Privacy & Cookie Policy

City Asset Management Plc treats your privacy very seriously and we are committed to ensuring your personal data is protected.    Our Privacy Policy contains important information on how we comply with applicable UK data protection legislation. EU General Data Protection Regulation (GDPR) replaces the Data Protection Act 1998.  GDPR lays out our obligations in regard to the data we collect, what we do with that information, who we may share it with, and your choices and rights to that information.

How to contact us

If you have any questions about our Privacy Policy or the information we collect and use about you, please contact:

Data Protection Officer
City Asset Management
7 Bishopsgate, London
EC2N 3AR                                  Email:  GDPRqueries@city-asset.co.uk

What information do we collect on you?

In order to provide services to you and meet legal requirement in the execution of those services we may need to collect the following:

  • Information about who you are - name, date of birth and contact details.
  • Information connected to the service of your portfolio - bank account details
  • Information about your circumstances - your financial details, investment knowledge and objectives, employment and other investments
  • Information about your contact with us - meeting notes, phone calls, emails and letters.
  • Information that is automatically collected - cookies when you visit one of our websites
  • Information when you visit our office - visual images collected via closed circuit television (CCTV)
  • Information collected as sensitive personal information - details relating to your health, marital or partnership status, sexual orientation, political affiliations and religion
  • Information you provide about other people - joint applicants or beneficiaries or authorities on your accounts.
  • Information on children - name, age and gender

How do we collect your information?

We mostly collect your personal information directly from you, including:

  • Application for service
  • Phone conversations
  • Emails or letters you send to us
  • Meetings with our team
  • Our online services, such as website.

If you have a financial adviser, the information we collect and use may have been provided by them on your behalf.  We may also collect personal information on you from places such as directories or other publicly available sources to check or improve the information we hold, like your address, or to give better contact information if we are unable to contact you directly.

The data you have provided may be shared with fraud prevention agencies to prevent fraud, money laundering and to verify your identity.

How do we use your personal information?

We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary and lawful to do so.  We will collect and use your information only where:

You have signed up to portfolio management services with us (Contract).   This may include us making data available to our agents for the purpose of executing order, settlement of transactions and holding investments and money for you or any other related purposes, such as printing your annual valuations.

Where it is necessary for us to meet our legal or regulatory obligations (Legal Obligation).  This can include telling you about changes to our terms and conditions, preventing financial crime, details required by regulatory or government agencies.

Verifying your identity – This is so that we can comply with the regulations around fraud, money-laundering and terrorist financing.

It is in your or our interest (Legitimate Interest) to provide you with information or options about investments that may affect you or provide updates on policy changes that may impact you.  This can include good governance, accounting and auditing reasons.

You have given us your permission (Consent) to send your information about our products and services and/or selected third parties which may be of interest to you.

Please note that we only use details on children to manage portfolios where they may be the beneficiary and will only collect and use the information required to ensure the effective management of that portfolio. Where we collect sensitive personal data, we will only use this information where needed to provide our service to you or comply with our legal obligations.  When providing data is optional, we will ask for your consent.  If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our services.

Where we change the way we collect, use or store your information, we will provide you with an updated policy and details on the changes.

Marketing Preferences

We may use your name, address and email address for marketing purposes when you have consented for us to do so.  We will contact you according to your preferences and consent and you have the right to revoke consent at any time using the unsubscribe button on any email material or contacting us directly to remove you for our lists of marketing recipients.  Consent forms for the receipt of marketing materials may be found in your application and online.

Who may we share your information with?

We may share your information with third parties for the reasons detailed above. Whenever we share your personal information, we will do in line with our obligations to keep your information safe and secure. This can include your financial adviser and companies we have chosen to support us in the delivery of services we offer to you.

All companies that process your data in relation to our services must undergo a due diligence process to ensure their integrity and commitment to providing the agreed service and protection of data provided to them in that regard.

  • Our regulators, the Financial Conduct Authority (FCA) and the Information Commissioner’s Office for the UK (ICO)
  • Law enforcement, credit and identify check agencies for the prevention and detection of crime.
  • HM Revenue & Customs (HMRC) for the purpose of tax information for both UK tax requirement and/or other country obligations you may be liable for.

We will never sell your details to someone else. 

How do we protect your information?

We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.

Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake training on this.

Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.

Where is your information processed?

The majority of your information is processed in the UK and European Economic Area (EEA). 

However, some of your information may be processed by us or third parties we may work with outside of the EEA, including countries such as the United States.  Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. we will put in place legal agreements with our third-party suppliers and do regular checks to ensure they meet these obligations.

How long do we keep your information?

We will keep your personal information only where it is necessary to provide you with our products or services while you are a client.

We may also keep your information after this period but only where required to meet our legal or regulatory obligations. The length of time we keep your information for these purposes will vary depending on the obligations we need to meet.

What are your individual rights?

GDPR grants you rights in relation to how we use your information.  Please note that these rights do not apply in all circumstances and we will discuss the details with you on request.

Right to be informed - You have a right to receive clear and easy to understand information on what personal information we have, why and who we share it with and we do this in our Privacy Policy and privacy notices and disclosures with you.

Right of access - You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request.  For more information, please see the section below.

Right to request that your personal information be rectified - If your personal information is inaccurate or incomplete, you can request that it is corrected.  In order for us to provide you with our service, it is important that you keep us updated on any changes to your data.

Right to request erasure - You can ask that your information be deleted or removed.  However, we are under legal requirements to keep many details after you cease to be a client.  This is required to meet obligations to our regulator and/or government agencies and system integrity.  In some cases, it may also be in your interest for us to continue to keep information so that we may assist you in queries or complaints about past services.

Right to request deletion of your data - We promise to look at your request individually and delete any data that may no longer be required or not related to our outstanding obligations or requirements where law and regulation permits us to do so.  Access to your information is restricted and protected within our IT infrastructure at all times, however, once you cease to be a client, this information is further restricted to protect data that isn’t required to be processed but only maintained.  This will continue for any information that we are unable to delete at your request.

Right to restrict processing - You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.  In some cases, this could restrict our ability to continue our services and we will discuss the impact with you.

Right to data portability - You can ask for a copy of your personal information for your own purposes to use across different services.  In certain circumstances, you may transfer some of the information we hold to another company in a safe and secure way, for example, if you were moving your portfolio to a new provider.

Right to object - You can object to us processing your personal information where: it’s based on our legitimate interests (including profiling); for direct marketing (including profiling); if we were using it for scientific/historical research and statistics; or we notify you of changes to the way we process our use your information.  In some cases, this may limit the service we are able to provide to you and will discuss any impact with you at the time of objection.

How can you access the data we hold about you?

You have the right to request the personal information that we hold about you and to obtain a copy of this information, or if you have any queries, please write to the following address:

The Data Protection Officer
City Asset Management Plc
7 Bishopsgate
London
EC2N 3AR

We will provide the information to you or a date of when it will be available within 30 days of your request.

The Information Commissioner’s Office is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. They can be contacted via their website at:  https://ico.org.uk/

Cookies

A cookie is a small file of alphanumeric characters that is downloaded to your computer’s hard drive via your web browser, that enables the website you are accessing to recognise your device. They are widely used to help aid website efficiency as well as provide information to the website owners.

Our website currently uses cookies for two reasons.  First, to improve your personal user experience and secondly to understand how our website is being used.  Most modern browsers allow you to decide whether to accept cookies, and how long to keep them, but if you reject cookies it may impair some of the functionality of this website. We undertake not to abuse the personal identification aspect of cookies.

This website is built on the Squarespace platform. Squarespace may use cookies which are necessary for the proper operation of their system, and to track the usage of this website in order to provide statistics to help the site owners understand how the site is being used – and ultimately provide an improved user experience. These statistics do not include your personal details or any other information that identifies you. 

Our website also uses Google Analytics which are cookies designed to collect information on how visitors use our site. The cookies collect information in an anonymous form. For more information visit Google’s privacy overview.

You can opt out of being tracked by Google Analytics across all websites here

How we use cookies

We use Google Analytics to collect information about how people use this site. We do this to make sure it’s meeting its users’ needs and to understand how we could improve.  Google Analytics stores information about what pages are viewed, how long users are on the site, how they got here and what they have click on. We do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. We do not allow Google to use or share our analytics data and Google's privacy policy is available here

The following cookies are used by Google Analytics:

 

Name: _utma

Typical Content: randomly generated number

Expires: 2 years

Name:_utmb

Typical Content: randomly generated number

Expires: 30 minutes

 
 

Name:_utmc

Typical Content: randomly generated number

Expires: when you close your browser

Name:_utmx

Typical Content: randomly generated number

Expires: 2 years

 

Our site may, in future, allow us to provide you with options to improve your visit by remembering information you put into a form for example. Our site may also use Javascript and if so it will identify if your browser has Javascript enabled and set a cookie for the duration of your visit.

Name: Has_js

Typical Content: randomly generated number

Expires: When you close your browser

Our site also checks to see if you are using a browser on a mobile device so that we can provide you with a version of the site that is easier to use on a smaller screen.  The site then sets a cookie so that every page is then delivered in the mobile version.

Name: Mobileplugin group

Typical Content: randomly generated number

Expires: When you close your browser

For more information on cookies, including how to manage and delete can be found here  

Third party websites

On this website we may provide links to other third party websites.  You need to be aware that we have no control over third party websites and your data will be subject to the privacy policies of those sites 

Changes to privacy policy

We regularly review our privacy policy and may change it without notice. This policy was last updated in May 2018.

 

FJ2589