Privacy Policy

GENERAL

1.1 Tenet Financial Services Limited together with any group companies (“we” “us” “our“) are committed to protecting and respecting your privacy. We are the data controller and will process your personal data in accordance with the Data Protection Act 2018, Regulation (EU) 2016/679 (the “GDPR“) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended from time to time as well as any national laws which relate to the processing of personal data (“data protection legislation“).

1.2 Please read the following carefully to understand our views and practices regarding Your Data and how we will treat it.

This policy applies to information we collect about:

Visitors to our websites (including corporate TenetSelect, TenetConnect, and TenetLime websites);
Members;
Customers;
TenetSelect clients and their consumer clients; and
Organisations that support our advisor development programmes Suppliers.

2. VISITORS TO OUR WEBSITES

2.1 We may collect and process personal data about you in the following circumstances:

2.1.1 when you complete the online contact forms on our websites (“Sites“) providing us with your name, address, email address and contact number.

2.1.2 whenever you provide information to us when reporting a problem with our Sites, making a complaint, making an enquiry or contacting us for any other reason. If you contact us, we may keep a record of that correspondence;

2.1.3 when you visit our Sites we will retain details such as traffic data, location data, weblogs and other communication data, and the resources that you access (see section 2.2.2 on Cookies below); and

2.1.4 whenever you disclose your information to us, or we collect information from you in any other way, through our Sites.

2.2 We may also collect data in the following ways:

IP Address

2.2.1 We may collect information about your device, including where available your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

Cookies and Tracking

2.2.2 Use of cookies

A cookie is a small text file which is placed onto your computer (or other electronic device) when you access our website. We use cookies on this website to:

carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests; and
make your online experience more efficient and enjoyable.

2.2.3 Description of cookies

We may use the following categories of cookies on our website:

Strictly necessary: These are cookies which are essential for certain features of our website to work. These cookies do not record identifiable personal information and we do not need your consent to place these cookies on your device. Without these cookies we will be unable to provide all or part of our services to you.
Performance monitoring: We use these cookies to collect details on an anonymous basis about how you use our websites. This information may be used to help us improve our websites and understand how effective our adverts are. In some cases we use trusted third parties to collect this information for us but they only use the information for the purposes explained.
Functionality: These cookies are used to provide services or remember your settings. These cookies are aimed at enhancing your user experience by remembering your preferences. The information these cookies collect is anonymous and does not enable us to track your browsing activity on other websites.

The table below explains what cookies we use and why:

Cookie	Name	Purpose
Google Analytics	_ga	To collect details on an anonymous basis about how you use our websites
First Visit Pop-Up	homepage	To ask for your consent in order to use cookies on this website.

2.2.4 Consent

In most cases we will ask for your consent in order to use cookies on this website. Please note that we do not require your consent where the cookie is essential in order for us to provide you with a product or service you have requested.

2.2.5 How to turn off cookies

If you do not want to accept cookies, you can change your browser settings accordingly. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/for-the-public/online/cookies/.

Website Links

2.3 Our Site may, from time to time, contain links to and from the websites of third parties. Please note that if you follow a link to any of these websites, such websites will apply different terms to the collection and privacy of your personal data and we do not accept any responsibility or liability for these policies. Please check before you submit your information to these websites.

3. MEMBERS

3.1 We will collect details such as names, addresses, email addresses, contact numbers, financial information and employment references via the member application forms both online and in hard copy format. We may also receive details of credit checks undertaken where you have supplied these to us. Depending on the legal structure of the prospective member, such personal data may relate to a sole trader, directors, guarantors, shareholders, partners, registered advisers, arrangers and members of staff.

3.2 In order to comply with our legal obligations, we will:

3.2.1 use your personal data to undertake due diligence and ensure our members are fit and proper in accordance with the Financial Services and Markets Act 2000 (“FSMA“) and Financial Conduct Authority Handbook rules;

3.2.2 provide you with regulatory updates and information in accordance with FSMA requirements; and

3.2.3 pass your personal data to the Financial Conduct Authority in order to comply with our legal obligations and may also pass your personal data to the Financial Ombudsman Service and the Financial Services Compensation Scheme to assist with an investigation or complaint or other authorities required by law.

3.3 We will use personal data provided to comply with our contractual obligations arising from any agreements we enter into with members and share the data with our panel of financial institutions who can assist in the provision of financial services to customers. We will use the personal data for our legitimate interests including:

3.3.1 sharing personal data with organisations that support our advisor development programmes;

3.3.2 obtaining references using the contact details provided;

3.3.3 marketing our own products and services by mail and email; and

3.3.4 with your consent, sharing such data with third party financial institutions and our group companies for the purpose of marketing their financial services and products which may be of interest.

3.4 We will not transfer any member personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 12 of this Privacy Policy) and we will retain the data for as long as a member remains part of our network and for a period of 6 years from the termination of our agreement with a member. For unsuccessful applicants for membership, we will retain the personal data for up to 15 years in accordance with FCA guidance.

4. CUSTOMERS

4.1 Our members share customer personal data with us including name, address, telephone number, email address, health information and financial information. We are subject to a legal obligation to monitor member’s compliance with the FSMA and Financial Conduct Authority rules. This monitoring and any para-planning service we are instructed to undertake on behalf of a member will include the processing of customer personal data. We will also process customer personal data for our legitimate interests including:

4.1.1 to assist with staff and member training;

4.1.2 deal with complaints and defend claims;

4.1.3 to send customer satisfaction surveys; and

4.1.4 to facilitate the payment process to our members.

4.2 We will not transfer any personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 12 of this Privacy Policy) and we will retain customer personal data for 80 years.

5. TENET COMPLIANCE SERVICES CLIENT FIRMS AND THEIR CONSUMER CLIENTS

5.1 In relation to Tenet Compliance Services client firms, we will collect details such as names, addresses, email addresses, contact numbers, financial information via our Tenet Compliance Services client application form. We will use the personal data to comply with our contractual obligations and provide you with the compliance services you have requested.

5.1.1 We will use the personal data for our legitimate interests including:

5.1.1.1 sharing personal data with organisations that support our advisor development programmes;

5.1.1.2 marketing our own products and services by mail; and

5.1.1.3 with your consent, sharing such data with third party financial institutions and our group companies for the purpose of marketing their financial services and products which may be of interest.

5.2 As part of the compliance services provided to Tenet Compliance Services client firms we may process personal data relating to Tenet Compliance Services client’s consumers including name, address, telephone number, email address, health information and financial information. We will process such data to comply with our contractual obligations with Tenet Compliance Services client firms and in accordance with the Tenet Compliance Services client’s instructions (including processing personal data as part of checks/review services we carry out for quality and compliance services).

5.3 Tenet Compliance Services client firms will ensure that they obtain their consumer’s consent to the processing of their personal data prior to sharing the data with us.

5.4 We will not transfer any personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 12 of this Privacy Policy) and we will retain Tenet Compliance Services client personal data for a period of 6 years from termination of our contract with a Tenet Compliance Services client. For Tenet Compliance Services client consumer personal data, we will retain the personal data for 6 years.

6. ORGANISATIONS THAT SUPPORT OUR ADVISOR DEVELOPMENT PROGRAMME

We collect information relating to the key contact of an organisation. This includes the individual’s name, email address and telephone number. This information is collected in order to supply the services requested from us, to comply with our contractual obligations and to provide notification of any changes to our services. We do not share the personal information collected with third parties and we will only retain the personal information for the term of the contract for services. We will not transfer any personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 12 of this Privacy Policy).

7. SUPPLIERS

We will collect details such as contact names, address, email address and telephone number in order to contact you about goods and/or services we have ordered from you, to comply with our contractual obligations and to place further orders. We may share your personal data with our employees to manage our relationship with you and we will keep your personal data for as long as we require your goods and/or services subject to a maximum of six years from the date of our last contact with you. We will not transfer your personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 12 of this Privacy Policy).

8. INTRODUCERS

8.1 We will collect details such as names, addresses, email addresses, contact numbers, financial information and employment references via the introducer application forms. We may also receive details of credit checks undertaken where you have supplied these to us. Depending on the legal structure of the prospective introducer such personal data may relate to a sole trader, directors, company secretaries, shareholders, and partners.

8.2 In order to comply with our legal obligations, we will:

8.2.1 use your personal data to ensure you are suitable to act as an introducer and we satisfy the requirements of the ‘Principles for Business’ in accordance with the Financial Services and Markets Act 2000 (“FSMA“) and Financial Conduct Authority Handbook rules;

8.2.2 pass your personal data to the Financial Conduct Authority in order to comply with our legal obligations and may also pass your personal data to the Financial Ombudsman Service and the Financial Services Compensation Scheme to assist with an investigation or complaint or other authorities required by law; and

8.2.3 use your personal data to facilitate the payment of commissions to you.

8.3 We may share your personal data with our employees to manage our relationship with you and we will keep your personal data for as long as you are an introducer to us subject to a maximum of six years from the date of our last contact with you. We will not transfer your personal data outside the United Kingdom.

9. MARKETING

9.1 This section provides information relating to marketing correspondence we may send to you and does not include the regulatory updates we are required to send to you in accordance with FSMA requirements (see section 3.2.2).

9.2 We may use member and TenetSelect client firm personal data to provide you with details about our goods, services, business updates and events which we think may be of interest.

9.3 We will only send you marketing correspondence where you have given us your consent to do so. We will ask whether you would like us to send you marketing messages when you tick the relevant boxes when you complete an application form for any of our products or services.

9.4 Upon providing your consent, you can opt-out of receiving the information detailed in section 9.2 at any time. To opt-out of receiving such information you can

click the unsubscribe button contained in any such communication received, or email us at authorisations@tenetgroup.co.uk or call 0113 239 0011 providing us with your name and contact details. It may take up to 7 days for this to take place.

9.5 Where we have your consent, we may use your personal data to market the services and products of third party financial institutions. You have the right to opt-out of receiving such marketing information by contacting us using the contact details described above in section 9.2 or clicking the unsubscribe button contained in any such communication received.

9.6Where you have subscribed to receive marketing correspondence from us we will keep your personal data for six years from when you subscribed to receiving marketing information from us or until you unsubscribe from receiving such correspondence from us (whichever is earlier).

10. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

10.1 In accordance with data protection legislation we are required to notify you of the legal basis upon which we process your personal data. We process your personal data for the following reasons:

10.1.1 for performance of a contract we enter into with you;

10.1.2 where necessary for compliance with a legal obligation we are subject to; and

10.1.3 for our legitimate interests (as described within this policy).

10.2 We will also process your personal data where we have obtained your explicit consent.

11. DISCLOSURE OF YOUR DATA TO THIRD PARTIES

11.1 In addition to the third parties mentioned previously in this policy, we may disclose your personal data to third parties for the following legitimate business purposes:

11.1.1 staff members in order to facilitate the provision of services to you;

11.1.2 to our affiliated entities to support internal administration;

11.1.3 IT software providers that host our website and store data on our behalf;

11.1.4 service providers who provide us with software solutions and platforms in order to carry out our business and provide services (including, without limitation, open banking services);

11.1.5 Professional service providers who assist us with any customer complaints and

11.1.6 to a prospective buyer of some or all of our business or assets, in which case personal data including Your Data will also be one of the transferred assets. The recipient of the information will be bound by confidentiality obligations.

11.2 We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, eg in relation to ISO accreditation and the audit of our accounts.

11.3 We may disclose your personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

11.3 We will not sell or distribute your personal data to other organisations without your approval.

12. CROSS-BORDER DATA TRANSFERS

12. 1 We share your personal data within the Tenet Group. This will involve transferring your data outside the United Kingdom in accordance with data protection legislation.

12.2 We share your personal data with external third parties in order to provide our services to you. Some of these third parties may transfer personal data outside the United Kingdom. We require such third parties to ensure that such transfers take place in accordance with data protection legislation.

12.3 Whenever we transfer your personal data out of the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or
Where we use providers based in the US, we may transfer data to them if they are registered as being part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

12.4 Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the United Kingdom.

13. DATA SECURITY

13.1 Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

13.2 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

13.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

14. ACCESS TO, UPDATING, DELETING AND RESTRICTING USE OF YOUR DATA

14.1 It is important that the personal data we hold about you is accurate and current. Please keep us informed if the personal data we hold about you changes.

14.2 Data protection legislation gives you certain rights in relation to your personal data. You have the right to object to the processing of your personal data in certain circumstances and to withdraw your consent to the processing of your personal data where this has been provided.

14.3 You can also ask us to undertake the following:

14.3.1 update or amend your personal data if you feel this is inaccurate;

14.3.2 remove your personal data from our database entirely;

14.3.3 send you copies of your personal data in a commonly used format and transfer your information to another entity where you have supplied this to us, and we process this electronically with your consent or where necessary for the performance of a contract;

14.3.4 restrict the use of your personal data; and

14.3.5 provide you with access to information held about you and for this to be provided in an intelligible form.

14.4 We may request specific information from you to help us confirm your identity. Data protection legislation may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

14.5 Please send any requests relating to the above to our Privacy Officer at dataprotection@tenetgroup.co.uk specifying your name and the action you would like us to undertake. Note that in relation to requests to access personal data.

15. RIGHT TO WITHDRAW CONSENT

Where you have provided your consent to the collection, processing and transfer of your personal data, you may withdraw that consent at any time. This will not affect the lawfulness of data processing based on consent before it is withdrawn. To withdraw your consent please contact us at authorisations@tenetgroup.co.uk.

16. CHANGES TO OUR PRIVACY POLICY

We reserve the right to update this privacy policy at any time, and any changes we make to our privacy policy will be posted on this page. We will notify you if there are any changes to this policy that materially affect how we collect, store or process your personal data. If we would like to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal without your knowledge or consent where required by applicable law or regulation.

17. CONTACT US

We have appointed a Privacy Officer to oversee compliance with this privacy policy. If you have any questions, comments or requests regarding this policy or how we use your personal data please contact our Privacy Officer at dataprotection@tenetgroup.co.uk. This is in addition to your right to contact the Information Commissioners Office if you are unsatisfied with our response to any issues you raise at https://ico.org.uk/global/contact-us/.

Last updated: 1^st October 2020.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_179782093_4	1 minute	Set by Google to distinguish users.
_gat_networkTracker	1 minute	No description
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.