Introduction
This Privacy Policy explains how The Finprom Pro Limited (Trading as The FinProm Pro & FinProm Pro) collects and processes personal data in relation to data subjects.
The Finprom Pro Limited is the controller of personal data. The Finprom Pro Limited is registered in England and Wales under the company registration number: INSERT. Any reference to ‘the controller’ within this Privacy Policy shall mean The Finprom Pro Limited. Any reference to ‘client’ shall mean an incorporated entity, sole trader or limited liability partnership.
As a controller of personal data, The Finprom Pro Limited is also registered with the Information Commissioner’s Office (ICO), registration details: INSERT.
This Privacy Policy was last updated on 25/01/2024.
Contact Information
Email: data@thefinprompro.com
Personal Data We Collect
The controller may collect personal data directly from individuals acting on behalf of or as existing, historical and potential clients for various purposes for processing.
Examples of the categories of personal data that the controller may obtain directly from individuals acting on behalf of or as existing/historical and potential clients may include but are not necessarily limited to: identity information, contact information, location information, employment information, company ownership information, business relationships, associated regulatory information, service information and service history, special category information, criminal offence data, and financial information.
How We Collect Personal Data
The controller may obtain personal data directly from individuals acting on behalf of or as existing/historical and potential clients prior to, throughout and following the provision of services, and from third-party sources, through the following means:
- Direct interactions
- Email correspondence
- Telephone calls
- Verbal interactions
- Regulators
- Companies House
- Referrals
Purposes, Lawful Bases and Conditions for Processing Personal Data
As the controller of individuals acting on behalf of or as existing/historical and potential clients personal data, there are a variety of purposes for which the controller processes personal data. The controller has set out the purposes for processing personal data about any individuals acting on behalf of or as existing/historical and potential clients and the lawful bases for processing and where relevant, conditions for processing
| Purposes for Processing | Lawful Bases/Conditions |
| To respond to enquiries submitted by individuals acting on behalf of or as existing/historical and potential clients for services. | Legitimate Interests (necessary for the controller to commence or seek to commence requested services). |
| To communicate with individuals acting on behalf of or as existing/historical and potential clients regarding the provision and conclusion of requested services. | Legitimate Interests (necessary for the controller to provide requested services). |
| To communicate with regulators concerning or on behalf of individuals acting on behalf of or as existing/historical and potential clients. | Legitimate Interests (necessary for the controller to provide requested services). Explicit Consent (criminal offence data, special category data). Legal Claims (criminal offence data). |
| To process and manage invoicing, payments or refunds for services requested by individuals acting on behalf of or as existing/historical and potential clients. | Legitimate Interests (necessary for the controller to provide requested services). |
| To respond to and deal with data rights requests submitted by individuals acting on behalf of or as existing/historical and potential clients. | Legal Obligation |
| To respond to and deal with complaints submitted by individuals acting on behalf of or as existing/historical and potential clients. | Legitimate Interests (necessary for the controller to resolve complaints and improve services). |
| To communicate significant updates to individuals acting on behalf of or as existing/historical and potential clients concerning this Privacy Policy. | Legal Obligation |
| Record keeping. | Legitimate Interests |
| Fraud prevention. | Legal Obligation |
| Legal claims. | Legitimate Interests (The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity). |
| To communicate newsletters requested by individuals acting on behalf of or as existing/historical and potential clients. | Consent |
| To manage suppression lists in relation to the communication of newsletters requested by individuals acting on behalf of or as existing/historical and potential clients. | Legal Obligation |
| To request feedback from individuals acting on behalf of or as existing/historical and potential clients following the provision of services. | Legitimate Interests (necessary for the controller to improve services or to establish the quality of requested services). |
| To publish feedback from and concerning identifiable individuals acting on behalf of or as existing/historical and potential clients following the provision of services. | Consent |
Disclosure of Personal Data
The controller may disclose individuals acting on behalf of or as existing/historical and potential clients personal data to other controllers and processors for a variety of purposes.
| Third Party | Category of Recipient |
| Email, messaging and call service providers. | Processor |
| Customer Relationship Management systems. | Processor |
| Website Providers. | Processor |
| Regulators. | Controller |
| Payment and Invoicing Service Providers. | Processor |
| Graphic Design Software. | Processor |
| Cloud Storage. | Processor |
| Social Media Platforms. | Processor |
| Review Platforms. | Processor |
| Document Providers. | Processor |
| Contract Facilitation Providers. | Processor |
Data Retention
To determine the appropriate retention period for personal data, the controller considers the amount, nature and sensitivity of the personal data, the potential risk, of harm from unauthorised use or disclosure of personal data, and the purposes for which the controller processes personal data and whether the controller can achieve those purposes through other means, including applicable legal requirements.
Details of retention periods for different aspects of personal data are available upon request.
International Transfers
Personal data is not transferred outside of the UK or EEA. Should this change in the future, this Privacy Policy will be updated to reflect the security measures that are in place to ensure that any such transfer is subject to an adequacy decision or appropriate safeguard, where applicable.
Data Protection Rights
Under data protection law, any individuals acting on behalf of or as existing/historical and potential clients have rights including:
Your right of access – You have the right to ask the controller for copies of your personal information.
Your right to rectification – You have the right to ask the controller to rectify personal information you think is inaccurate. You also have the right to ask the controller to complete information you think is incomplete.
Your right to erasure – You have the right to ask the controller to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask the controller to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that the controller transfers the personal information you gave the controller to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, the controller has one month to respond to you.
Your right to withdraw consent – If you have provided the controller with consent for the processing of your personal data as may be the case for direct marketing, you have the right to withdraw that consent.
If you wish to make a request and/or would like to withdraw consent to the processing of any personal data, please contact the controller by using the following contact information:
Address: data@thefinprompro.com
Complaints
If you have any concerns about the controller’s use of your personal information, you can make a complaint to the controller by using the contact information provided within this Privacy Policy.
You can also complain to the ICO if you are unhappy with how the controller has used your personal data. The controller would, however, appreciate the opportunity to resolve any complaints directly with you.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Changes To This Privacy Policy
The controller is entitled to change this Privacy Policy at any time whether or not required by law. The controller will inform individuals acting on behalf of or as existing/historical and potential clients about changes to this Privacy Policy where the controller makes a substantial change. This Privacy Policy was last updated on 25/01/2024. Version 1.0.
Your Financial Promotion Professional 