This policy sets out how evestor, a trading style of OpenMoney Adviser Services Limited, uses and protects your data. evestor is committed to ensuring that your privacy is protected and so will only ever request data that is necessary to meet our legal obligations or to fulfil our contract to you. We are registered with the Information Commissioners Officer (ICO) as a Data Controller and are compliant with the requirements of the Data Protection Act 1998 (DPA or “the Act”) and General Data Protection Regulations (GDPR) introduced on 25th May 2018.
evestor reserves the right to change this policy at any time. We will contact you to let you know of any material amendments to this policy, however you should check this page periodically to ensure that you are aware of and accepting of any incremental changes. This policy is effective from 8th May 2018.
The Information We Gather
We will gather any information which is required to enable us to provide you with the service you have requested. We may also require additional information to meet our legal obligations. Below is a non-exhaustive list of information we may gather to meet these requirements:
- Basic personal details, such as name, date of birth and address;
- Contact information, such as email address and phone number;
- Details to enable us to provide tax-beneficial products, such as National Insurance number;
- Financial information to allow us to assess your eligibility for an evestor account or to enable us to provide advice;
- Details on your marketing preferences; and
- Device information if you are using the evestor App, and other information relevant to customer surveys and offers.
In accordance with our obligations as an FCA authorised and regulated firm, we record and retain all communications between evestor and our customers. This includes phone calls, webchats and emails.
We are required to verify all our customers identity and residency information. We will strive to do this electronically, however this is not possible in all cases and so we may require either original or certified copies of documents as evidence.
What We Do With This Information
We require this information to fulfil our legal obligations and our contract to you. it allows us to facilitate your execution-only investment or provide you with advice. If you’re an evestor user, it allows us to provide you with account aggregation services. We also require this information for the following specific reasons:
- Fulfil the FCA Record Keeping requirements;
- To provide you with your investor documents, such as suitability reports, key investor information documents and other policies;
- If you have consented to marketing communications:
- To let you know about any new products, services, offers and other relevant updates;
- To contact you for market research purposes;
- To let you know about updates in the market, new blogs and updates from our CEO;
In order to fulfil your contract we may have to provide selected third parties, with whom evestor has a legal relationship with, with your data. An example of this is when you wish to make an investment, we will provide Gaudi Regulated Services Limited (our product provider) with the necessary information in order to transact your investment through Winterfloods Securities (who buy and sell assets). If you are an evestor customer, some of your details will go to Yodlee Inc., who will enable us to add your external account information to your evestor account.
We will never share information which is not necessary for the transaction of your contract, or to fulfil our legal obligations. We have legal contracts in place with any company we share data with, so we know exactly how they store and use this information. We will never sell your data.
evestor is committed to ensuring that your data is secure. In order to ensure no unauthorised access or disclosure, we have implemented a range of physical, electronic and human measures to secure the information we gather, below are two examples of security measures we use:
- evestor’s Portal and App use 256 bit SSL encryption technology in order to keep any data transferred to and from us secure; and
- if you are inactive when using the evestor Portal or App for an extended length of time, you will be logged out automatically.
Removing your Data
GDPR introduced the ‘right to erasure’ which means you are able to ask companies to delete your data. However some companies, including evestor who are authorised and regulated by the FCA, have additional record keeping responsibilities. Below is a summary of how you can remove your data, if you no longer want to be an evestor customer, and the data which falls under the record keeping requirements:
- If you have setup an evestor account, but not received advice or requested an execution-only transaction you may be able to delete your data, however once you have received advice or requested any type of transaction on your account, we are bound by the record keeping requirements. This means that you can close your account, but we will have to keep some data in accordance with the FCA rules; or
- If you are an evestor customer, it is simpler as we do not store your external account information, so if you login to your App, delete your external accounts and then delete the App we do not hold any external account information. We will still hold basic information you used to setup your account, which follows the same rules as the evestor account point.
While evestor takes all possible measures in order to secure your account, we recommend you follow best practice to help keep things safe:
Password and Passcode
Never share your passwords, passcodes or any other login details with anyone else. We also recommend that you don’t store passwords, passcodes or any other login details on your device. In the event that you lose your device, or if you believe someone else may know your login details, please inform evestor immediately so we can stop the service on that device Get in touch with us as soon as possible if you feel someone may know your login details or if you lose your device. If you haven’t already, we also recommend that you setup a passcode or fingerprint recognition to access your device where possible (details of how to do this should be found in your device instructions).
We recommend not leaving your device unattended while using the App, or unlocked. Think carefully about when and where you access the App; try not to do so when people are able to look over your shoulder and see your screen. The App is designed for use on standard, unmodified devices; use of the App on a jailbroken or rooted device is entirely at the user’s own risk. evestor will always aim for the App to be updated in line with each major device operating system release; we recommend that you keep your device up-to-date with the latest version of the operating system available to you, together with any security patches as and when they are released.
Contact With evestor
evestor will never ask you to divulge your login and security details when we contact you. When you want to discuss account information, such as over webchat, we will ask you to answer security questions so you can be confident we won’t give out your details to anyone else. Always check the sender of emails and messages containing links, and be careful when opening any such links.
evestor And Cookies
You will be given the option to accept cookies when you use the evestor website.
Cookies let us monitor which pages you use, and how you use them. Consequently, the data we collect feeds into our ensuring our website remains as relevant as possible to our users. Cookies do not give us access to your device, nor do they give us access to any data other than that which you have expressly chosen to share with us elsewhere in the App or website.
You do not have to accept cookies, though failure to do so may stop you from getting the best experience from the evestor website.
Third Party Links
Your Personal Information
Your personal information belongs to you, and you can opt to restrict its collection or use. If you are filling in forms on the website, you have to give your explicit consent for us to send you direct marketing. If at any point you wish to change your preference for whether or not your information can be used for direct marketing, please contact us via the chat function on the website or email firstname.lastname@example.org. Alternatively, all of our marketing commuications contain the option to unsubscribe.
Should you believe any of the information we hold about you to be incorrect, please either make the necessary amendments via the App or Portal; if this is not possible, please contact us via the chat function on the website or email email@example.com.
Unless we either have your express permission, or are required by law to do so, evestor will not sell, distribute or lease your personal information to third parties.
Under the terms of the Data Protection Act 1988 and GDPR, you can request details of your personal information as held by us. To make such a request, please contact us via the chat function on the website or send an email to firstname.lastname@example.org.