DJWM Ltd -Privacy Policy

DJWM LTD – GDPR Privacy Policy

  1. Who we are and how to contact us

DJWM LTD of 62 Cyprus Avenue, London N3 1SR is a data controller of your personal information. Personal information is information about you or from which we can identify you. This privacy notice describes how we deal with your personal information. We are the data controller of this information under relevant data protection laws because in the context of our business relationship with you we decide how and why it is processed in the ways explained in this privacy notice.

If you have queries about this privacy notice or wish to exercise any of the rights mentioned in it, please contact us on the contact details at the bottom of this Privacy Notice.

This privacy notice may be updated from time to time. Where necessary, we will also send you an updated copy of the privacy notice.

  1. What kind of personal information about you do we process?

We have set out below a description of the types of personal information about you which we will process when you become a client of ours, or during the course of our corresponding with you (both when you are our client, or where you have expressed interest in becoming a client, but have not yet become one).

Below is a description of the different types of personal information that we will collect and process about you in different circumstances.

2.1 Personal information that we generally process regardless of how you contact us, or for what reason, includes:

2.1.1 your title, full name, your contact details, including for instance your email address, home and mobile telephone numbers; and/or

2.1.2 your home address, correspondence address (where different from your home address) and address history (usually only for current clients, or for new clients for identification, anti-money laundering, anti-fraud and credit reference agency checks);

2.2 If you submit an application to become a client, in the process of becoming a client or are already a client of ours, in addition to the above personal information, we will collect the following from you:

2.2.1 your date and place of birth and/or age;

2.2.2 financial information, including your bank account information, the amount you are looking to invest, your total wealth, your investment objectives, income and employment status and any monthly payments you may be making, your investment selection(s) and how you would like income from your investment to be paid, reinvested/accumulated;

2.2.3 proof of identification in the form of copies of your passport, driving licence or other identity documents like utilities bills;

2.2.4 your tax residency and/or nationality;

2.2.5 information around any financial dependants you may have;

2.2.6 information around any assets and liabilities you have;

2.2.7 information regarding the source/acquisition of your wealth;

2.2.8 detailed information around your experience and knowledge of investments;

2.2.9 information around your capacity for loss and your attitude to risk;

2.2.10 personal information and contact information which you provide in correspondence with us, whether by email, written letter, or telephone call or through our online enquiry system or attendance notes of meetings or calls (this will be information volunteered by you, it could include the reasons why you have decided to invest, or where your investment money has come from, by way of example); and/or

2.2.11 information relating to your use of our service;

2.3 In addition to the above, we collect the following information from you when required:

2.3.1 for anti-money laundering, identity verification and negative news screening and the information returned to us from the organisations tasked with performing those checks (further information is provided below relevant to such checks);

2.3.2 where you have an online account with us, such information that is used to secure your online account, the answers to security verification questions, your username and password

2.3.3 where you have tax reporting duties in other jurisdictions for which we are responsible, for example the United States of America, we collect information to allow us to carry out this reporting and/or

2.3.4 we provide a number of ancillary services which you may request we provide to you, an example being producing a Capital Gains Tax report, these services may require further information from you.

2.4 In addition to the above, depending on how you engage with us, whether it be through our website, or by visiting our office, we may also collect the following information:

2.4.1 if you visit our office, we may collect your physical image through use of CCTV cameras;

2.4.2 if you visit our website, we may collect your IP address and/or use cookies to gather further information about your use of our site. Further information about our use of Cookies is contained in our Cookies Policy at www.invfit.co.uk/cookies-policy/

  1. What is the source of your personal information and is providing it voluntary?

We will generally collect your personal information from you directly through discussions and taking notes, our application forms, or in your correspondence with us. In addition, where you are a client of ours, or are looking to become a client of ours, we may also obtain personal information about you from other sources such as organisations which we use to perform anti-money laundering identity verification and negative news screening. Other instances where we will not receive the information directly from you include where you have been introduced to us via your third party financial intermediary who acts on your behalf or where you have been introduced to us by a third party introducer, or where we have obtained your information from marketing lists which we can lawfully use.

Some of the personal information obtained from the above organisations will have originated from publicly accessible sources.

As you will appreciate, we are required to collect some personal information by law and regulation. For example, we are required to verify your identity before we can approve any client applications. Providing this information is not voluntary and if you do not provide this personal information, we will not be able to register you as a client of ours.

In other cases, we need the information in order to provide our services to you. For example, if you request a payment to be made from your investment account to your bank account, we need your bank account information in order to do so. Again, if you do not provide this information to us, we will not be able to provide that service to you, so this information is mandatory.

Where you choose not to provide us voluntary personal information this may reduce the quality or type of service we are able to provide (for example, without providing your e-mail address, we may only be able to contact you by postal mail so our correspondence with you will be slower).

  1. What are the legal grounds for our processing of your personal information (including when we share it with others)?

Data protection laws require us to explain what legal grounds justify our processing of your personal information (this includes sharing it with other organisations). For some processing more than one legal ground will be relevant. We mainly use the personal information we hold about you where it is necessary for us to perform our contract with you and to enable us to comply with legal obligations. Your personal information will also be used, where necessary, to pursue our own (and sometimes other third parties’) legitimate interests, provided that when we do, your own interests and fundamental rights do not override those legitimate interests. Additionally, we can also use your personal information with your consent.

Each of the above mentioned categories or reasons for processing your personal information is commonly known as a ‘legal basis’ which justifies the processing of your personal information in accordance with data protection law. However, we appreciate that the categories themselves do not provide you with a clear understanding of what that actually means. As such, we have provided further information below about what we will do with your personal information as it relates to each of these legal basis.

4.1 Processing necessary to perform our contract with you

This purpose includes such processing as is necessary for us to undertake when you become a client of ours. It will also include processing that is undertaken prior to you becoming a client of ours, but which processing is necessary for us to enter into our agreement with you (i.e. during the application stage). The processing will include processing:

4.1.1 to communicate with you about your investment(s), product or service (e.g. periodic statements);

4.1.2 to enable us to open an account for you with us;

4.1.3 to enable us to process the subscription or redemption of your investment or withdrawal;

4.1.4 to enable payments to be made or currency to be converted for you;

4.1.5 to evidence your ownership of an investment;

4.1.6 to verify that your instructions are genuine and to process them accordingly;

4.1.7 to inform you about the performance of your investment(s);

4.1.8 to notify you about changes to your investment(s) (such as a change of name, or amendments to the investment policy of a fund);

4.1.9 where applicable, to allow you to exercise rights in relation to your investment(s) (such as voting rights);

4.1.10 to recover any amount owed to us or a third party whose services are linked to the service we provide to you;

4.1.11 to investigate and deal with complaints or disputes;

4.1.12 to transfer your personal information to any third party who replaces DJWM LTD as a provider of services to you; and/or

4.1.13 to share your personal information with third parties if required for, or would assist, the management of your product or service.

4.2 Processing necessary to comply with our legal obligations

There are a number of laws and regulations which we are required to comply with when we provide our services to you, as well as for our general daily operations. Some of these obligations will result in the processing of your personal information. Specifically, this will include processing:

4.2.1 to verify your identity and to carry out regulatory checks (such as anti-money laundering and identity verification checks);

4.2.2 where applicable, to comply with regulatory rules to ensure our services provided to you are suitable and/or appropriate;

4.2.3 to enable a register of investors to be maintained;

4.2.4 to contact you with notices about your investments;

4.2.5 to detect, prevent and/or investigate fraud, money laundering and other financial crimes;

4.2.6 to comply with audit requests from our auditor;

4.2.7 to combat late trading and market timing practices;

4.2.8 to ensure you are eligible for a product (such as an ISA);

4.2.9 to comply with requests made by you when exercising your legal rights (such as those contained within this Privacy Notice or our Terms of Business);

4.2.10 recording incoming and outgoing calls for regulatory purposes;

4.2.11 to carry out monitoring of trades and transactions for continued compliance with our regulatory obligations (such as anti-money laundering) and to keep records of the transactions we’ve undertaken;

4.2.12 for establishment, defence and enforcement of our legal rights;

4.2.13 when, to achieve the above purposes, we share your personal information with the following categories of individuals or organisations:

4.2.13.1 law enforcement agencies and governmental and regulatory bodies such as tax authorities, financial regulators/ombudsmen and non-financial regulators (depending on the circumstances of the sharing); and/or

4.2.13.2 courts and to other organisations where it is necessary for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations;

4.2.13.3 third parties who assist us with carrying out anti-money laundering, identity verification and negative news screening, and such other professional service providers who we use to assist us to comply with these obligations (such as lawyers, accountants, auditors, consultants and other similar professionals); and

4.2.13.4 third parties to whom we owe a legal obligation to provide specified information.

4.3 Where processing is necessary for our legitimate interests

This will include processing which, on balance, we consider is in our legitimate interests and which do not cause you undue prejudice. Our legitimate interests are:

4.3.1 recording incoming and outgoing calls for training, monitoring, and security purposes, as well as to keep an accurate record of any instructions received from you in relation to your investments (this would be relevant where calls are not legally required to be recorded, but where we will record them anyways for the purposes listed above);

4.3.2 administering and managing your investment account(s) and services relating to that, including, where necessary, updating your records and taking steps to update your contact address so we can contact you about your account;

4.3.3 testing the performance of our products, services and investments to ensure that we are managing our clients, and your investments, to their best potential;

4.3.4 to adhere to guidance and best practice under the regimes of governmental and regulatory bodies such as tax authorities, financial regulators/ombudsmen and non-financial regulators;

4.3.5 for management and audit of our business operations including accounting. This includes allowing other entities to conduct audits into our processes;

4.3.6 to determine the target market for our existing and future products (e.g. determining whether a product is meeting the needs of investors generally);

4.3.7 to contact you when we have updated this Privacy Notice and consider that it is necessary to advise you about any changes to the way we are processing your personal information;

4.3.8 for marketing communications (where it is lawful for us to do so and where you have not objected to the use of our personal information for these purposes);

4.3.9 for some of our profiling, in particular where this does not have a legal effect or otherwise significantly affects you, which is done to provide you with options and a better understanding of your risk and cash flow profile (discussed further below);

4.3.10 when, to achieve the above purposes, we share your personal information with the following categories of individuals or organisations:

4.3.10.1  our legal and other professional advisers, auditors;

4.3.10.2  governmental and regulatory bodies such as tax authorities, financial   regulators/ombudsmen and non-financial regulators (depending on the circumstances of the sharing);

4.3.10.3   tax authorities who are overseas for instance if you are subject to tax in a different jurisdiction, we may share your personal information directly with relevant tax authorities (instead of through the local authority);

4.3.10.4   other organisations and businesses who provide services to us under contract such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions;

4.3.10.5                 buyers and their professional representatives as part of any restructuring or sale of our business or assets;

4.3.10.6                 third parties who we use to assist with identity verification checks; and/or

4.3.10.7                 market research organisations who help us to develop and improve our products and services.

(Should you have any questions about the above listed categories of people and/or organisations, please contact us using the contact information provided in this Privacy Notice.)

4.4 Processing with your consent

Unlike the uses described above, sometimes we rely on your consent to use your personal information. We will rely on your consent:

4.4.1 when you request that we share your personal information with someone else and consent to that (for example if you engage the services of a professional adviser after you have become a client of ours and request that we provide information about your account to that professional adviser);

4.4.2 where you have opted-in to receiving marketing communications (and have not subsequently opted-out or requested to be removed from any marketing list – which you can do by contacting us as set out below); and/or

4.4.3 when you volunteer information to us in correspondence or during meetings where a attendance note is taken (for example if you provide a reason why you are cashing out a particular investment or why you are moving away from your existing adviser).

There may be other instances where we use consent to process your personal data and special category personal data. If we do, we will provide you with further information about the purposes of the processing at the time we ask for your consent.

  1. How and when can you withdraw your consent?

You have the right to withdraw your consent at any time by contacting us using the contact information provided below. If you do withdraw your consent, this will mean that we will stop similar future processing. However, the withdrawal of your consent will not invalidate any processing which we previously undertook before you withdrew your consent.

Please note, where we rely on another lawful reason to process your personal information, withdrawing your consent will not affect that processing (such as where the processing is necessary for our performing our contract with you, or where we must process your personal information to comply with law, as described above) and we will continue to process your personal information for those purposes notwithstanding the fact that you have withdrawn your consent for one of the above listed purposes.

  1. Will we share your personal information with third parties?

Yes, we will share your personal information with third parties. There are times when we are either mandated by law to disclose your personal information to third parties (such as tax authorities), additionally, we contract third parties to help us run our business and where we do so, we will also disclose your personal information to those third parties. Where we contract third parties to assist us to provide our services, we will always do so subject to appropriate contracts and safeguards being put in place.

We will never sell, rent or trade your personal information to an outside company.

We will share your personal information with others who have a duty to keep it secure and confidential, and where we have a lawful reason for doing so, as explained in section above. The categories of organisations that we will share your information with are:

  • our service providers, agents and sub-contractors who assist us to provide our services and process information on our behalf, such as where we engage with a third party to run the day to day business of our offices, IT and communications service providers, customer records management providers (who assist us in managing customer records); financial modelling services which are used to provide you with financial illustrations and comparison service providers who help us determine what products may be available for you depending on your specific circumstances;
  • product and financial service providers from whom we acquire products, whether on your behalf or in your own name with our assistance, who will require specific information (for example, fund companies, insurance companies and pension companies);
  • professional advisors, such as lawyers, accountants, actuaries;
  • an organisation who we may transfer our rights and duties to in the event of a corporate transaction (e.g. if we restructure or sell our business); and/or
  • a Raymond James group company, such as Raymond James Financial Services or its parent company Raymond James Financial Inc, or any other custodian and investment platform we may use in conducting your business.

We can also share your information with UK and overseas regulators and authorities in connection with their duties (such as crime prevention), and/or in connection with our compliance with legal and/or regulatory obligations.

Unless a third party is our service provider (such as our communications service provider), we cannot control all use of your personal information by some third parties who we may be required to share your information with (such as regulators), as they will process your personal information for their own specific purposes. As such, where your personal information has been shared with another data controller entity, you will have rights over how that third party handles your personal information and you can and should contact those parties directly if you want to exercise your rights in relation to those third party’s uses of your personal information.

  1. Is your personal information transferred outside of the UK ?

7.1 We are based in the UK but sometimes your personal information will be transferred outside the UK If it is processed within the UK   then your personal information is protected by UK  data protection standards.

7.2 Some countries outside the UK do have adequate protection for personal information under laws that apply to us, this only happens where the UK has confirmed this and made a decision in this regard. However, where your personal information is transferred outside of the UK to a country which does not have the same level of protection as afforded within the UK , we will make sure that suitable safeguards are in place before we transfer your personal information to such a country.

7.3 At present, your personal information will be transferred to one or more of the following countries:

7.3.1 United States of America; and/or

7.3.2 where you use an overseas custodian or offshore wrapper provider such as an Offshore Portfolio Bond, the Channel Islands (that is the Isle of Man, Guernsey and Jersey), Switzerland and Liechtenstein.

7.4 The safeguards that we will use to protect your personal information in relation to international transfers include contractual obligations imposed on the recipients of your personal information. Those obligations require the recipient to protect your personal information to the standard required in the UK . Safeguards also include requiring the recipient to meet one of the UK approved mechanisms to transfer personal information outside of the UK which include:

7.4.1 sending the information to UK approved countries, that is countries which the UK has deemed to have data privacy laws which are of a standard which complies with the UK  data protection laws (this is the case for the Channel Islands mentioned above);

7.4.2 the use of UK approved model clause contracts;

7.4.3 for transfers to the United States – certification under Privacy Shield;

7.4.4 having internal binding corporate rules which set an internal standard for the handling of personal information which meets UK data protection law requirements.

There are more measures being introduced from 25 May 2018, and we will keep those under review always with the intention that your personal information will be appropriately secured and treated in the event that it is transferred outside of the  UK

7.5 As part of our business operations, we will, where it is lawful and necessary to do so, share with and/or transfer some of your personal information to Raymond James Investment Services (as discussed above).

  1. What should you do if your personal information changes?

We will take steps to ensure that we keep your personal information accurate and up to date. However, we are reliant on you to assist us in doing this. As such, you should tell us without delay if any of your personal information changes, so that we can update our records.

  1. Do we do any monitoring which involves the processing of your personal information?

By monitoring, we mean any listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person face to face meetings and other communications.

We may monitor where permitted by law and we will do this where the law requires it. In particular, where we are required by the Financial Conduct Authority’s regulatory regime to record certain telephone lines or in person meetings (as relevant) we will do so. However, it is standard practice that we will record all external calls for training, compliance, security and evidentiary purposes even where these calls fall outside of our regulatory obligations. This practice is noted within and is part of our Terms of Business.

Some of our monitoring may be to comply with regulatory rules, self-regulatory practices or procedures relevant to our business, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures, to have a record of what we have discussed with you and actions agreed with you, to protect you and to provide security for you (such as in relation to fraud risks on your account) and for quality control and staff training purposes.

In addition to monitoring calls, our office may use CCTV cameras for health, safety and security purposes. As such, if you attend our office, you may have your image recorded on CCTV. We may also deploy other access control mechanisms at our office, such as a visitor’s log, which you may be required to sign on entry which will also capture our personal information for safety and security purposes.

  1. Profiling and other automated decision making

At present we do not undertake any automated decision making processes which could result in a negative consequence. At every stage when we handle your personal information, there will be a human element to the interaction before any negative decision is made. However, we do operate some profiling when we process your personal information.

Specifically, we use programmes which:

  • assist us in determining what your natural attitude to risk is; and
  • create cash flow models which are specific to your situation.

Neither of these programmes are used to make any determinations, at least not without your prior input and confirmation. In other words, we use this tool to provide you and us with further information about attitude to risk and to create models about your investments made through us or your cash flow needs thus giving you more control over how you want to handle them going forwards.

  1. How long is your personal information retained by us?

We will only retain your personal information for as long as necessary to meet the reason your personal information was collected for. We need to keep your information long enough to make sure that we can provide our services to you, to comply with and/or satisfy all legal obligations including our obligations to keep records and to protect our interests.

In terms of how long we will retain your personal information for. We will keep most personal information for at least 10 years after you cease to be a client of ours. There may be some instances where we will need to keep the information for longer periods of time depending on the nature of the data, or the purpose for the retention. In this regard, we have set out some examples of processing which we undertake and the reason why we will need to retain your personal information even after you cease to be a client of ours.

  • Retention in case of queries: We will retain the personal information that we need to keep in case of queries from you (for instance, if you apply unsuccessfully for a product or service);
  • Retention in case of claims: We will retain the personal information that we need to keep for the period in which you might legally bring claims or complain to the Financial Ombudsman against us;
  • Retention in accordance to pension transfers: We will retain all personal information in relation to pension transfers advice for so long as this is required by law; and/or
  • Retention in accordance with legal and regulatory requirements: We will retain the personal information that we need to keep even after the relevant contract you have with us has come to an end.

If we anonymise your personal information so that it can no longer be associated with you, it will no longer be considered personal information, and we can use it without further notice to you.

If you would like further information about our data retention practices, contact us on the details set out in this Privacy Notice.

  1. What are your rights under data protection laws?

Here is a list of the rights that all individuals have under data protection laws. They do not apply in all circumstances. If you wish to exercise any of them we will explain at that time if they are engaged or not.

12.1 The right to be informed about our processing of your personal information;

12.2 The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed

12.3 The right to object to processing of your personal information;

12.4 The right to restrict processing of your personal information;

12.5 The right to have your personal information erased (the “right to be forgotten”);

12.6 The right to request access to your personal information and to obtain information about how we process it;

12.7 The right to move, copy or transfer a copy of the personal information you have provided us with (“data portability”);

12.8 Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you.

To exercise your rights as set out above, please write to us at the details set out in this Privacy Notice.

There is no fee for making these requests. However, if your request is excessive or unfounded, we can charge a reasonable fee or refuse to comply with it.

You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/.

  1. Data anonymisation and use of aggregated information

Your personal information may be converted into statistical or aggregated data which cannot be used to re-identify you. It will then be used to produce statistical research and reports. This aggregated data will be shared and used in all the ways described in this privacy notice, and it may also be used in other ways not described here. However, as the information will be aggregated anonymous data, it will no longer constitute your personal information and can therefore be used more widely than if you could still be identified from it.

  1. Future changes to this privacy notice

We reserve the right to update this privacy notice at any time. You will always be able to review the current privacy notice by visiting: www.invfit.co.uk, or by requesting a copy from us.

  1. Our Contact Information

15.1 Please contact us if you have any questions about this privacy notice or information we hold about you.

                Email us: [email protected]

                Call us: 020 8201 5132

                Write to us: DJWM Ltd, 62 Cyprus Avenue, London N3 1SR