redundancy advice graphic

Privacy Statement

Privacy Notice Template

Forsythe Financial Planning is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights.

For the purposes of the GDPR, the data controller is Forsythe Financial Planning.

Our contact details are

3 Laurel Mount Close, The Rock, Carrigaline, Co Cork

Phone: 087 2506365 email: john@forsythe.ie

When we refer to we/us, we mean Forsythe Financial Planning

Please read this Privacy Notice carefully as this sets out the basis on which any personal data, we collect from you, or that you provide to us, will be processed by us.

Who are we?

Forsythe Financial Planning is registered as an insurance, reinsurance, or ancillary insurance intermediary under the European Union (Insurance Distribution) Regulations, 2018.

Forsythe Financial Planning is authorised as an Investment Business Firm under Section 10 of the Investment Intermediaries Act, 1995 (as amended).

Forsythe Financial Planning is a service provider holding appointments from IIA product producers, including intermediaries that may issue appointments, appearing in the register maintained under Section 31 of the Investment Intermediaries Act, 1995 (as amended).

Forsythe Financial Planning offers advice on a wide range of financial services and products.

Our Data Protection Officer can be contacted directly here:

  • John Forsythe
  • john@forsythe.ie
  • 087 250 6365

How do we collect your information and what information do we collect?

The personal information we collect varies depending upon the nature of our services. We will endeavour to provide you with an overview of those categories of personal data our organisation collects and our purpose for using that data.

Our organisation collects personal data in the following ways if you:

  • request a service from us; give examples here.
  • register with or use any of our websites or online applications; please outline in further detail if your firm does
  • use our website/apps and it installs cookies or other tracking technologies onto your device.  
  • engage with us on social media; please outline in further detail if your firm uses LinkedIn, Twitter, Facebook, etc
  • contact us with a complaint or query.

What information do we collect?

The information we collect about you includes the following:

Below are some examples please update/remove for your specific organisation.

Please only include if your firm collects this information. You need to be specific to ensure you are not collecting unnecessary data.

 Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline
 Unique identifiers e.g.
PPS number – the reason why we collect your PPS number is to comply with Anti Money Laundering legislation.
Pension scheme reference number– the reason why we collect this is to gather accurate information before making recommendations about your retirement plan 
Insurance policy numbers, the reason why we collect this is to ensure that we recommend the correct amount of cover.
 Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example, family members you wish to insure on a policy. E.g., your children/spouse/ and miscellaneous individuals who may be financially dependent upon you.
 Family and Beneficiary Data, e.g., dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant.
 Health information such as information about your health status, medical records, and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example, information about your personal characteristics (biometric information) or disability information.  please list if there is anything in addition you collect, please also list the policies that you may require this data for e.g., life cover, health insurance.
 Health information such as information about your health status, medical records, and medical assessment outcomes; We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), and medical history. We may also process certain special categories of information, for example, information about your personal characteristics (biometric information) or disability information.  please list if there is anything in addition you collect, please also list the policies that you may require this data for e.g., life cover, health insurance.
 Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement, and any relevant matters impacting your benefits such as voluntary contributions, PAO, please list if there is anything in addition you collect
 Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement, and any relevant matters impacting your benefits such as voluntary contributions, and Pension Adjustment Orders.
 Financial details e.g., bank account details, details of your credit history and bankruptcy status, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details.
 Claims Data (From you and any relevant third parties). To assist you with making a valid claim.
 Marketing preferences: we will only send you direct marketing if you explicitly consent. 
 Online information: Our website is forsythefinancial.ie
 Events information e.g., information about your interest in and attendance at our events, including provision of feedback forms.
 Criminal records information e.g., the existence of or alleged criminal offenses, or confirmation of clean criminal records for motor products. Please ensure you only collect what is necessary for the policy – do not collect excessive data
 Searches that we undertake in relation to sanctions, money laundering, and credit checks. List PEP/AML/Sanctions search providers that you use
 Searches that we undertake in relation to sanctions, money laundering, and credit checks. We use Broker Information Services to undertake searches in accordance with AML legislation.
 Calculators on our website. We use this data to perform calculations to prepare quotations for life insurance or mortgages. We may collect information about your salary to use for replacement of income or pension projection purposes.

When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.

Information we automatically collect.

We sometimes automatically collect certain types of information when you visit our websites and through e-mails when we communicate with you. Automated technologies may include the use of web server logs to collect IP addresses, “cookies” and web beacons. Other cookies such as functional cookies, marketing cookies, and analytical cookies will only be used with your expressed consent. 

Further information about our use of cookies can be found in our Cookie Notice at the footer of our web page. www.forsythefinancial.ie

How do we use your personal data?

Your Personal Data will be used to enable us to fulfill our contractual obligations in relation to your request for insurance, investment, protection, pension products, impartial financial advice, and quotes.

1.Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product
2.Communicate and market to youWe may contact you by SMS, phone, email, or by post
3.Communicate and market to youWe may contact you by SMS, phone, email or by post
4.To administer our site including data analysis, testing, research, statistical, and survey purposes. Delete if not relevant.
5.To contact you if required or to respond to any communications that you might send to us.
6.Carry out our obligations arising from any contracts entered between you and us and provide you with the information, products and services that you request.
7.Carry out our obligations arising from any contracts entered between you and us and provide you with the information, products, and services that you request.
8.Arranging premium finance agreements.
9.Provide professional services.  Financial Advice and Planning
10Handling complaints
11To notify you about changes to our service
Legal Basis
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.  
Below are some examples please update your specific organisation  
Performance of a contract
When we enter a contract with you, we will collect and use your personal data to enable us to fulfill that service.
Legal obligation The use of some of your personal data is necessary for us to meet our legal obligations e.g., pension contributions for Revenue Certificates and regulatory purposes to the Central Bank. Consent
Sometimes we may rely on consent as a legal basis for processing your information.
For example, we rely on consent to collect and use personal data for any criminal convictions or alleged offences.  This is used when we need to assess risk relating to an insurance policy for you. We share this information with other third parties where it is necessary to manage these services provided to you – these services include insurance underwriters, reinsurers, and other insurance providers.
 
We may also rely on your consent to send direct marketing to you.

We will ensure that we present this to you concisely.  We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time.  

Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services, and/or we may terminate the services provided with immediate effect. For example, if you refuse to complete a Fact Find

If you require further information on any of the above basis for processing your data, we can provide you with further details.

How we share your data  

When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services.  We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.

 Vetting and risk management agencies such as credit reference, criminal record, fraud prevention, data validation, and other professional advisory agencies, where necessary to prevent and detect fraud in the insurance industry and take steps to assess the risk in relation to prospective or existing insurance policies and/or the services. Please include links to forms used here
 Legal advisers, loss adjusters, and claims investigators, where necessary to investigate, exercise, or defend legal claims, insurance claims or other claims of a similar nature; Please include links to forms used here
 Legal advisers, loss adjusters, and claims investigators, where necessary to investigate, exercise, or defend legal claims, insurance claims, or other claims of a similar nature; Please include links to forms used here
 Medical professionals, e.g., where you provide health information in connection with a claim against your insurance policy; or when we are providing a quote for insurance.
 Public authorities, regulators, and government bodies, where necessary for us to comply with our legal and regulatory obligations, or in connection with an investigation of suspected or actual illegal activity; Please include links to forms used here.
 Public authorities, regulators, and government bodies, where necessary for us to comply with our legal and regulatory obligations, or in connection with an investigation of suspected or actual illegal activity.
 Third-party processors: We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. We use Broker Information Services as our CRM provider. These processing operations remain under our control and we have data processing agreements in place with all our third-party processors to ensure all processing is carried out in accordance with our security standards and the GDPR.
 
 

Transferring personal data outside of Ireland

Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”.  We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).

We share data with Pulse Insurance and various other financial service providers who are based in the UK but who retain a presence in Ireland. The EU Commission adopted adequacy decisions for transfers of personal data to the UK. This means that the EU accepts that the UK data protection regime is substantially equivalent to the EU regime and allows personal data to be transferred freely from the EEA to the UK.  Therefore, the UK is not deemed a third country.

Security

The security of your personal data is important to us, we have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk.  We have processes in place to protect your personal data from loss, unauthorised access, misuse, alteration, and destruction.

Retention

Forsythe Financial Planning shall not keep personal data in a form that permits the identification of data subjects for a longer period than is necessary.

Forsythe Financial Planning may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.

The retention period for each category of personal data will be set out in our Retention Schedule (this is a template and should be amended to reflect your firm’s procedures) along with the criteria used to determine this period, including any statutory obligations we have. Only include this sentence if you are and you have the information completed.

Personal data will be disposed of securely.

Data Subjects Rights:

Forsythe Financial Planning will facilitate your rights in line with our data protection policy and the Subject Access Request procedure.

Your rights as a data subject

At any point, while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records.  (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject to legal privilege).
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling.
  • Right to make a complaint: if we refuse your request under rights of access, we will provide you with a reason as to why.

All the above requests will be forwarded, should there be a third party involved, as we have indicated in the processing of your personal data.

Complaints

If you wish to make a complaint about how your personal data is being processed by (name of firm)or how your complaint has been handled, you have the right to lodge a complaint with our Data Protection Officer

You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:

Data Protection Commission

21 Fitzwilliam Square South,

Dublin 2.

D02RD28

Web: www.dataprotection.ie

Email: info@dataprotection.ie

See their website for updated contact details to reach the appropriate section within the DPC.

Failure to provide further information.

If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.

When you fail to provide us with the information we require to fulfill our obligations to you, we may be unable to offer our services to you.

Profiling – automatic decision making.

If you carry out automatic decision making you need to inform the data subject -you need to explain the significance and the envisaged consequences involved. You also need to inform the data subject that they can object to this.

An example of such text is as follows:

An automated decision is when we input your personal data into a computer programme and this programme analyses your personal data to provide us with a result.  There is no human involvement in the decision making. An example of this is reflexive underwriting a decision is taken by automated means, you have the right to object to this and ask us to reconsider the service you have asked us to provide.

An example:

Financial and mortgage advisors use profiling in their business.  The main categories are

  1. Risk profiling.
  2. Profiling for marketing purposes.
  3. Establishing affordability and providing quotations for financial services and mortgage product
  4. Bankruptcy check
  5. PEP check

      a)   Risk Profiling

To establish a customer’s attitude to investment risk (related to pensions and investments) advisors have automated calculators that calculate the customer’s attitude to various levels of risk having answered a series of questions.

  • Profiling for marketing purposes.

When we seek to contact you about other services, as outlined above we run automated queries on our computerised database to establish the suitability of proposed products or services to your needs.

  • Establishing affordability and providing quotations for financial services products.

Special Categories of Personal Data

Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.

If we collect any special categories of personal data, such as health add any further special category here if needed data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:

  • a policy of insurance or life assurance,
  • a policy of health insurance or health-related insurance
  • an occupational pension, a retirement annuity contract, or any other pension arrangement
  • the mortgaging of a property

Contact Us

Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on (087) 250 6365 or email john@forsythe.ie

Privacy notice/ statement changes

When we update this Privacy Notice/Statement, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.

This privacy policy was last reviewed in July 2021. V7