Privacy Statement
Introduction
PSRA is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
It is the intention of this privacy statement to explain to you the information practices of PSRA in relation to the information we collect about you.
For the purposes of the GDPR the data controller is:
Evan Hughes
Email: info@expertadvice.ie
Phone: 019055504
When we refer to ‘we’ it is PSRA
Please read this Statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Who are we?
Evan Hughes trading as PSRA is regulated by the Central Bank of Ireland as an Authorised Advisor under the Investment Intermediaries Act 1995: and as an insurance intermediary registered under the European Communities (Insurance Mediation) Regulations 2005.
Our Services
Our principal business is to provide advice and arrange transactions on behalf of clients in relation to life pensions & Investment products. A full list of insurers and product producers with which we deal is available on request.
Life & Pensions
As an Authorised Advisor, we can provide broad-based advice across the market, and place business on your behalf with the life assurance companies with which we hold an agency. PSRA can provide advice on and arrange products from the following range: life cover, serious illness cover, income protection, savings, investments and pensions. We will provide assistance to you for any queries you may have in relation to the policies, or in the event of a claim during the life of the policies and we will explain to you the various restrictions. conditions and exclusions attached to your policy. It is however, your responsibility to read the policy documents, literature and brochures to ensure that you understand the nature of the policy cover, particularly in relation to PHI and serious illness policies
Our GDPR Owner and data protection representative can be contacted directly here:
Evan Hughes
Email: info@expertadvice.ie
Phone: 019055504
Purpose for processing your data
You may give us Personal Data and Special Categories of Personal Data:
By corresponding with us in writing, by phone, email or otherwise. We ask you to disclose only as much Personal Data and/or Special Categories of Personal Data as is necessary to provide you with our Products and services or to submit a question/suggestion/comment in relation to our Websites, our Products or our customer service;
By applying for, or taking out, one or more Products through us as a policyholder or a life insured;
By corresponding with us in relation to one or more of your Policies (e.g. with respect to a claim);
By posting on our social media platforms, message boards, blogs and any other services to which you can post information. Please note that if you share Personal Data or Special Categories of Personal Data through these services, this information may become public information;
When you supply us with goods or services;
By applying to work with us. The type of information you may provide includes your CV, a cover letter, your name, address, email address and telephone number. CVs should include information relevant to your employment history and education (e.g. degrees obtained, places worked, positions held, relevant awards). We ask that you do not disclose Special Categories of Personal Data (e.g. nationality, gender, height, weight, medical information, religion, philosophical or political beliefs) or financial data in your application;
For all Products we collect the following classes of Personal Data:
Contact details (including name, address, email address and telephone number);
Identification details (including gender, marital status, date of birth);
Occupation details;
PPS number;
Nationality and country of residence;
Photographic identification (necessary for performance of anti-money laundering checks);
Bank details, debit/credit card details (where needed);
Income details (where needed);
PEP (politically exposed person) status (for compliance with anti-money laundering legislation);
In certain cases, we may receive sensitive information from which it is possible to infer your trade union membership, religious or political beliefs (e.g. if you are a member of a group scheme through a professional, trade, religious, community or political organisation).
If you have a Pension Product, we also collect the following classes of Personal Data:
Income details;
Employer name and address (executive and group schemes only).
If you have a Pension Product, we will also collect the following Special Category of Personal Data:
Disability information (if you apply for early retirement on the grounds of ill health)
If you have an Investment Product, we also collect the following classes of Personal Data (necessary for compliance with Revenue laws):
US citizen status;
Tax Identification Numbers from other countries (if applicable).
If you have a Protection Product, we also collect the following class of Personal Data:
Income details.
If you have a Product that includes a form of insurance e.g. Protection and some Pension and Investment Products, which also offer life and serious illness benefits, we also collect the following Special Categories of Personal Data:
Medical history (personal and relevant family members), personal habits (e.g. smoking and alcohol consumption), prescription information.
Why we are processing your data? Our legal basis.
In order for us to provide you with Pensions Advice Financial Advice, Financial Planning or a Financial Product PSRA need to collect personal data for the provision of Pensions Advice Financial Advice, Financial Planning or a Financial Product. Our reason (lawful reason) for processing your data under the GDPR is:
Legal basis
PSRA needs to process your data as this is necessary:
in relation to a contract of insurance or other product contract to which the individual has entered into or because the individual has asked for something to be done so they can enter into a contract;
to provide Financial Advice and or a Financial Plan to which consent has been received;
to provide Pensions Advice to which consent has been received;
to provide ancillary services such as acting as tax agent to which consent has been received.
For internal marketing purposes where valid consent is in place to offer suitable products or services and improve our processes.
For statistical analysis data is anonymised and analysed to enable PSRA to understand our customers needs and develop products and services suitable to those needs.
In any event, PSRA are committed to ensuring that the information we collect, and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
How will PSRA use the personal data it collects about me?
PSRA will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.
Special Categories of personal data
If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) – we will ensure the below. We will obtain your explicit consent
Who are we sharing your data with?
We may pass your personal data on to third-party service providers contracted to PSRA in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with PSRA procedures.
If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your explicit consent, unless we are legally required to do otherwise.
The third parties that we pass your personal data to are:
Product Providers (a list of these providers can be obtained by contacting PSRA at 019055504 or info@expertadvice.ie) Your data will only be shared with product providers that you have consented to sharing your data with to enable them to provide you with a product and to maintain that product.
Technical Suppliers to PSRA in so far as is necessary to allow PSRA to store, organise and transmit your data to enable the provision and maintenance of the product or service you have requested. Your data is transferred securely and is not used by other parties for any other reason.
Revenue, if you have elected to chose PSRA to act as your tax agent in respect of products to which tax relief may be available.
Another professional service provider where there is a legal requirement to engage such a service to enable a particular product to be taken by you. In any such case we will notify you of the details of this service, when it is required.
Your Representatives where we have received authorisation from you.
Regulators and official agencies where required to do so by law, regulation or legal process.
Employers, where a group policy is in place to facilitate premium payments or making a claim.
PSRA will provide information on the safeguards in place and how you can also obtain a copy of these safeguards. We have issued all our third-party processors with a Data Processor checklist asking them GDPR specific questions
If we transfer personal data to a third party or outside the EU, we as the data controller will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you the data subject are available.
We use cookies on our website to enable us to track visitors to the website and improve the visitor experience. We do not obtain personal information in this way and cannot identify any person from these activities. We do collect personal information from visitors to our website who complete the contact form on the website. This information is used to help PSRA to answer visitor queries.
Data Subjects Rights:
PSRA facilitate you, our clients, rights in line with our data protection policy and the subject access request procedure. This is available on request.
Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
Right of access – you have the right to request a copy of the information that we hold about you.
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
Right of portability – you have the right to have the data we hold about you transferred to another organisation.
Right to object – you have the right to object to certain types of processing such as direct marketing.
Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
Right to judicial review: in the event that PSRA refuses your request under rights of access, we will provide you with a reason as to why.
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
Additional information we are providing you with to ensure we are transparent and fair with our processing
Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. PSRA will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body (The Central Bank of Ireland) and our internal governance.
Complaints
In the event that you wish to make a complaint about how your personal data is being processed by PSRA or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and PSRA’s data protection representative GDPR Owner
Failure to provide further information
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
Profiling – automatic decision making
Risk Profiling
To establish a customer’s attitude to investment risk (relates to pensions and investments) advisors have automated calculators which calculate the customers attitude to various levels of risk having answered a series of questions. You can object to this profiling; however, this would mean in relation to savings, investment and pension products, that PSRA could not recommend the most suitable funds or products for you.
Profiling for marketing purposes.
When we seek to contact you about other services, as outlined above we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs. You can opt out of this at any time.
Establishing affordability and providing quotations for financial services products.
You can object to this profiling; however, this may result in us being unable to complete a contract or being unable to recommend the most suitable product for your situation. You can also request a human intervention to contest and make representations in relation to any such decision.
Additional Processing
If we intend to further process your personal data for a purpose other than for which the data was collected, we will provide this information prior to processing this data.
Contact Us
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 01 9055504 or email info@expertadvice.ie
Privacy policy statement changes
PSRA may change this privacy policy from time to time. When such a change is made, we will post a revised version online. Changes will be effective from the point at which they are posted. It is your responsibility to review this privacy policy periodically so you’re aware of any changes. By using our services, you agree to this privacy policy.
This privacy policy was last reviewed in May 2018