This privacy statement describes how Opulus Financial and our family of companies including our affiliates and subsidiaries (collectively “Opulus Financial” or “we”, “our” or “us”) is committed to protecting the security and privacy of all personal information or data collected from you. We therefore conduct our business in compliance with applicable laws on data privacy protection and data security. This privacy statement tells you what to expect when we collect and process your personal information.
We try to meet the highest standards when processing your personal information. The data controller who is responsible for how we handle your personal information is the Opulus Financial entity with whom you have a legal agreement with being Opulus Financial.
Questions, comments and requests regarding this privacy statement are welcomed and should be addressed to email@example.com
Information we may collect from you
We may ask you to provide certain information about yourself when you use our website or are in contact with us about the services and activities we provide (whether it is by telephone, email via the forms on our website, through applications or platforms we use, through our social media platforms or even face to face). The information collected may include:
- Details in relation to your identity such as your name, occupation and job title and those of your co-workers
- Contact details including your postal/e-mail address and phone number
- Transaction details about services we have provided to you
- Financial details in relation to any services provided by us including addresses for invoices and/or card payment or bank payment details
- Profile details from documents you complete on-line such as your username and password, preferences and interests
- details of your visits to our website including but not limited to traffic data, location data, weblogs and other communication data and the resources that you access or use
We will generally not collect sensitive data from you via our website. Sensitive data is personal information which includes your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic or biometric data, or information concerning your health or mental wellbeing or sexual orientation. Given the nature of the services we provide it is extremely unlikely that we will need to collect any sensitive data about you. Where we do require to collect and process such sensitive data to provide services to you we will notify you in advance and will request your express consent in writing to process such sensitive data.
If you do not wish us to collect any of the personal information stated above, you should discuss this with us. We can explain the reasons for collection and discuss the consequences of not providing the information or of providing partial or incomplete information and the effect this may have on our ability to provide our services.
Uses Made of Your Information
By law we can only process your information if we can demonstrate the lawful grounds we have for doing so. Currently there are six potential lawful grounds for processing personal information, namely
- we have your consent;
- it is necessary for performance of a contract to which you are a party or to take steps at your request prior to entering into such contract;
- it is necessary for our compliance with a legal obligation;
- it is in the public interest;
- it is necessary to protect your vital interests; or
- that it is in our legitimate interest to do so but only where that interest does not override your interests or your fundamental rights and freedom.
If none of these grounds apply or they cease to apply we must cease processing your personal information immediately.
We will only retain your personal information for as long as is necessary in line with the purposes for which it was originally requested or collected or where we are required to do so for some legal or reporting purpose.
In working out how long we retain personal data we look at the type of personal data involved, the purpose of processing, how sensitive or confidential the data is and at legal and commercial considerations including any legal obligations we have. By way of example by law we are required to keep accounting records for six years after end of the year in which the last transaction occurred. This means that we will be required to keep some basic client details for that purpose even although our relationship with you may be at an end. However, it should be noted that the requirement is basic client details and therefore it is not legitimate to also keep information such as your preferences for that period of time.
If you have any questions relating to either retention periods or require more detail on the purposes of processing or the specific reason or legal grounds we are relying on for that processing then please contact us for additional information.
Sharing Your Information
We will not sell the personal information that we collect from you and will only use it for the purposes set out in this privacy statement. We may share your personal information with the following parties: –
- Service providers who provide us with IT and administration services such as our IT Support and back up provider and webhosting company, our CRM database provider and social media and marketing services providers;
- Regulatory authorities who require reporting of our activities by law such as the tax authorities and the FCA;
- Affiliates and associated legal entities within our family of companies but only for purposes which are consistent with this privacy statement; and
- Professional advisers such as our lawyers, accountants, bankers and insurers.
All third parties with whom we share your data are required to protect your personal data, treat it confidentially and to process it in accordance with the law. Where we use third parties we will take all reasonable steps to ensure that they are GDPR compliant and in particular that: –
- they have adequate technical and other measures in place to ensure the security of your personal information;
- they only use it for specified purposes;
- any employees or contractors who have access to the information are adequately trained and deal with it on a need to know basis only; and
- they act only in accordance with our instructions.
IP Addresses and Cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns and does not identify any individual. Where we use third party providers such as Google Analytics although these third-party services record data such as your geographical location, device, browser and operation system none of this information identifies you to us. We do not make and do not allow these third-party services to make any attempt to find out the identities of anyone who visits our website.
We also use tracking technology to understand how you interact with content in our emails. This tracking technology allows us to know if the email has been opened and if so how many times which links have been clicked on and whether or not you have shared our content to social media.
We may provide you with information on the services that we may provide. This is regarded as marketing activity. We will only market to you where: –
- you have specifically requested marketing information from us; or
- we have previously provided services to you; or
- you have consented by way of ticking a box or opting in to receiving marketing from us.
If you have opted out of marketing, we will not send you any future marketing without your consent.
Security of Personal Data
We take information security very seriously. Your information and records will be stored securely to ensure privacy of your personal data. We take all reasonable steps to ensure that there are technical and organisational security measures in place to protect your personal data from unauthorised access to or disclosure, and against loss or accidental damage or unauthorised alteration. Staff handling your personal data are also adequately trained in relation to the legal requirements for handling personal data. These include robust procedures for dealing with breaches including incident reporting and notifying the national supervisory or data protection authorities, and where appropriate you, of any breaches, the consequences of the same and the remedial action taken.
If you are based in the EU then where possible the information you provide us with will be held within the European Economic Area (“EEA”) or within the UK.
If you are based in the EU we would point out that countries outside of the EEA do not always have similar levels of protection for personal data as those inside the EEA. The law provides that transfers of personal data in respect of EU based individuals outside of the EEA is only permitted where that country has adequate safeguards in place for the protection of personal data. Some types of processing may use cloud solutions which can mean information may sometimes be held on servers which are located outside of the EEA or may use processors who are based overseas.
Where we use cloud-based services or third-party providers of such services and in either or both circumstances the data is processed outside of the EEA if you are an EU based individual that will be regarded as an overseas transfer. Before instigating an overseas transfer, we will ensure that the recipient country and/or processor has security standards at least equivalent to EU standards and in particular one of the following permitted safeguards applies: –
- The country in question is deemed to have adequate safeguards in place as determined by the European Commission; or
- There is a contract or code of conduct in place which has been approved by the European Commission which gives your personal information the same protection it would have had if it was retained within the EEA; or
- If the overseas transfer is to the United States, then the transferee is a signatory to the EU-US Privacy Shield as all Privacy Shield signatories are obliged to give your personal information the same degree of protection it would have had if it was retained within the EEA.
If none of these safeguards exist, then we may seek your explicit consent for an overseas transfer. In line with your rights as an individual you are free to withdraw this consent at any time.
In respect of personal information collected in respect of non-EU based individuals or services which are not performed within the EU we will also ensure where possible this meets the GDPR standards unless these conflict with local data protection laws. However, you should be aware that if the country you reside in or are a citizen of is outwith the EU and the services you request are being performed outwith the EU and your personal information is being stored there then that personal information may be in a jurisdiction in which the data protection and privacy laws may not offer the same level of protection as provided under the GDPR.
In certain instances, you have rights as an individual which you can exercise in relation to the information we hold about you. These rights are:
- the right to restrict processing of your personal data;
- the right to rectification or correction of your personal data;
- the right to object to processing of your personal data;
- the right of erasure of personal data (also referred to the right to be forgotten);
- the right not to be subject to a decision based solely on automated processing or profiling;
- the right to transfer your personal data (also referred to as the right of portability)
- the right to withdraw your consent to processing your personal data; and
- the right of access to your personal data.
Additional information about these rights can be found on the Information Commissioner’s website at www.ico.org.uk/for-organisation/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Access to Personal Information
We try to be as open as we can in giving people access to their personal information. You can make a subject access request at any time about the personal information we process about you. Any request requires to be in writing and is not subject to any charges or fees. If we do hold any personal information about you, we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it has or will be disclosed to;
- the source of the information (if not you);
- where possible, the period for which it will be stored; and
- let you have a copy of the information in an intelligible form
We will respond to a subject access request within 30 days. On occasion we may need additional information from you to determine your identity or help us find the information more quickly. Where the information you have requested is complex we may take longer than this but shall keep you advised as to progress should this be the case.
We would prefer to resolve any issues or concerns you may have direct with you. If you feel you are unable to resolve matters by contacting us direct or are you are unhappy or dissatisfied with how we collect or process your personal information you have the right to complain about it to your national data protection authority. For example, the Information Commissioner is the statutory body which oversees data protection law in the UK where N4 have their corporate headquarters. They can be contacted through www.ico.org.uk/concerns.
Changes to this Privacy Statement
We keep our privacy notice under regular review. This privacy notice was last updated on 09 June 2022.
Please note that these Terms are for the use of our website only and that if you wish to conduct business with us that will be governed by a separate contract between us.
This website and its content are provided for general information only and not intended for use without professional advice. Whilst every effort has been made to ensure the content on this website to be true and accurate and up to date, the law and regulations change continually, and unintentional errors can occur. All content is provided “as is” and we give no assurances or warranty regarding the accuracy, completeness or currency of any of the content or the suitability of the same for any particular purpose. Your use of the information and materials on this website is entirely at your own risk. Nothing in this website constitutes financial, legal or other professional advice nor is it intended to be a substitute for these. It is your own responsibility to ensure that any information available through this website meets your specific requirements. Please therefore do not act directly on anything you read but contact us for advice on your specific circumstances.
We do not warrant that access to this website will be uninterrupted or entirely error free. Whilst it is our policy to virus check documents and files before they are posted on this website, we cannot guarantee that documents or files downloaded from this website will be free from viruses and we do not accept any responsibility for any damage or loss caused by any virus. Accordingly, for your own protection, you must use virus-checking software when using this website.
This website is protected by copyright and database rights. Unless otherwise stated the copyright and all other intellectual property rights in all other material on the website (including without limitation photographs and graphical images) are owned by us or our licensors. Permission is given for the downloading and temporary storage of one or more of these pages for the sole purpose of viewing them on a stand-alone personal computer or monitor for your private use or for non-commercial research. Permanent copying or storage of any of these pages (or any part thereof) or the re-distribution thereof by any means (including publishing or incorporating them in any other website or electronic information or retrieval system) is not permitted without our prior written consent. In particular you are not allowed to modify any downloaded documents or related graphics nor use any graphics separate from the corresponding text. Nothing in these Terms constitutes a licence to use or copy any part of the website except as expressly provided for herein. All rights not hereby expressly granted are hereby reserved.
If you breach the terms of this provision, your permission to use this website automatically terminates and you must immediately destroy any downloaded or printed extracts from the website.
Your Use of The Website
You warrant to us that when using the website you will not:
- Copy, alter, modify or delete any of its content;
- Introduce any computer viruses, macro viruses, trojan horses, worms or anything else designed to interfere with, interrupt or disrupt the normal operating procedures of a computer or surreptitiously to intercept, access without authority or expropriate any system, data or personal information; or
- Cause the website to be interrupted, damaged or rendered less efficient such that the effectiveness or functionality of the website is in any way impaired.
Use of this site by you for any purpose which may be unlawful in the United Kingdom or in your jurisdiction, if you are located out with the United Kingdom, is strictly prohibited and you agree to keep us fully indemnified against any claims, losses, liability, damages or expenses arising out of misuse by you of any part of this website or of the information or materials contained in it.
This website may, from time to time, provide links to, and content from, other Internet sites and resources. However, given that monitoring the amount of information disseminated and accessible via those sites and resources is impractical and beyond our resources such information cannot be guaranteed to be accurate and up to date and is not endorsed by us. If you decide to access any third-party websites linked to this website, you do so entirely at your own risk. If you use the links to leave this site and visit a website operated by a third party, we do not have any control over that website. Accordingly, we cannot be responsible for the protection and privacy of any information which you may provide while visiting such websites. In every case you should exercise caution and look at the privacy statement applicable to the website in question.
Links by you to this website, and specifically framing or deep linking may only be permitted if you first obtain our express written consent and will be subject to such conditions as we may see fit to impose.
We expressly exclude liability and responsibility for any amount or kind of loss or damage (including without limitation any direct, indirect, punitive or consequential loss or damages, any loss of income, profits, goodwill, data, contracts, use of money, or loss or damages arising from or connected in any way to business interruption and whether in delict or tort (including without limitation negligence), contract or otherwise) in connection with the use of this website or in connection with the use, inability to use or the results of use of the website, any websites linked to the website or material on such website including but not limited to loss or damage due to viruses that may infect your computer equipment, software, data or other property on account of your access to, use of, or browsing the website or your downloading of any material from this website or any websites linked to the website.
Nothing in these Terms shall exclude or limit our liability for death or personal injury caused by negligence, fraud, misrepresentation as to a fundamental matter or any liability which cannot be excluded or limited under applicable law.
Use of data that you provide to us is governed by our privacy statement.
If we fail to exercise or delay in exercising any right or remedy under the Terms or by law, that will not constitute a waiver of our rights or remedy nor shall it prevent us from exercising that right or remedy in whole or in part in the future.
If any provisions of the Terms (or part of a paragraph or provision) is found by any court to be invalid, unenforceable or illegal the other provisions shall remain in force.
This website is operated and controlled from the United Kingdom and the Terms and your use of this website are governed by and construed in accordance with the laws of Scotland and shall be subject to the exclusive jurisdiction of the Scottish Courts.