Privacy & Cookie Statement
With effect from 25th May 2018
Lewis Investment is committed to protecting your personal information and ensuring that it is used fairly and responsibly. This Notice explains how we use any personal information we collect about you.
Data Protection Act
Lewis & Co (Investments & Pensions) Limited, trading as Lewis Investment, is a registered Data Controller under the Data Protection Act 1998; registration number Z6529406. Our registration can be found via the Information Commissioner’s website.
Why we need to collect and use your personal data
The primary legal basis that we intend to use for the processing of your data is that it is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations. We will obtain your explicit consent to collect and process this information.
What information do we collect and how is it used?
We collect information about you when you engage us for financial planning or mortgage advice, this information will relate to your personal and financial circumstances. It may also include special categories of personal data such as data about your health, if this is necessary for the provision of our services. For example;
- Information you provide to us to enable us to make appropriate investment recommendations (this may include personal information concerning your family members, if provided to us); and/or
- Where you are a corporate customer, details about your staff (including, where applicable, their family members), and may include information obtained from third parties; and/or
- Where you are a trustee of a trust, the details of all trustees and other beneficial owners, settlors and protectors as we deem appropriate.
- Where you are provided with access to the Lewis Client Portal personal data, including your name, address, date of birth and national insurance number will be held on the portal. Non-personal data held on the portal includes your assets, your income and expenditure details and your portfolio details, including investments and plans.
You can remove your data from the Lewis Client Portal service at any time, although portions of your data, consisting of aggregate data derived from your account information, may remain on our servers indefinitely. Your data may also remain on a backup server or media.
Who might we share your information with
To effectively deliver our services to you we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to arrange financial products for you.
Where it’s necessary for your personal data to be forwarded to a third party we’ll use appropriate security measures to protect your data in transit. Where we can, we will use secure portals. We will also employ encryption and in some cases secure folders.
To fulfil our obligations in respect of the prevention of money laundering and other financial crime we may send your details to third party agencies for identity purposes. Our current service provider is Creditsafe Business Solutions Limited.
We may disclose your information to future owners of our business or where we are required by law to do so
Except for the above provisions, we will not pass your details to any other third party, without your express permission.
You can access the information we hold about you
You have the right to request a copy of the personal information we hold about you. You can make a request to us at any time in writing or by email, details below.
When your personal data is processed by automated means you have the right to ask us to move it to another organisation for their use.
If you believe that any information we are holding about you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.
How long will we keep your information?
In principle, your personal data shouldn’t be held for longer than is required under the terms of our contract for services with you. However, we’re subject to regulatory requirements to retain data for specified minimum periods. We also reserve the right to retain data for longer than this due to the possibility that it may be required to defend a future claim against us. In any case, we’ll not retain your personal data for longer than 5 years past the time of your death.
You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
Visitors to our website
We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out thinks such as the number of visitors to the various pages of the website. This information is only processed in a way which does not identify anyone.
E-Marketing and E-newsletter
We’d like to send you information about our products and services which may be of interest to you but only if you’ve consented to receive such information. If you no longer wish to be contacted for marketing purposes, please contact us by email, firstname.lastname@example.org, or post.
We use a third-Party provider, MailChimp, to deliver our e-newsletters and email updates. We gather statistics around opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter and email updates. For more information, please see MailChimp’s Privacy Notice.
We use a third-party service, WordPress.com, to publish our website. The site is hosted by Siteground Inc.
What are cookies?
Cookies are small text files sent by a web server to an internet user’s computer when the user accesses the website. There are basically two types of cookie, session and persistent.
Session cookies are used to maintain the state of the connection between the web server and the user’s computer, so that once a user is logged in they can move between the web pages on the same website without having to keep logging in. These are deleted at the end of the browsing session.
Persistent cookies are stored on the hard disk of the internet user's computer, unless the user has configured the web browser not to accept cookies. Persistent cookies can be used for authenticating users and maintaining specific information about users, such as site preferences, and to provide the website owner with information about how users use their site.
Third party cookies are where another website domain specifies a cookie and places it on your computer for the website you are viewing.
How do I change my cookie settings?
Please note that disabling all cookies may prevent you from accessing some websites.
What you can do if you are unhappy with how your personal data is processed
You also have a right to lodge a complaint with the supervisory authority for data protection. In the UK this is:
Information Commissioner’s Office
Cheshire. SK9 5AF
How to contact us