RiskSave Compliance

Privacy Policy

Privacy and Use Of Cookies

Overview

RiskSave respects your right to privacy.

This policy sets out how RiskSave Technologies Ltd (“RiskSave”) processes personal data in accordance with applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

RiskSave is registered in England and Wales (No. 09930262), and the Registered address is 2 Eastbourne Terrace, London, England, W2 6LG. RiskSave is registered with the Information Commissioner’s Office (No. ZA192332).

Any details provided to us through a Contact page or otherwise may be recorded in our client database, however it is not required for you to provide us with any personal information to make use of this site or its features

Any details provided to us through a Contact page or otherwise may be recorded in our client database, however it is not required for you to provide us with any personal information to make use of this site or its features

 

Data Usage

RiskSave are principally a ‘Data Controller’ however, the firm also maintains responsibility for Appointed Representative that function as both controllers and processors. RiskSave may collect the following types of data either in the course of business with an AR or in processing employee records:

  • Passport / Driver’s License / Other official identification documents.

  • Health records (relating to employee health insurance and to potential client vulnerabilities).

  • Payroll and staff pension details.

  • Bank details and bank statements.

  • Source of wealth information.

  • Taxation records.

  • Disclosure and Barring Service (DBS) checks.

  • PEPs / Sanctions records.

  • Religious beliefs relating to investment behaviour.

 

Lawful Basis

Under the UK GDPR and the Data Protection Act 2018, a data controller must have a lawful basis to process personal data. RiskSave relies on the following three grounds:

  • Consent (UK) GDPR Article 6 (1)(a) - RiskSave have received explicit permission from the data subject after providing relevant information about how data will be used. Data subjects have the right to withdraw consent at any time.

  • Contract (UK) GDPR Article 6 (1)(b) – RiskSave need to collect or use the data to be able to enter into or carry out a contract with data subjects.

  • Legal obligation (UK) GDPR Article 6 (1)(c) – RiskSave need to collect or use data to comply with the law.

  •  

The UK GDPR provides data subjects with the rights to control how their data is processed. These are:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restrict processing

  • Right to object

  • Right to data portability

  • Automated decision-making rights

  • Right to withdraw consent

Processing data subject rights requests

RiskSave will respond to all data subject requests in accordance with the Data Protection Act:

  • Dates – RiskSave will respond to a data subject request without undue delay and at the latest within one month of receiving the request.

  • Fees - In most cases RiskSave will not charge a fee to comply with a data subject request however, a “reasonable fee” for the administrative costs of complying with the request may be levied if it is manifestly unfounded or excessive.

  • Exceptions – RiskSave may refuse a data subject request only under specific circumstances:

    • To comply with a legal obligation.

    • For the performance of a task carried out in the public interest or in the exercise of official authority.

    • For the establishment, exercise or defence of legal claims.

    • The request is manifestly unfounded or excessive request.

Data Retention

We retain personal information for as long as necessary to:

  • Fulfil the purposes described in this Privacy Policy

  • Comply with legal, regulatory, and recordkeeping requirements

  • Resolve disputes and enforce agreements

Retention periods may extend beyond the termination of a client relationship where required by law. Once data is not longer required it is security disposed of.

 

Disclosure of Information

We may disclose personal information to:

  • Regulatory authorities, courts, or law enforcement agencies

  • Fund administrators, custodians, auditors, and legal advisors

  • Technology providers and professional service firms

  • Affiliates and related entities

  • Third parties as required by law or with your consent

We do not sell personal information.

Personal Details

In order to improve our services, or for marketing, we may collect and record any information you provide us in a database. This database will only be used by us, or by third parties acting on our behalf. We do not sell or otherwise distribute client information.

We produce client briefing notes, marketing information on our services, and other newsletters. We may distribute these notes to you via email if we think it is appropriate. You may opt out of any such distributions at any time.

If you wish to review the information we hold about you, or wish for any such information to be deleted, please contact us.

If any of the details we hold on you are out of date, or inaccurate, please inform us so that we can correct them.

Cookies

RiskSave Technologies use cookies to obtain information about how our site is being used:

We use analytic cookies to understand how our site is being used. This measures the number of visitors and tells us how they navigate the site. No personal information is gathered through this form of tracking.

We offer sharing tools (Facebook, Twitter etc) – If you use these the sharing tools those sites set a variety of cookies.

You may manage cookie preferences through your browser settings.