SJP UAE privacy policy
The information on this page is relevant for UAE. Our Asia privacy policy can be accessed here.
St. James’s Place (Middle East) Limited (“St. James’s Place”) is regulated by the Dubai Financial Services Authority and is authorised to conduct the Financial Services of “Advising on Financial Products” and “Arranging Deals in Investments” in and from the Dubai International Financial Centre (“DIFC).
As a corporation incorporated in the DIFC, St. James’s Place has an obligation to comply with the Data Protection Law DIFC Law No. 5 of 2020, and other applicable regulations, codes, guidelines, directives, handbooks, practice notes or binding notices, circulars and policy statements as applicable to the entities incorporated in the DIFC, regardless of whether the processing takes place in the DIFC or not (“Data Protection Legislation”).
St. James’s Place will be the data controller of your personal information.
Further, depending on the product you decide to purchase, your data controller will be another entity within the St. James’s Place Group or relevant third party. You will be notified of the identity and contact methods of the relevant data controller once you decide to purchase one of the products offered by the wider St. James’s Place Group or third party.
If you are unsure about who the data controller of your personal information is, you can contact us at any time using the contact details as confirmed below.
For the purposes of this section and section 4, "we" and "our" shall refer to the relevant data controller as above according to the product that you have and "product" shall refer to the relevant product you hold. Further, by the “St. James’s Place Group’” we mean St. James’s Place plc and its subsidiaries, including St. James’s Place (Middle East) Limited.
We will collect and use different personal information about you for different reasons (and by personal information we mean any information referring to an identified or identifiable natural person), depending on our relationship with you and the product held.
When processing your personal information, we will ensure that your personal data is processed lawfully, fairly and in a transparent manner.
Sometimes we will receive “special categories of personal data” (which is personal data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade-union membership and health or sex life and including genetic data and biometric data where it is used for the purpose of uniquely identifying a natural person).
We may also collect criminal convictions data for fraud prevention purposes.
We also use details of any unspent criminal convictions provided for fraud prevention purposes. However, we will only do so where we have your explicit consent or where such processing is necessary for us to enter into and perform our contract with you.
Where you provide personal information to us about other individuals (for example, members of your family or other dependents) we will also be data controller of their personal information and we are responsible for protecting their personal information and using it appropriately.
This notice will therefore apply to those individuals and you should refer them to this notice.
In order to make this notice as user friendly as possible, we have split it into different sections. Please click on the section below that best describes your relationship with us and the service you receive from us.
This section will apply if you are an existing client of ours and you have purchased a product offered by the St. James's Place Group (e.g. International Investment Bond or Unit Trust) or a third party with whom St. James’s Place has terms of business.
- General information such as your name, address, phone numbers, email addresses, date of birth, gender and marital status.
- Identification information including passport, driving licence, government issued ID verification and address verification documents such as DEWA or tenancy agreement or bank statement.
- Employment information such as job title, employment history and professional accreditations.
- Financial information relevant to the products we recommend, including:
- Bank details
- Financial reviews (fact finds)
- Information relating to your personal finances such as your financial liabilities and assets, income and outgoings.
- Information obtained from carrying out identification checks and checking sanction lists and politically exposed persons (PEP) screening, including bankruptcy orders or where you have been flagged as a PEP.
- Information about your family including information about your dependants.
- Information obtained during telephone recordings where recorded.
- Information obtained during the course of emails, queries and complaints.
- Your marketing preferences and details of your customer experience with us.
- Information such as IP address and browsing history obtained through our use of cookies.
- Personal data of those individuals who have rights under or in connection with products you hold such as lives assured, dependents, nominated beneficiaries, trustees, authorised representatives, independent financial advisors, and lawyers.
- We may collect details about your health which are relevant to your application (e.g. we may ask you about any medical conditions that affect you to establish whether you are deemed to be a vulnerable client or for underwriting purposes on behalf of the provider).
- In some circumstances details of relevant criminal convictions / offences and any related information may be obtained from our sanctions checks and PEP screening and as such will be collected by us. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
- In limited circumstances, we may also collect information which relates to your trade union membership (for example when gathering your employment details), genetic or biometric data or data concerning your sex life or sexual orientation where we advise on or arrange joint products.
We will collect information directly from you when:
- You apply to or enter into a client agreement with us, or to purchase, vary or renew any product of the wider St. James’s Place Group or a third party with whom St. James’s Place has terms oof business; and
- You contact us by email, telephone and through other written and verbal communications.
We will also collect your personal information from:
- Your St James's Place Partner where applicable.
- The St James's Place (Middle East) Limited client relationship management system and hosted platforms.
- Publicly available sources such as (but not limited to) court judgments, insolvency registers, internet search engines and social media sites.
- Other companies within the St James's Place Group.
- Third parties such as Experian and SS&C who provide anti money laundering and fraud prevention services who we have appointed to carry out electronic ID checks, sanctions and politically exposed persons checking services, and platforms such as Dow Jones and Napier.
There are a number of reasons we use your personal information and for each use we need to have a lawful basis to do so, and any one or more of the following shall constitute a lawful basis for processing of your personal information:
- We have your consent.
- We need to use your personal information to enter into or perform the client agreement that we hold with you. For example, we need to use your personal information to provide our services and assist you with the purchase and administration of the products that you have purchased based on our recommendations.
- We need to process your personal data in order to comply the applicable law. For example, we need to record and store your personal information when our regulators require us to hold certain records of our dealings with you.
- Our processing is necessary in order to protect your vital interests or vital interests of another natural person.
- We need to process your personal information for the purpose of legitimate interests pursued by us or a third party to whom your personal information has been made available, except where such interests are overridden by your interests or rights. For example, we need to use your personal information to maintain business records, to review our business models, to undertake strategic and operational business analysis of the services we provide or products we distribute, to maintain management information, and for internal audit purposes.
In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.
When we use your special categories of personal data, we must have an additional lawful basis and we will rely on the following lawful basis in these circumstances:
- You have given us your explicit consent to our use of your special categories of personal data. For example, such explicit consent will be required when we need to use your health information for purposes relating to a policy of insurance or life assurance, or a policy of health insurance or health-related insurance.
- We need to process your personal information in order to protect your vital interests or vital interest of another natural person, where you or relevant data subject is physically or legally incapable of giving consent.
- Our processing relates to your personal data that has been made public by you.
- We need to use such special categories of personal data to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
- Our processing is necessary for compliance with a specific requirement of the applicable law to which we are is subject, however in any such circumstances we will provide you with clear notice of such processing as soon as reasonably practicable unless the obligation in question prohibits such notice being given.
- Our processing is necessary to comply with the applicable law that applies to us in relation to anti-money laundering or counter-terrorist financing obligations or the prevention, detection or prosecution of any crime.
Purpose for processing | Lawful basis for using your personal information | Lawful basis for using your special categories of personal data or information relating to criminal convictions and offences |
To carry out identification checks. |
|
|
To provide our services to you |
|
|
To carry out annual reviews and reviews of ongoing suitability of your current arrangements as required. |
|
|
To prevent and investigate fraud. |
|
|
To comply with our legal or regulatory obligations. |
|
|
To communicate with you and resolve any complaints that you might have. |
|
|
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys |
|
|
To apply for and claim on our own insurance. |
|
|
This section will apply if you are a prospective client of ours and you are interested in purchasing our services or product offered by the St. James's Place Group (e.g. International Investment Bond or Unit Trust) or a third party with whom St. James’s Place has terms of business.
- General information such as your name, address, phone numbers and email addresses, date of birth, gender and marital status.
- Identification information including passport, driving licence, government issued ID verification and address verification documents such as DEWA or tenancy agreement or bank statement.
- Employment information such as job title, employment history and professional accreditations.
- Financial information relevant to the products we recommend, including:
- Bank details
- Financial reviews (fact finds)
- Information relating to your personal finances such as your financial liabilities and assets, income and outgoings.
- Information obtained from carrying out identification checks and checking sanction lists and politically exposed persons (PEP) screening, including bankruptcy orders or where you have been flagged as a PEP.
- Information about your family including information about your dependants.
- Information obtained during telephone recordings where recorded.
- Information obtained during the course of emails, queries and complaints.
- Your marketing preferences and details of your customer experience with us.
- Information such as IP address and browsing history obtained through our use of cookies.
- Personal data of those individuals who have rights under or in connection with products you hold such as lives assured, dependents, nominated beneficiaries, trustees, authorised representatives, independent financial advisors, and lawyers.
- Information such as IP address and browsing history obtained through our use of cookies.
- We may collect details about your health which are relevant to your (e.g. we may ask you about any medical conditions that affect you to establish whether you are deemed to be a vulnerable client or for underwriting purposes on behalf of the provider).
- In some circumstances details of relevant criminal convictions / offences and any related information may be obtained from our sanctions checks and PEP screening and as such will be collected by us. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
- In limited circumstances, we may also collect information which relates to your trade union membership (for example when gathering your employment details), genetic or biometric data or data concerning your sex life or sexual orientation where we advise on or arrange joint products.
How will we collect your personal information?
We will collect information directly from you when:
- You enquire about a product or services offered by any members of the wider St. James’s Place Group or a third party with whom St. James’s Place has terms of business or apply to purchase any products of the St. James's Place Group or a third party with whom the wider St. James’s Place Group has terms of business for the distribution of its products; and
- You contact us by email, telephone and through other written and verbal communications.
We will also collect your personal information from:
- Your St. James’s Place Partner where applicable.
- The St James's Place (Middle East) Limited client relationship management system and hosted platforms.
- Other companies within the St James's Place Group.
- Publicly available sources such as (but not limited to) internet search engines and social media sites.
- Third parties such as Experian and SS&C who provide anti money laundering and fraud prevention services who we have appointed to carry out electronic ID checks, sanctions and politically exposed persons checking services, and platforms such as Dow Jones and Napier.
There are a number of reasons we use your personal information and for each use we need to have a lawful basis to do so, and any one or more of the following shall constitute a lawful basis for processing of your personal information:
- We have your consent.
- We need to use your personal information to enter into or perform the client agreement that we hold with you. For example, we need to use your personal information to provide our services, and assist you with the purchase and administration of the products that you have purchased based on our recommendations.
- We need to process your personal data to comply with the applicable laws. For example, we need to record and store your personal information when our regulators require us to hold certain records of our dealings with you.
- We need to process your personal information for the purpose of legitimate interests pursued by us or a third party to whom your personal has been made available, except where such interests are overridden by your interests or rights. For example we need to use your personal information to maintain business records, to review our business models, to undertake strategic and operational business analysis of the services we provide or products we distribute, to maintain management information, and for internal audit purposes.
In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.
When we use your special categories of personal data, we must have an additional lawful basis and we will rely on the following lawful basis in these circumstances:
- You have given us your explicit consent to our use of your special categories of personal data. For example, such explicit consent will be required when we need to use your health information for purposes relating to a policy of insurance or life assurance, or a policy of health insurance or health-related insurance.
- Our processing relates to your personal data that has been made public by you.
- We need to use such special categories of personal data to establish, exercise or defend legal rights, such as when we are facing legal proceedings or want to bring legal proceedings ourselves.
- Our processing is necessary for compliance with a specific requirement of the applicable law to which we are subject, however in any such circumstances we will provide you with clear notice of such processing as soon as reasonably practicable unless the obligation in question prohibits such notice being given.
- Our processing is necessary to comply with the applicable law that applies to us in relation to anti-money laundering or counter-terrorist financing obligations or the prevention, detection or prosecution of any crime.
Purpose for processing | Lawful basis for using your personal information | Lawful basis for using your special categories of personal data or information relating to criminal convictions and offences |
To carry out identification checks |
|
|
To answer any queries you may have and to provide you with our services or a quote for the product in question. |
|
|
To arrange a product for you. |
|
|
To prevent and investigate fraud. |
|
|
To comply with our legal or regulatory obligations. |
|
|
To communicate with you and resolve any complaints that you might have. |
|
|
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys). |
|
|
For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information. |
|
|
To apply for and claim on our own insurance. |
|
|
This section will apply if your personal information has been provided to us based on our recommendation of certain products or during the process of assisting with an application for certain products of the St. James’s Place Group or third party with whom St. James’s Place has terms of business, for example if you are listed as a beneficiary in an application for one of our products. This section will set out how we use your information.
- General information such as your name, address, phone numbers, email addresses, date of birth, gender and marital status.
- Your relationship to our client or prospective client.
- Financial information relating to your financial liabilities, for example details of you and your partner's property portfolio to enable us to establish that the product our client or prospective client is looking to purchase is appropriate.
- Any information which is relevant to the product we recommend to our client or prospective client.
- We may collect details about your health which are relevant to the product we will be recommending to our client or prospective client.
- In limited circumstances, we may also collect information concerning your sex life or sexual orientation, for example where you are in a civil partnership with our client or prospective client.
- Directly from our client or prospective client.
- From documents directly provided to us by our client or prospective client, such as fact finding, application forms for products where you are listed as a dependant or employment related documents or other business documents where you are listed as a business partner of our client or prospective client.
- The St. James's Place’s Group client relationship management system and hosted platforms.
There are a number of reasons we use your personal information and for each use we need to have a lawful basis to do so, and any one or more of the following shall constitute a lawful basis for processing of your personal information:
- We have your consent.
- We need to process your personal data to comply with the applicable laws. For example, we need to record and store your personal information when our regulators require us to hold certain records of our dealings with you.
- We need to process your personal information for the purpose of legitimate interests pursued by us or a third party to whom your personal has been made available, except where such interests are overridden by your interests or rights. For example, we need to use your personal information to maintain business records, to review our business models, to undertake strategic and operational business analysis of the services we provide or the products we distribute, to maintain management information, and for internal audit purposes.
In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.
When we use your special categories of personal data, we must have an additional lawful basis and we will rely on the following lawful basis in these circumstances:
- You have given us your explicit consent to our use of your special categories of personal data, which may have been provided to us by your family member or business associate who is our client.
- Our processing relates to your personal data that has been made public by you.
- Our processing is necessary for compliance with a specific requirement of the applicable law to which we are subject, however in any such circumstances we will provide you with clear notice of such processing as soon as reasonably practicable unless the obligation in question prohibits such notice being given.
Purpose for processing | Lawful basis for using your personal information | Lawful basis for using your special categories of personal data or information relating to criminal convictions and offences |
To provide services to our clients or prospective clients |
|
|
To comply with our legal or regulatory obligations. |
|
|
For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information. |
|
|
- General information such as your name, address, business phone numbers and email addresses.
- Employment information such as job title, business cards and professional accreditations.
- Information about your clients and the services and products you offer.
- Your bank details and information obtained from checking sanction lists and credit checks.
- Information which we have gathered from publicly available sources such as internet search engines and generally obtained as part of the due diligence process conducted by St. James’s Place and other companies within the St. James's Place Group.
- Directly from you.
- From other companies within the St. James's Place Group.
- From publicly available sources such as internet search engines.
- From service providers who carry out sanctions checks including SS&C, and platforms such as Dow Jones and Napier.
There are a number of reasons we use your personal information and for each use we need to have a lawful basis to do so, and any one or more of the following shall constitute a lawful basis for processing of your personal information:
- We have your consent.
- We need to use your personal information to enter into or perform the agreement that we hold with you.
- We need to process your personal data to comply with the applicable laws. For example, we need to record and store your personal information when our regulators require us to hold certain records of our dealings with you.
- We need to process your personal information for the purpose of legitimate interests pursued by us or a third party to whom your personal data has been made available, except where such interests are overridden by your interests or rights. For example, we need to use your personal information to maintain business records, to review our business models, to undertake strategic and operational business analysis of the services we provide and products we distribute, to maintain management information, and for internal audit purposes.
In each case we assess our need to use this personal information for these purposes against your rights to privacy to ensure we are protecting your rights.
Purpose for processing | Lawful basis for using your personal information | Lawful basis for using your special categories of personal data or information relating to criminal convictions and offences |
To carry out fraud, credit and anti-money laundering checks on you |
|
|
To carry out due diligence on you. |
|
|
To comply with our legal or regulatory obligations. |
|
|
For business purposes and activities including maintaining business records, file keeping, strategic business planning and internal audit, and management information. |
|
|
For compliance and monitoring purposes such as recording and managing complaints made against you by our clients. | We have your consent. It is necessary to enter into or perform the agreement, we hold with you. Processing is necessary for the purpose of legitimate interest pursued by us or a third party to whom the personal data has been made available (to ensure we are compliant and carrying out appropriate monitoring activities). We need to use your information in order to comply with our legal and regulatory obligations |
Please note that as we are regulated by the Dubai Financial Services Authority who imposes certain record-keeping rules which we must adhere to.
We will only keep your personal information for as long as reasonably necessary to fulfil the purposes set out in sections 2 - 5 above, to comply with our legal and regulatory obligations or for as long as necessary to respond to concerns you raise with the advice you received.
There are a number of instances where your personal information may be transferred outside of the DIFC such as when we transfer information to our other companies in the wider St. James’s Place Group or to third party suppliers who are based outside the DIFC or when third parties who act on our behalf transfer your personal information outside the DIFC.
Where such a transfer takes place, we will take the appropriate safeguarding measures to ensure that your personal information is adequately protected.
We will do so in a number of ways including:
- We will only transfer personal information the countries that have been deemed by the Commissioner of Data Protection to have adequate levels of data protection for the purpose of the transfer of personal data out of the DIFC;
- We will enter into relevant data transfer contracts, using specific contractual provisions that have been approved by the Commissioner of Data Protection otherwise known as the "standard contractual clauses" (DIFC SCC’s). You can find out more about standard contractual clauses at https://www.difc.ae/business/operating/data-protection/data-export-and-sharing/.
Depending on our relationship and your particular circumstances, we might transfer personal information anywhere in the world. An example of our regular data transfers outside the DIFC is set out below:
Country of transfer |
Reason for the transfer |
Method we use to protect your information | Categories of personal information that we may transfer |
|
|
We will enter into relevant data transfer contract using standard contractual clauses as approved by the Commissioner of Data Protection. |
Your personal information and special categories of your personal information as specified in sections 2-5 above. |
What is automated decision making?
Automated decision making refers to a situation where a decision is taken using personal information that is processed solely by automatic means (i.e. using an algorithm or other computer software) rather than a decision that is made with some form of human involvement. We do not currently use automated decision making as all decisions are reviewed by an individual.
What is profiling?
Profiling is any form of automated processing of personal information which evaluates certain personal aspects and we use profiling tools to assist in risk assessment and marketing activities.
We will use profiling in a number of circumstances including the following:
- for existing clients – where there are any investment fund switches, we will use systems to monitor irregular activity; and
- using a financial strategy segment profiling tool which uses information such as date of birth, occupation and financial information to determine appropriate investment wealth bands.
You have several rights which you can exercise at any time relating to the personal information that we hold about you and use in the ways set out in this notice.
We respect your rights and will always consider and assess them but please be aware that there may be some instances where we cannot comply with a request that you make as the consequence might be that:
- in doing so we could not comply with our own legal or regulatory requirements for example we are under obligations to hold records of our dealings with you for certain periods of time; or
- in doing so we could not provide services to you and would have to cancel your client agreement, for example we could not enter into investments on your behalf if we had deleted your personal information.
We will of course inform you if any of the above situations arise and if we are unable to comply with your request.
You are entitled to a copy of the personal information we hold about you and certain details of how we use it.
We are happy to provide you with such details but in the interests of confidentiality, we follow strict disclosure procedures which may mean that we will require proof of identify from you prior to disclosing such information.
We will usually provide your personal information to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal information will be provided to you by electronic means where possible.
We will provide you with a copy of personal information without charge and within one (1) month of the request.
Please help us to keep your personal information accurate and up to date so if you believe that there are any inaccuracies, discrepancies or gaps in the information we hold about you, please contact us and ask us to update or amend it.
In certain circumstances, you have the right to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to use your personal information.
Where we rely on your consent to process your personal information, you have the right to withdraw such consent to further use of your personal information.
You are entitled to request your personal information to be deleted in certain circumstances such as where we no longer need your personal information for the purpose we originally collected it. When you exercise this right, we need to consider other factors such as our own regulatory obligation, including an obligation to assess whether we can comply with your request or whether we are required to retain your personal information for the establishment or defence of legal claims.
In certain circumstances, where we only process your personal data because we have a legitimate business need to do so, you have the right to object to our processing of your personal data.
You also have a right to be informed before personal data is disclosed for the first time or used for the purposes of direct marketing, and expressly offered the right to object to such disclosures or uses, and where your personal information is processed for direct marketing purposes, object at any time to such processing, including profiling to the extent that it is related to such direct marketing.
In certain circumstances, you can request that we transfer personal information that you have provided to us.
When you exercise this right, we need to consider other factors such as our own regulatory obligations, to assess whether we can comply with your request.
Whilst we use software to carry out automated decision making (as set out in section 8 above), we will always have some form of human involvement to check any decisions made that arise out of such automated decisions. This complies with your data protection rights to have a decision taken by automated means reviewed.
You can exercise your right in one the following way:
- post to our registered address at at Gate District Precinct Building 03, Units 706, 707, & 708, Level 7, Dubai International Financial Centre, United Arab Emirates, P.O. Box 507256, (Tel: +971 (0)4 836 0400),
- email at St. James’s Place Data Protection Officer: [email protected]
If you believe that we have breached data protection laws when using your personal information, you have a right to complain to the Commissioner of Data Protection.
You can visit their website at https://www.difc.ae/ Please note that lodging a complaint will not affect any other legal rights or remedies that you have.
If you would like any further information about any of the matters in this notice or if you have any other questions about how we collect, store or use your personal information, you may contact the St. James’s Place Data Protection Officer at St. [email protected].
You can also contact your Partner at the contact details set out in their Privacy Policy (as provided to you on their headed paper) if you would like any further information about how they collect, store or use your personal information.
At the St. James’s Place Group, we take our responsibility to look after your personal information and privacy seriously. In today’s world, we have all seen a growing trend in cybercrime and security breaches. We have a number of security measures in place to help prevent fraud and cybercrime.
If we become aware that a personal data breach has occurred and is likely to result in a high risk to the rights and freedoms of our clients, Partners or employees, we will inform them without undue delay.
St. James’s Place Group has a dedicated group, the ‘Information Security Oversight Committee’, that provides oversight and guidance to our information security and privacy programme.
The executive body responsible for privacy and data security is the Information Security Oversight Committee (ISOC) - chaired by the Data Protection Officer in the United Kingdom. ISOC has a reporting line that enables effective escalation of issues up to the relevant boards where appropriate.
We frequently educate and train our employees, Partners and contractors on their information security, fraud prevention and privacy obligations.
Our employees, Partners and contractors take part in an annual Information Security training and awareness program and must agree to adhere to the relevant Data Protection Law, DIFC Law no 5 of 202 and our own Information Security Policy that are designed to keep your information safe. These are refreshed each year to reflect the current trends that are being observed across the information security landscape. Information Security awareness also forms part of our new employee induction program.
We also educate our employees in identifying potential financial crime and internal fraud; any suspicious activity is reported to our Financial Crime Prevention team.
When interacting with you, we will:
- Only send funds that you have requested to be withdrawn to a verified bank account in your name.
- Verify who you are when speaking to you on the phone, by asking you security questions.
We will not:
- Ask you for your password over the phone.
- Send you an unsolicited email with a link to our login page asking you to enter your Online Wealth Account credentials.
- Ask you for payment or credit card details by email or telephone.
- Call you to notify you of a problem, and then request you call us back immediately to discuss the problem further.
We continually review our physical and logical security controls in place across the business.
Physical controls – As well as protecting your digital information, the St. James’s Place Group also protects their premises and physical locations where personal data may be used and stored. These measures include security guards, security entrances, secure disposal of confidential waste and hardware, CCTV (where possible), personal card access and locks on doors and file storage cabinets, with a ‘clear desk’ policy to ensure all information is locked away and protected.
Logical controls – The St. James’s Place Group uses technical security measures to make sure our systems where we store and use personal information are protected from unauthorised access. Tools such as authentication controls, antivirus, firewalls, malware detection and back-up procedures are used across the business.
All employee emails and devices are encrypted to enable secure transfer and storage of personal information.
We conduct security testing of our applications and services in a controlled testing environment before they are made available for our clients to use on an ongoing basis.
We perform security risk assessments for each of our sites to identify and control risks.
External technical assessments are conducted by an independent external 3rd party.
Security audits and vendor due diligence are conducted on a continual basis.
We have a business continuity plan with disaster recovery and business continuity testing, the purpose of which is to provide an effective, predefined and documented framework to respond to an incident affecting our activities. The key drivers in developing the business recovery plans are:
- to mitigate the risks that could lead to the significant disruption of our services to our clients.
- to provide a recovery plan that supports a timely and full restoration of our services for our clients.
However, whilst we take appropriate technical and organisational measures to safeguard your personal information, please note that we cannot guarantee the security of any data that you transfer over the internet to us.
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies (text files placed on your computer) to help the website operators analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.
In addition, we use Google's remarketing technology to advertise online. In doing so, Google will place or read a unique ad-serving cookie on your computer and will use non-personal information about your browser and your activity on our sites to serve ads on their content network. Please click here for more information about remarketing or to opt-out of the Google remarketing cookie.
We will only collect personal information about you if you send us an e-mail enquiry via the 'contact us' facility or you register to receive your Unit Trust Manager's Reports by email. In order for this to happen, you will need to fill out the online 'contact us' form or complete the registration details. The type of information being collected for an enquiry will be apparent from the layout of the 'contact us' form, which also tells you how this information will be used. The type of information collected to register to receive the Unit Trust Manager's Reports by email will be apparent from the details requested when you register. The information collected when you register will only be used to email your Unit Trust Manager's Reports and for no other reason.
We take all reasonable precautions to protect our visitors' information, both on and offline. If your personal information changes, please let us know and we will correct, update or remove any information that we hold about you on our active databases. We may however need to retain archive copies of that personal information for legal or audit purposes. If you have any queries regarding the way in which St. James's Place handles data collected from you on this website, please visit the contact us page.
By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out in the above four paragraphs.
Please note that if you communicate with us electronically, including by e-mail, telephone or fax, this communication may be randomly monitored and/or recorded to protect the interests of our business and our customers. This includes for the purposes of maintaining customer/service quality standards, detection of and/or prevention of crime and to ensure that our employees comply with legal obligations and our policies and procedures (including our customer relations practices).
We may provide hyperlinks from this web site ('the Site') to web sites of other organisations including websites of associated companies. Please note that this Privacy Policy applies only to this Site and that St. James's Place will not be liable for the contents of linked web sites or any transactions carried out with organisations operating those web sites.
From time to time we may need to make changes to this notice, for example, as the result of changes to law, technologies, other developments or new products and services being offered us of the wider St. James’s Place Group.
We will provide you with the most up-to-date notice and you can check our website periodically to view it or you can request a copy from your St. James’s Place Partner.
This notice was last updated on 29/05/2023