Privacy Policy

Introduction

Aureate Crest respects your privacy and is committed to protecting your personal information. This policy explains how we collect, use, store, and safeguard data about you when you interact with our website or use our financial advisory services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. As a financial services firm authorised by the Financial Conduct Authority, we also adhere to relevant FCA regulations regarding client data handling.

Who We Are

Aureate Crest is the data controller responsible for your personal information. Our registered office is located at 42 Kensington Square, London, W8 5HN, United Kingdom.

If you have questions about how we handle your data or wish to exercise your rights, you can contact us at [email protected].

Information We Collect

The information we gather depends on your relationship with us. We collect various types of personal data:

Contact and Identity Information

This includes your name, postal address, email address, date of birth, and similar identifying details. We collect this when you enquire about our services or become a client.

Financial Information

When providing advice, we need comprehensive information about your financial circumstances. This includes details of income, expenditure, assets, liabilities, existing investments, pension arrangements, insurance policies, and tax position.

Employment and Professional Information

We collect information about your occupation, employer, employment history, and professional qualifications where relevant to understanding your financial situation.

Family and Dependent Information

Details about your family circumstances, dependents, and beneficiaries help us provide appropriate advice regarding protection needs and estate planning.

Health Information

When arranging protection products like life insurance or critical illness cover, we may need to collect health-related information. We handle this sensitive data with particular care.

Website Usage Information

When you visit our website, we collect technical information including IP address, browser type, device information, pages visited, and interaction patterns. This helps us improve site functionality and user experience.

How We Use Your Information

We process your personal data for specific purposes with appropriate legal basis:

Providing Financial Advice

We use your information to assess your circumstances, research suitable solutions, provide recommendations, and implement agreed strategies. This processing is necessary for performing our contract with you.

Regulatory Compliance

As an FCA-regulated firm, we're required to maintain certain records, conduct suitability assessments, and produce documentation evidencing our advice process. This processing is necessary for legal compliance.

Client Relationship Management

We maintain records of communications, meetings, and recommendations to ensure continuity of service and enable us to serve you effectively over time. This is necessary for contract performance and legitimate business interests.

Ongoing Service Provision

For clients with ongoing arrangements, we periodically review circumstances and investment performance. This helps ensure advice remains appropriate as situations change.

Communication

We use your contact details to respond to enquiries, arrange meetings, provide updates about your arrangements, and share important regulatory information. This is necessary for contract performance.

Website Improvement

Usage analytics help us understand how visitors interact with our site, allowing us to enhance functionality and content. This serves our legitimate interest in maintaining an effective online presence.

Sharing Your Information

We share personal data only when necessary and with appropriate safeguards:

Product Providers

When implementing recommendations, we share relevant information with pension providers, investment platforms, insurance companies, and other financial institutions to establish accounts and policies in your name.

Professional Advisors

Where beneficial to your circumstances, we may coordinate with your solicitor, accountant, or other professional advisors. We only share information with your explicit consent.

Regulatory Authorities

We may disclose information to the Financial Conduct Authority, Financial Ombudsman Service, or other regulatory bodies when required by law or regulation.

Service Providers

We engage third-party providers for services like IT infrastructure, document storage, and administrative support. These providers process data only on our instructions and under strict confidentiality obligations.

Legal Requirements

We may disclose information if required by law, court order, or to protect our legal rights or those of others.

Data Retention

We retain personal information for as long as necessary to fulfil the purposes outlined in this policy and meet our legal obligations.

FCA regulations require us to maintain client records for a minimum period after the relationship ends. Typically, we retain advice files for at least six years following our last interaction with you, though some records may be kept longer where necessary for potential future claims or regulatory requirements.

Marketing information is retained only while your consent remains valid. You can withdraw consent at any time, and we'll delete your information from marketing databases promptly.

Website usage data is generally retained for limited periods sufficient for analytical purposes, typically no longer than two years.

Security Measures

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction.

Measures include encryption of sensitive data, secure storage systems with restricted access, regular security assessments, staff training on data protection, and incident response procedures.

While we take security seriously, no system is completely invulnerable. We cannot guarantee absolute security but commit to maintaining industry-standard protections and addressing any breaches promptly.

Your Rights

Under UK data protection law, you have several rights regarding your personal information:

Access

You can request copies of personal data we hold about you. We'll provide this within one month unless the request is complex or numerous, in which case we may extend the timeframe by two additional months.

Rectification

If information we hold is inaccurate or incomplete, you can request corrections. We'll update our records promptly and notify relevant third parties where appropriate.

Erasure

In certain circumstances, you can request deletion of your personal data. However, our ability to comply may be limited by legal obligations to retain certain records for specified periods.

Restriction

You can ask us to restrict processing of your information in specific situations, such as while we verify accuracy of data you've contested.

Portability

Where technically feasible, you can request transfer of certain personal data to another service provider in a structured, commonly used format.

Objection

You can object to processing based on legitimate interests. We'll cease processing unless we demonstrate compelling legitimate grounds that override your interests.

To exercise these rights, contact us at [email protected]. We may need to verify your identity before fulfilling requests.

Cookies and Tracking

Our website uses cookies to enhance functionality and understand usage patterns. For comprehensive information about cookies we use and how to manage preferences, please see our separate Cookies Policy.

Changes to This Policy

We review this privacy policy periodically and may update it to reflect changes in our practices or legal requirements. The "last updated" date at the top indicates when the current version took effect.

Significant changes will be communicated through prominent notice on our website or direct communication to clients. Continued use of our services after changes take effect constitutes acceptance of the updated policy.

Complaints

If you're dissatisfied with how we've handled your personal information, please contact us so we can attempt to resolve the matter.

You also have the right to lodge a complaint with the Information Commissioner's Office, the UK supervisory authority for data protection. The ICO can be reached at ico.org.uk or by calling 0303 123 1113.

Contact Information

For questions, concerns, or requests regarding this privacy policy or our data handling practices, please contact:

Aureate Crest
42 Kensington Square
London, W8 5HN
United Kingdom
Email: [email protected]