d) To inform you before we delete/erase your data, unless it is impractical to do so; e) Where we receive your data from a third party (e.g. your employer or authorised representative), we need to ensure you have access to the information in this document when we first make contact with you and at least within 1 month of receipt of your personal data, and confirm the source of where the personal data originated from; f) If we intend to process your data for another purpose than you expected us to, or we wish to lift a restriction and process your data again, we are required to inform you of our intention before we conduct the additional processing, e.g. where you have asked for us not to contact you again, and we later decide to delete your data from our records as the regulatory timeframe to keep it has expired (see 7.3 d)), we will notify you of this action to comply with 6.2 d); g) Provide you with electronic access to the data we hold on you if practical; h) Provide you with a copy of the data we hold on you either in paper or electronically (see subject access requests in 7.2). The information we supply you will be in a clear, intelligible and clearly legible readable manner, and free of charge for an initial request; i) To confirm how long we will retain your data for (see Data retention in 7.3); j) Update your data when requested; and k) At the request of a regulatory body, e.g. the Information Commissioner s Office, we will supply them with a copy of the data we hold on you. Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 6

7. Further Information The following information may assist you in understanding of your rights and the conditions governing your personal data. 7.1 Data Categories: a) Standard Personal Data: is any information relating to an identified or identifiable natural person, i.e. your data, which is not classified as Special Category Personal Data. b) Special Category Personal Data: is a type of data deemed to be sensitive to the data subject which include your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning physical or mental health, data concerning a natural person's sex life or sexual orientation. c) We process standard personal data and special category personal data under the lawful basis of contract making the confirmation and purpose for processing clear during the collection process. 7.2 Subject access requests a) A subject access request is the official term for you to request a copy of the data we hold on you, referred to in 5.1 m). To request a copy of the personal data we hold on you please use the contact details on page 2. b) We will provide you with either a paper copy or electronic copy (if possible), and will be free of charge for an initial request. c) We are permitted to make a reasonable charge for subsequent requests, which will depend on the amount of work involved. 7.3 Data retention a) We will hold your data for the required period permissible by our regulators. If we decide to delete/erase your data we will notify you of our intention unless it is impractical to do so. b) Generally, we will hold/retain your data for six years unless 7.3 c) or e) applies, or there is a valid reason to delete/erase it before then. c) The Financial Conduct Authority (FCA) prescribes we hold your data in relation to any pension transfer, pension conversion, pension opt-out or free standing additional voluntary contribution (FSAVC) polices indefinitely. d) The FCA prescribes we hold your data in relation to a pension contract for at least five years, and six years for financial promotions. We classify an application form as a financial promotion. e) We may have to hold your data indefinitely for legal reasons. f) If you ask us to delete/erase your data, we will examine the connection of your data with 7.3 c), d) and e) to see if they are applicable before we confirm our action or decision not to act. 7.4 Data from our website a) When you visit our website, we collect information during your visit through the use of cookies. We use these cookies for a variety of reasons, most commonly to distinguish you from other users of our website and to help us compile aggregate statistics about the usage of our website. b) For more information visit: http://mobiuslife.co.uk/information/cookies/ Mobius Life Limited 7 th Floor, 20 Gresham Street, London EC2V 7JE Page 7

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback