Your privacy matters to us
To improve your online experience, we use cookies for enhanced functionality and analytics.
See our cookie policy and privacy notice for more information.
Privacy notice
Last updated February 2025
We understand that your privacy and the security of your personal information is extremely important. This notice sets out: what we do with your personal information; what we do to keep it secure; from where and how we collect it; how long we store it for; whether there are other recipients of your personal information; as well as your rights in relation to the personal information we hold about you. This notice contains some important information so please read it carefully.
Who are we?
Your personal information will be held by Simply Biz Services Limited, which is part of the Fintel Plc Group. Fintel Plc Group is made up of a mix of legal entities. Fintel Plc Group is currently made up of: Fintel Plc (-the holding company) and the following group companies (together “Group Companies” and individually “Group Company”):
|
ADV Data Holding Limited
|
Financial Intermediary and Broker Association Limited |
Mi Capital Research Limited |
Simplybiz Investments Limited |
|
AKG Financial Analytics Ltd |
Fintel Group Holdings Limited |
New Model Business Academy Limited |
Simply Biz Limited |
|
AKG Group Limited |
Fintel Group Limited |
Newdez Limited |
Simply Biz Mortgages Limited |
|
APS Legal & Associates Limited |
Fintel IQ Limited |
Owen James Events Limited |
Simply Biz Support Limited |
|
Capital Reward Limited |
Fintel IQ Services Limited |
Owen James Group Ltd |
Simply Biz Services Limited (including trading styles: Compliance First, Simply Protect and Consumer Credit Centre) |
|
Comparison Creator Limited |
Fintel Labs Limited |
Professional Finance Broking Limited |
Synaptic Software Limited |
|
Competent Adviser Limited |
Fintel Services Limited |
Project Eight Newco Limited |
Threesixty Services Limited |
|
Competent Adviser Training Limited |
Fintel Technology Limited |
Rayner Spencer Mills Research Limited |
Threesixty Services 2 LLP |
|
DD Hub Limited |
Gateway Surveying Services Limited |
Regulus Bidco Limited |
Verbatim Portfolio Management Limited |
|
Defaqto Ltd |
Jump Topco Limited |
SIFA Limited |
Vouchedfor Ltd |
|
Defaqto Group Limited |
Landmark Surveyors Ltd |
Simplybiz Asset Management Limited |
|
When we say “we” or “us” in this policy, we’re referring to Simply Biz Services Limited. Which of the other Group Companies receives your personal information may depend on the services you are using or who you are contacting. If you would like more information about which Group Companies process your data, you can contact us by one of the means set out in the “Contact Us” section below.
How do we get information?
Most of the personal information that we process is provided to us directly by you, but it may also be provided to us by people linked with you or your business, products or services, or people working on your behalf. Personal information is provided to us for one of the following reasons:
- You are a member
- You have made a complaint or enquiry to us
- You have participated in a member survey, or taken part in a competition or promotion
- You wish to attend or have attended an event
- You subscribe to an e-newsletter
- You have applied for a job with us
- You work for or have applied for a job with one of our members
- You are representing your organisation
- You visit our website(s) and consent to our use of cookies
What sorts of information do we hold?
- Information that you provide to us such as your name, address, date of birth, telephone number, email address, bank account and payment card details
- Any feedback you give to us, including by survey, app, phone, email, post, or when you communicate with us via social media
- Information about the products and services that we provide to you (including the way you use our products and services)
- Information required to make decisions about your application for certain products and services, (including those offered by our Group Companies), such as your employment details, financial position, information taken from identification documents such as your passport or driving licence, your insurance, criminal and medical history, and details about additional insured parties
- Your account login details for our services, including your user name and chosen password
- Information about whether or not you want to receive marketing communications from us
- Information about any device you have used to access our services (such as the make and model of your device, browser or IP address) and also how you use our services, including our apps and websites
- Your contact details and details of the emails and other electronic communications you receive from us, including whether that communication has been opened and whether you have clicked on any links within that communication
- Information from other sources, such as specialist companies that provide customer information (-including credit reference agencies, fraud prevention agencies, claims databases, marketing and research companies) and social media providers, as well as results of DBS checks and information that is publicly available.
- There are some special categories of personal information, relating to sensitive personal information. We will limit the collection and processing of sensitive personal information as much as is practically possible. We won’t collect or use these types of personal information without your consent, unless the law allows us to do so.
The legal basis for processing your personal information
We have to have a legal basis for processing your personal information. The legal bases upon which we rely include:
- Consent: You have agreed to us processing your personal information for a specific purpose.
- Legitimate interests: The processing is necessary for us to conduct our business, (but not where our interests are overridden by your interests or rights).
- Performance of a contract: We must process your personal information to meet the terms of your contract with us.
- Prevention of fraud: Where we are required to process your data in order to protect ourselves or our customers from fraud or money laundering.
- Legal claims: The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
- Legal obligation: We are required to process your personal information by law.
How do we use your information?
There are a number of ways in which we use your information, depending on why you are interacting with us.
- As a member
- As part of our service
If you apply to join us as a member, we will collect certain information about you including your name, phone numbers, email address, bank details and business address. We will also ask you about your business processes, financial information and for other information that is pertinent to the products or services you have applied for. We process this data to ensure we comply with our contractual obligations to you.
The data subjects of our members may vary based upon the type of business joining us. Data subjects may include directors, officers, sole traders, partners, financial advisors and employees.
We may share your information within Simply Biz Services Limited and where fair and lawful, with other companies in the Fintel Plc Group so that we can provide our services and run our business, including processing payments. - To provide access to software solutions
We use personal information such as your name and business email address to set up and administer access to both Fintel Plc Group Company and third party software solutions. Your personal information in this regard is processed on the basis of the contractual obligations we have with you. - To advise you of products and services
We use your personal information to market our services and products by phone, mail and email and this processing is conducted on the basis of our legitimate interests in providing our members with support. You can change your preferences on this marketing activity by contacting our Marketing Department.
We work with third party provider partners who provide products and services. Where you have provided your consent, we will share your personal information with provider partners in order that they may market their services and products by phone, mail and email. You can change your preferences on this marketing activity by contacting our Marketing Department. - Where you attend an event
We share personal information with third parties that contract with us and assist in delivering elements of an event, including an event venue, caterers, photographers, audio and visual companies. Dietary requirements and/or special access needs (as applicable) will be shared with event venue and/or caterers in order that we can properly provide our services and satisfy our obligations, including with regard to health and safety. We process this personal information on the basis of the contractual obligations we have with you.
We share personal information with third parties that contract with us and assist us in the presentation of an event, which may include event moderators, sponsors and speakers.
Unless you opt out, we may share your personal information in (a) an event participant list; and/or (b) in any event app used, including third party event apps, (-which event apps allow amongst other things event participants to provide and view personal data of other event participants for networking purposes).
We share your personal information with event moderators, sponsors and speakers for the purpose of them receiving feedback on events you may attend and so that they can provide you with further information on products or services that may be of interest to you. - To support you with running your business and remaining compliant
If you have asked us to provide you with certain services, such as completing your FCA registration, we may collect and process additional information, including identification documents, criminal history and financial information in order to do this. This personal information is processed on the basis of fulfilling our contractual obligations to you.
- As part of our service
- As a customer of a member
As part of the financial advice process that we provide to a member, our members will collect personal information from their customers, including name, address, telephone number, email address and financial information. The processing of this data will be covered under a customer’s agreement with their adviser, i.e. our member.
Our members will from time to time, share their customers’ information with us in connection with certain services that we provide to them, for example as part of our training and competency checks, or in relation to carrying out checks on their customers, including sanction checks. We will process this data only to satisfy our contractual obligation to our members. - As a Provider Partner, customer or a supplier
In order to work with Provider Partners, our other customers and suppliers, we will collect information such as the names, contact numbers and email addresses of relevant employees, discuss services and manage our contractual obligations. We may share this information within Simply Biz Services Limited and with other companies in the Fintel Plc Group, as may be fair and lawful so that we can run our business, including manage supply chains and services, as well as process payments. - If we have a legal obligation to do so
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable laws, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable laws.
How will you obtain my consent when required?
As outlined above, there may be instances where our basis for processing your personal data is that you have provided your consent, for example through acceptance on our website, or accepting our terms and conditions. In these circumstances, we will explain to you in writing what personal data we need and why, whether we need to disclose your personal data to any third party, who that third party is and why, how long we will store the personal data, your rights of access, your options for consenting, refusing to consent or withdrawing consent, and the implications of consenting, refusing consent or withdrawing consent. Please note that it is not a condition of engagement with us that you have to agree to any request for consent from us. We will only process your personal information without your knowledge or consent where this is required or permitted by law.
Sharing your information
We may share your information but will only do so when this is fair and lawful. We will not share your personal data with a third party organisation without a valid business reason, a contract or Data Sharing Agreement in place, or without your consent.
We may share your personal information with the following recipients:
- Provider Partners and service delivery companies that support us in the provision of products and services to you in connection with your membership
- Member firms for whom you work or have applied for a job with
- Companies who introduce you to us
- Third party service providers, agents and sub-contractors who help us provide services, e.g. IT support services and technology providers.
- Legal and professional advisors, including auditors
- Government bodies and agencies, e.g. HMRC
- Regulators, e.g. Information Commissioner’s Office, and Financial Conduct Authority
- Credit reference agencies
- Courts, to comply with legal requirements, and for the administration of justice
- Other parties, where we have your consent or as required by law
We may share or sell some information that doesn’t reveal your identity. We and other companies collect data and remove personal information so that individuals cannot be identified. We analyse the use and performance of products and services that are offered to our members. We create data insight reports with anonymised data which we have grouped together. These data insight reports may be created using anonymised information that we hold about you. We and our contractual partners, such as Provider Partners and other third party service providers can use these data insight reports to identify patterns and trends without knowing any personal identities.
Transfer of personal data outside the European Economic Area (EEA)
We do use a number of third parties to process your personal information on our behalf. We have processes in place to ensure those processors also maintain the security of your information.
We will not transfer your personal data to organisations outside the EEA unless that country or territory can ensure an adequate level of protection in relation to the processing of your personal data which provides protection to the same extent as in the UK and the EEA. If we do transfer your personal information to a non-EEA country, we will put in a place a contract with the recipient which means that they must protect the personal data to the equivalent standards as in the UK and EEA.
Visitors to our websites
We may use cookies and similar tracking technologies on our website and apps and in emails that we send to you.
For further information on cookies, analytics and our website, please see our Cookies Policy at: https://www.simplybiz.co.uk/legal/cookie-policy
We analyse how you respond to emails that we send to you. We review whether you have opened our emails to you, how many times you have opened those emails and whether you have clicked on any links within those emails.
Links to other websites
Where we provide links to websites of other organisations, this privacy policy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.
How long do we keep your data?
We retain your data primarily to meet statutory and regulatory obligations as well as for our legitimate interests. We will keep your personal information for as long as you are a member, or using one of our products or services, or are a contractual partner and in any event for up to 7 years afterwards. We retain your personal information so that we can respond to questions and complaints and comply with laws that apply to the keeping of records.
We may keep your personal information for longer than 7 years in some circumstances such as where we cannot delete it for legal, regulatory or technical reasons. In the event that we have anonymised your information and grouped it with other anonymised information for the purposes of creating data insight reports, we may use such information without further notice to you.
Your data protection rights
You have a number of rights under data protection legislation. The rights available to you depend on our reasoning for processing your information.
- Your right to be informed – You have the right to be informed about the collection and use of your personal information. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/the-right-to-be-informed/
- Your right of access – you have the right to ask us for copies of your personal information. This is referred to as a Subject Access Request (“SAR”). This right always applies. There are some exemptions, which means that you may not always receive all the information we process. For further information, please see: https://ico.org.uk/right-of-access and https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/subject-access-requests/
- Your right to rectification – you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-to-rectification/
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-to-erasure/
- Your right to restriction of processing – you have the right to ask us to restrict the processing of your information in certain circumstances. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-to-restrict-processing/
- Your right to data portability – This only applies to information you have given us. You have the right to ask that we transfer in electronic format, the information you gave to us, to another organisation, or give it to you. For further information please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-to-data-portability/
- Your right to object to processing – you have the right to object to processing of your personal data in certain circumstances. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-to-object/
- Your rights related to automated decision making, including profiling - Please note that your personal data is not subject to automated decision-making, including profiling. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/rights-related-to-automated-decision-making-including-profiling/
- Your right to withdraw consent – where we use your personal information because you have provided your consent, you have the right to withdraw that consent at any time. In the event that you withdraw your consent, we might not be able to provide certain products or services to you. We will inform you if that is the case. For further information, please see: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/lawful-basis/consent/
- Your right to complain – If you have any queries or concerns, please contact us, using the details in the “Contact Us” section below. If you remain dissatisfied, you can make a complaint about the way we process your personal information. For further information, please see: https://ico.org.uk/for-the-public/how-to-make-a-data-protection-complaint/
You are not required to pay any charge for exercising your rights. We have one month to respond to you.
Contact Us
If you would like to make a query, request, or a complaint about the way we have processed your personal information, you can contact us directly:
- By writing to us at our registered address: Fintel House, St. Andrews Road, Huddersfield, West Yorkshire, HD1 6NA
- By emailing us at: DPO@fintelplc.com
- By telephoning us on: 01484 439 100
Complaint to the Information Commissioner’s Office
If you are not happy about the outcome of a complaint, you can contact the Information Commissioner’s Office:
Postal address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
SK9 5AF
Helpline telephone number: 0303 123 1113
For further information, please see: https://ico.org.uk/make-a-complaint/data-protection-complaints/