The EU General Data Protection Regulation came into force on 25 May 2018. This regulation requires that Thinc provides you with information regarding how we process your personal data.
Thinc is part of the AXA Group and is registered in the UK as a Controller in accordance with Data Protection legislation under registration no. Z5669860. The Data Protection Officer for Thinc is Jason Wyatt and our registered address is Thinc Group Limited, 20 Gracechurch Street, London, EC3V 0BG.
Thinc is committed to protecting and respecting your privacy and we will not sell your personal data to any other parties. The information in this Privacy Notice forms part of the Thinc Privacy Policy and describes how Thinc uses the personal data that it collects from you.
Personal data you supply to Thinc by any means will be treated in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and any other applicable legislation intended to protect your personal information and privacy.
This Privacy Notice should be brought to the attention of any party who is included in your investment, where they have given you consent to act on their behalf.
By providing your personal information or the personal information of someone included in your investment, you acknowledge that we may use it only in the ways set out in this Privacy Notice.
From time to time we may need to make changes to our Privacy Policy, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally.
We collect the following personal data about you:
contact details such as name, address, email address, and telephone number
identification information such as date of birth, gender, national insurance number, passport and driving licence
financial information such as bank details
information about your health
The information is collected from meetings with you, application forms, through telephone calls with you and through correspondence from you.
We may also collect data from credit reference agencies, such as information from the electoral register for the purpose of preventing financial crime. The search is not a credit check and your credit rating should be unaffected.
We mainly used your personal information to provide you with advice and recommendations about products and services that were of interest to you and information relating to your investments. We are also obliged to comply with legal or regulatory obligations, including confirming your identity.
We may also use the data for other purposes, such as preparing management information or accounting records, internal audit requirements, analytical or training purposes and to assist in improving processes and services.
Thinc will only process your personal data where it is necessary to provide you with the investments products and services you have requested for the performance of a contract. We may also have a legitimate business need to use your personal data to administer the investments, to understand our business and monitor or improve performance and services and to maintain appropriate records.
Thinc may use other AXA Group companies for our general business administration. These AXA Group companies will treat your data in accordance with the relevant regulations.
We may also disclose your information to the following third parties:
our third party service supplier which administers your investment on our behalf
any relative, guardian, attorney or lawyer that is acting on your behalf
any Government department or law enforcement agency conducting enquiries
Disclosure of your personal information to a third party will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them. In the case of our third party service suppliers, they will only do so whilst working under contract with us and only as directed by us.
Some of the recipients set out above may be in countries outside of the EEA notably in i) Switzerland, where AXA has a European Data Centre.
Where we make a transfer of your personal information outside of the EEA we will take the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to appropriate standards.
Thinc will only keep your personal data for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Notice and in order to comply with our legal and regulatory obligations. We will typically keep information for 5 years after the end of our relationship with you. However, in some cases where there may be a dispute or a potential legal action it may be necessary for us to retain the data for longer.
Thinc is committed to delivering the rights that the GDPR provide to individuals.
The right to access – you are entitled to be provided with a copy of any of your personal data that we process and details of how we process it.
The right to rectification – we take steps to ensure that the data we hold on you is accurate. However, if you do not believe this is the case, please contact us using the details shown in your documentation and request that we amend it.
The right to erasure – in certain circumstances you have the right to ask us to delete personal data of yours that we hold, this is also known as the ‘right to be forgotten’. There may be certain legal or regulatory obligations which mean we cannot comply with your request.
The right to restrict processing – you can request that we stop processing whilst any inaccurate data is corrected or if you feel we no longer need to process your data.
The right to data portability – in certain circumstances this gives you the right to receive your personal data which you provided to us in a machine-readable format and where possible for us to transmit the personal data to another data controller.
The right to object – you can object to the processing of your personal data at any time. This includes the right to object to your personal data being used for Direct Marketing purposes.
The right to withdraw consent – for certain uses of your personal data we may ask for your consent. If we do this, you have the right to withdraw your consent to further use of your personal data.
If you have a complaint relating to the processing of your personal data, please use the following address:
Thinc Group Limited Nightingale House Redland Hill Bristol BS6 6SH
You are also entitled to lodge a complaint with a supervisory authority at any time. In the UK this would be the Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Telephone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.