This is our privacy policy. It tells you how we process (eg. collect, keep, use and delete) data that you, or others, may have provided when using our website or App for the purposes of operating your Penfold pension. Please read this policy to understand how we treat your information in line with the Data Protection Act 2018 and the UK General Data Protection Regulation (‘UK GDPR’).
We may change this notice from time to time by updating this policy. You should check the Website page it is located on (Privacy Policy | Penfold Pension (getpenfold.com)), from time to time to ensure that you are happy with any changes. If there are any significant changes we will notify you of these directly.
Our company name is Penfold Savings Limited and our registered address is 215-221 Borough High Street, London, SE1 1JA.
We have appointed a Data Protection Officer who is responsible for our privacy policy: Martin Kuzmicki. They can be contacted at DPO@getpenfold.com.
We are the controller of, and are responsible for, your personal data.
But, our custodian partner, Seccl Custody Limited (registered number 10430958), will also be the owner or controller of the data you pass through us to them for the purposes of operating your Penfold Pension. For some more information about the role of Seccl please see section 5 ‘How we use what we collect’, below.
We may collect, keep and use the following data about you:
We use information about you to:
UK law sets out specific reasons by which we can lawfully process your personal data. We’ll only use your personal data when one of these grounds is present. Below you can see how we use your personal data and the legal grounds for doing so. Please note that some legal grounds may be applicable to more than one type of data. We mention the most relevant one below.
We may also transfer your information outside the UK for the purpose of providing our services to you. Where this is done we will have the appropriate protections in place to ensure that your data has equivalent protections to those provided by UK law.
Please contact us if you have any questions about any of the information provided:
Your consent must be freely given, informed, specific, unambiguous and by a positive action by you.
Use of your information: Pension account information
You may have given us a letter of authority (LOA) stating that a third-party can manage or have access to your pension details.
Or, you may have a financial adviser, or other person assisting you with your finances, that you permit to have access to your pension details.
We will only provide third-party information that you have consented to them getting.
Use of your information: Third party data
We may request information about your family members, household or beneficiaries if this is necessary for the purposes of administering your Penfold pension. We will tell you why we are requesting this information. You may agree to provide us with this information.
Use of your information: Third party marketing
There may be products or services that our partners provide that we consider may be relevant to you. But, we will always get your consent before sharing your information with a third-party for marketing purposes.
You can opt-out of getting such marketing by contacting us or using the opt-out links that will be part of such marketing communications.
Use of your information: Medical Information
To decide on a request for early withdrawal on ill-health grounds we will require information from a medical professional or GP. Usually this will come from you, but we will ask for your consent if we need to contact them ourselves.
Use of your information: Vulnerability Information
You may provide us information about your personal circumstances that may reveal you are a vulnerable customer.
Use of your information: Cookies
On our website we use ‘third party’ cookies that collect information about how our individuals use our website. Please see our Cookies Policy for more information.
Personal data that you provide may be used by us when it’s necessary to enter into or perform the contract.
Use of your information: Setting up and operating your Penfold pension
This covers the following, and may involve the transfer of your information to a third-party if it’s necessary for us to perform our contract with you:
Use of your information: We use your personal data to comply with legal obligations, such as the following:
We use your information when we have a ‘legitimate interest’, and this interest is not outweighed by your privacy rights. Whenever we use this legal ground we balance the legitimate interest (either ours or another’s) against your reasonable expectations about how we use your data.
Use of your personal data: Use data analytics on customer use of our website or App.
Use of your personal data: We may contact you to research our products or services, or invite you to take part in a competition. You will receive marketing communications from us if you have requested information from us or opened an account with us and you have not opted out of receiving that marketing.
Use of your personal data: Use data analytics on your use of our website or App to improve our website, products/services, marketing, customer relationships and experiences
Use of your personal data: Provide partner organisations with information about customer fund choices, contribution, transfer or withdrawal activity.
If you do not agree with the contents of this policy, you may wish to cease viewing/using this Website, and or refrain from submitting your personal data to us. But, this is likely to mean that we cannot provide services to you, and we may have to close any pension plans or accounts that you have with us.
The same applies if we need to ask you for information about yourself (or another person) and you do not provide that to us. This may mean that we cannot provide you with some, or all, of our products or services.
If you have any requests concerning your personal data or any queries with regard to this notice, please contact us through the Contact Us section of our Website. We are registered with the Information Commissioner’s Office (ICO); our Registration number: ZA505781. Information on the Data Protection Act 2018 and the General Data Protection Regulation (the GDPR) is also available on the Information Commissioner’s website at https://ico.org.uk/. Under the GDPR, your individual rights in relation to your personal data are as follows (you can read more about your rights in detail here;
You have a right to a copy of and details of the personal data we hold about you. To obtain a copy of this, please contact us using the details set out in the Contact Us section of our Website. No charge will normally be made by us for providing this information. If your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
For the most part, you may visit our website without having to identify yourself. However, certain technical information is normally collected by us as a standard part of our services. This information relates to your IP address, information about your device and other technical information your browser provides us with, and data about your use of our website (such as when you use the website and how you interact with its content). If you call us, additional information such as your telephone number may be saved as a standard part of that communication.
11.1 Location Data
Certain services may involve the use of your location data. Use of your location data is, however, subject to your prior consent for each service.
Personal data obtained from third parties. We may obtain personal data about you from third party sources such as social media analytics, and from the following partners: Contego Solutions Limited (trading as “Northrow”) (company registered number 7358038).
11.2 How Do We Secure Your Personal Data?
We have robust procedures in place within our business:
11.3 How Long Do We Keep Personal Data?
We will keep your personal data only for so long as we need to do so, depending upon the nature of the data and our processing, and the grounds upon which we collected it. Your personal data will be deleted if we no longer need it
But, even if you are no longer a Penfold customer, we are obliged to keep certain records of our relationship to comply with rules set out by the Financial Conduct Authority or The Pensions Regulator or for legitimate business purposes. For example some information about pension transfers must be kept indefinitely; we must keep records of opt-outs from workplace pensions for at least 4 years, and, generally, keep your personal details for up to 6 years, once our relationship has ended.
Information we use for marketing purposes will be kept by us until you notify us that you no longer wish to receive this information. If you do notify us that you no longer wish to receive marketing information, we will keep an encrypted version of your contact information to ensure we respect your wishes.
Our website may contain links to other websites which are outside the control of Penfold and are not covered by this privacy notice. If you access other websites using the links provided, the operators of these websites may collect information from you which will be used by them in accordance with their privacy notice which may be different to the privacy notice of Penfold. You should exercise caution and look at the privacy notice applicable to the website in question.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see Use of Cookies.
A cookie is a small piece of code, sent from a website to a user’s internet browser, which allows that website to track the user’s previous activity when they return to that website. This allows us to provide you with the experience that you expect from us and lets us continually improve our service.
You can block cookies by changing the settings on your browser, but if you do you will not be able to access all or parts of our website. The types of cookies we may use are:
If you want more information about how cookies operate, or how to manage them, please visit About Cookies at http://www.aboutcookies.org.uk/.
Use of this website is subject to our terms of use