Privacy Policy

Last Updated – November 2022

  1. GENERAL

    1. Taylor Williams Ltd (“we” “us” “ our”) is committed to protecting and respecting your privacy. We are the data controller and will process your personal data in accordance with applicable privacy laws.
    2. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

      This policy applies to information we collect about:

      1. visitors to our website(s);
      2. customers;
      3. introducers’ personnel; and
      4. suppliers’ personnel.

  2. VISITORS TO OUR WEBSITE

    1. When you visit our website we may collect and process personal data about you in the following circumstances:

      1. when you complete the online contact forms on our website (“ Site”) providing us with your name, address, email address and contact number;
      2. whenever you provide information to us when reporting a problem with our Site, making a complaint, making an enquiry, or contacting us for any other reason. If you contact us, we may keep a record of that correspondence; and
      3. when you visit our Site we will retain details such as traffic data, location data, weblogs and other communication data, and the resources that you access (also see the “Cookies” section below),

      all of this information will be collected either directly or indirectly from you.

    2. Examples of how we may indirectly collect personal data from you are as follows:

      IP Address

      2.2.1). We may collect information about your device, including where available your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type, for system administration and engagement analysis.

      Cookies and Tracking

      2.2.2). A cookie is a small text file which is placed onto your computer (or other electronic device) when you access our website. For further information about cookies, our use of cookies, when we ask your consent before placing them, and how to disable them, please see our Cookies Policy.

    3. Our lawful basis. Our lawful basis for processing this personal data is because it is necessary for ours or a third party’s legitimate interests:

      1. to deal with new enquiries and generate new business;
      2. to run our business and administer and protect our website; and
      3. to study how individuals engage with and use our website.
    4. We may also send you marketing communications, but only if you have opted in to receive these on the website. You can also opt out of receiving them at any time (see the “Marketing” section below for more details).
    5. How long we retain this information. We will only keep your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, for example to respond to queries raised by you via the website or to show that we have treated you fairly. For further information about any retention periods, please contact us.

  3. CUSTOMERS

    1. If you are a customer or prospective customer, we will collect details such as name, address, email address, contact number, date of birth, marital status and also potentially national insurance number and financial information in order to provide our services to you. We will obtain this information directly from you.
    2. We may also receive details of credit checks directly from third party credit check providers where we have run these checks ourselves with your approval, or alternatively we may receive these results from you or the introducer referring you.
    3. Our lawful basis. Our lawful basis for processing this information is that it is necessary for:
      1. us to do so, to perform a contract that we have with you, or because you have asked us to take specific steps before entering into a contract; and
      2. ours or a third party’s legitimate interests, including:
        1. to set up and manage our customer relationships;
        2. to keep our records updated and to study how customers use our products and services; and
        3. to study how customers use our products and services, to develop them, to grow our business and to inform our marketing strategy.

    4. We may also use and collect your personal data with your consent:

      1. for marketing our other products and services by mail and email, unless we rely on the fact that you have previously purchased similar products or services from us and haven’t opted out of receiving marketing communications from us at any stage of your customer journey. You can opt out of receiving marketing communications at any time though, regardless of whether we are relying on your prior consent or the fact that you have previously purchased similar goods or services from us (see the “Marketing” section below for more details); or
      2. to obtain credit check results about you.

    5. How long we retain this information. We will retain customer personal data for as long as any contract you have is in force and up to 6 years thereafter.

  4. SUPPLIERS

    1. We will collect details such as contact names, address, email address and telephone number in order to contact you about goods and services we have ordered from your organisation, to comply with our contractual obligations and to place further orders. We will collect this information either from you directly, from your organisation, or from publicly available sources such as Companies House or LinkedIn.
    2. Our lawful basis. Our lawful basis for processing this personal data is because it is necessary for our legitimate interests to run our business and manage our suppliers.
    3. How long we retain this information. We will keep your personal data for as long as we require goods or services from your organisation and in order to keep a record of communications sent and received from you, subject to a maximum of 6 years from the date of our last contact with you.

  5. INTRODUCERS

    1. We will collect details such as name, address, contact numbers, authorisation and qualifications, via introducer application forms. Depending on the legal structure of the prospective introducer such personal data may relate to a sole trader, directors, company secretaries, shareholders, and partners. We will collect this information either from you directly, from your organisation, or from publicly available sources such as Companies House or LinkedIn.
    2. Our lawful basis. Our lawful basis for processing this information is that it is necessary for:
      1. our legitimate interests to run our business, manage our network of introducers and attract new customers; and
      2. us to comply with our legal obligations. To comply with our legal obligations we will:
        1. use your personal data to ensure you are suitable to act as an introducer and we satisfy the requirements of the ‘Principles for Business’ in accordance with the Financial Services and Markets Act 2000 (“ FSMA”) and Financial Conduct Authority Handbook rules;
        2. pass your personal data to the Financial Conduct Authority in order to comply with our legal obligations and may also pass your personal data to the Financial Ombudsman Services and the Financial Services Compensation Scheme to assist with an investigation or complaint or the Prudential Regulation Authority, Solicitors Regulation Authority, European Accounting Association or other authorities required by law; and
        3. use your personal data to facilitate the payment of commissions to you or your organisation.
    3. We may also send you marketing communications in respect of our products and services by mail and email, either because you have requested these or because the marketing is considered business-to-business marketing.
    4. How long we retain this information. We will keep your personal data for as long as you are introducers to us subject to a maximum of 6 years from the date of our last contact with you or expiry of our last contract.

  6. MARKETING

    1. We may use customer personal data to provide you with details about our services, products and business updates which we think may be of interest. We will only send you marketing correspondence where:
      1. you have given us your consent to do so;
      2. you have previously purchased similar products or services from us and haven’t opted out of receiving marketing communications from us at any stage of your customer journey; or
      3. the marketing is considered business-to-business marketing.
    2. You have the right to opt-out of receiving marketing communications at any time. To opt-out of receiving such information you can:
      1. tick the relevant box situated in the form on which we collect your information;
      2. clicking the unsubscribe button contained in any such communication received; or
      3. email us at [email protected] or call 020 7371 0910 providing us with your name and contact details.
    3. We will only keep your personal data that we have collected for marketing purposes for as long as reasonably necessary to fulfil those marketing purposes and also to ensure that we comply with any opt out or unsubscribe requests. For further information about such retention periods, please contact us.

  7. DISCLOSURE OF YOUR DATA to third parties

    1. In addition to the third parties mentioned previously in this policy, we may disclose your personal data to third parties for the following legitimate business purposes:
      1. where you are a customer, financial institutions to assist in the provision of financial services to you, including introducers who referred you to us;
      2. IT software providers that host our website and store data on our behalf, including our CRM system provider;
      3. Service providers who provide us with software solutions and platforms in order to carry out our business and provide services (including, without limitation, open banking services);
      4. to a prospective buyer of some or all of our business or assets, in which case personal data will also be one of the transferred assets. The recipient of the information will be bound by confidentiality obligations; and
      5. to external auditors, e.g. in relation to ISO accreditation and the audit of our accounts.
    2. We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you.
    3. We may disclose your personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
    4. We will not sell or distribute your personal data to other organisations without your approval.

  8. CROSS- BORDER DATA TRANSFERS

    1. We may share your personal information with external third parties in order to provide our services to you. Some of these parties may transfer personal data outside the United Kingdom. We require such third parties to ensure that such transfers take place in accordance with data protection legislation.
    2. Whenever we transfer your personal data out of the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
      1. we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the United Kingdom (UK); or
      2. where we use certain service providers, we may use specific contracts approved by the ICO which give personal data the same protection it has in in the UK.
    3. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the United Kingdom.

  9. DATA SECURITY

    1. Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
    2. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

  10. ACCESS TO, UPDATING, DELETING AND RESTRICTING USE OF YOUR DATA

    1. It is important that the personal data we hold about you is accurate and current. Please keep us informed if the personal data we hold about you changes.
    2. Data protection legislation gives you certain rights in relation to your personal data. You have the right to object to the processing of your personal data in certain circumstances and to withdraw your consent to the processing of your personal data where this has been provided.
    3. You can also ask us to undertake the following:
      1. update or amend your personal data if you feel this is inaccurate;
      2. remove your personal data from our database entirely;
      3. send you copies of your personal data in a commonly used format and transfer your information to another entity where you have supplied this to us, and we process this electronically with your consent or where necessary for the performance of a contract;
      4. restrict the use of your personal data; and
      5. provide you with access to information held about you and for this to be provided in an intelligible form.
    4. We may request specific information from you to help us confirm your identity. Data protection legislation may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
    5. Please send any requests relating to the above to our Privacy Officer at [email protected] specifying your name and the action you would like us to undertake.

  11. RIGHT TO WITHDRAW CONSENT

    Where you have provided your consent to the collection, processing and transfer of your personal data, you may withdraw that consent at any time. This will not affect the lawfulness of data processing based on consent before it is withdrawn. To withdraw your consent please contact us at [email protected] .

  12. CHANGES TO OUR PRIVACY POLICY

    We reserve the right to update this privacy policy at any time, and any changes we make to our privacy policy will be posted on this page. We will notify you if there are any changes to this policy that materially affect how we collect, store or process your personal data. If we wish to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation.

  13. CONTACT US

    We have appointed a Privacy Officer to oversee compliance with this privacy policy. If you have any questions, comments or requests regarding this policy or how we use your personal data please contact our Privacy Officer at [email protected] or 020 7371 0910 . This is in addition to your right to contact the Information Commissioners Office if you are unsatisfied with our response to any issues you raise at https://ico.org.uk/global/contact-us/ .