Data Protection & Cookies
Purpose of This Policy
This Data Protection & Cookies Policy has been prepared to meet the requirements of the Data Protection Act 2018, the UK General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulations 2003 (as amended). It relates to the collection, protection, disclosure and use of personal data belonging to individuals who visit nswm.co.uk and also refers to the ‘Cookies’ we use, what they are and their purpose.
When you first visit this website, a cookie banner allows you to accept all cookies, reject all non-essential cookies, or set your preferences by category. Essential cookies are necessary for the website to function and are always active; non-essential cookies are only set where you have given your consent. You can change your choices at any time using the cookie settings on this page.
NorthStar Wealth Management Group Ltd is committed to protecting and respecting your data and your personal information. This Data Protection & Cookies Policy explains how we use any personal information we collect about you when you use this website. Whenever you provide such information, we are legally obliged to use it in line with all laws concerning the protection of personal information, including the Data Protection Act 2018 and the GDPR.
Data Governance
All information held and processed by NorthStar is covered by and subject to the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
In order to provide our financial planning and advice services to you, we are required to collect and process certain personal data. The primary lawful bases for this processing are contractual necessity (processing is necessary to provide the services you have engaged us to deliver) and legitimate interests (processing is necessary for the effective operation of our business, including regulatory compliance, record-keeping and the administration of your financial arrangements). Where we process your data for marketing or other optional purposes, we will seek your explicit consent separately. Your data will be used for the sole purpose of providing financial advice, administration and management.
‘Processing’ includes obtaining, recording or holding information or data, transferring it to other companies associated with us, such as product providers, the Financial Conduct Authority (FCA) or any other statutory, governmental or regulatory body for legitimate purposes, including, where relevant, to solicitors and/or other debt collection agencies for debt collection purposes and carrying out operations on the information or data.
Data Processing
When processing your data, we always abide by the following key principles:
- Your data will be lawfully and fairly processed in a transparent manner.
- Your data is collected on the grounds of explicit and legitimate purposes only.
- We will only ask for your data when necessary, explain if data will be shared and how long it will be kept.
- Your data will be accurate, kept up to date and erased, without delay, should your data no longer be required for the purposes to be processed.
- Your data will only be retained as long as necessary in accordance with our data retention policy (see below).
- Your data will be secure.
Categories of Data Recipients
In order to provide our services to you, we may share your personal data with the following categories of third parties:
- Relevant pension, investment, insurance and fund management providers used to administer your financial products.
- Financial planning and forecasting software providers used to model and analyse your financial position.
- Back-office administration systems used to manage client records and service delivery.
- Anti-money laundering and identity verification providers used to meet our regulatory obligations.
- Regulatory bodies including the Financial Conduct Authority (FCA), HM Revenue & Customs (HMRC), and the Financial Ombudsman Service (FOS), where required by law or regulation.
- Professional advisers such as solicitors, accountants, or other specialists where you have authorised us to liaise on your behalf.
- Artificial Intelligence (AI)-assisted software tools used to support document drafting, analysis, research, and meeting transcription as part of our service delivery (see below).
This list is not exhaustive. From time to time, we may share your data with other categories of third parties where this is necessary to provide our services to you or to meet our legal and regulatory obligations. We will only share data that is necessary for the specific purpose and will ensure appropriate safeguards are in place with each recipient. We will never sell your personal data to third parties.
Use of AI-Assisted Tools
We may use AI-assisted software tools to support certain aspects of our service delivery. This may include document drafting, analysis, research, and the transcription of meetings to produce meeting notes, action points and follow-up communications.
Where such tools are used, client data is anonymised or minimised before processing where practicable. All AI-generated outputs are reviewed by a qualified financial planner before being issued or acted upon. These tools are subject to data processing agreements with the relevant providers and are governed by our internal data handling procedures. No automated decisions are made about you or your financial arrangements using AI tools. A qualified financial planner is always responsible for reviewing, approving and taking accountability for all advice and communications.
Data Storage Locations
In order to provide services to you, we may be required to pass your personal information to parties located outside of the United Kingdom, including countries that do not have data protection laws equivalent to those in the UK. Where this is the case, we will ensure appropriate safeguards are in place to protect the privacy and security of your information, including the use of Standard Contractual Clauses, UK adequacy regulations, or other mechanisms approved under GDPR.
Sensitive Data
The information provided to us may contain sensitive personal data (as covered by the GDPR and the Data Protection Act 2018), including information that relates to your physical or mental health or condition; the committing or alleged committing of any offence by you; any proceedings for an offence committed or alleged to have been committed by you, including the outcome or sentence in such proceedings.
Protecting Data
NorthStar and any company associated with us treat all personal data and sensitive personal data as confidential and will not process it other than for a legitimate purpose associated with the service we provide to you. Steps will be taken to ensure that the information is accurate, kept up to date, and not kept for longer than is necessary. All third-party providers with whom we share your data are subject to appropriate data processing agreements or equivalent contractual safeguards.
Data Storage Duration
Your data will be retained in accordance with FCA regulatory requirements and our data retention policy. As a minimum, we will retain your records for at least five years after the end of our business relationship with you. For pension and retirement advice, records may be retained for significantly longer (potentially the lifetime of the product) given the long-term nature of these arrangements. We will not retain your data for longer than is necessary for the purposes for which it was collected, and data that is no longer required will be securely deleted or destroyed. Measures will be taken to safeguard against unauthorised or unlawful processing and accidental loss or destruction, or damage to the data.
Data Breach Notification
In the unlikely event of a personal data breach that is likely to result in a high risk to your data rights and freedoms, we will notify you without undue delay, providing details of the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address it. Where required, we will also notify the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of the breach.
Data Protection Responsibility
The Data Controller responsible for your personal data is NorthStar Wealth Management Group Ltd. Should you have any questions or concerns about how your data is handled, please contact: The Data Controller, NorthStar Wealth Management Group Ltd, Ocean Village Innovation Centre, Ocean Way, Southampton, Hampshire, SO14 3JZ.
Access to Data
Subject to certain exceptions, you are entitled to have access to your personal and sensitive personal data that is held by us. You will not be charged by us to supply your data; however, we do reserve the right to apply a ‘reasonable fee’ where requests are deemed excessive. We will respond to your request as soon as possible and within the maximum time frame of one month.
Your Data Rights
You are entitled to a number of key rights in relation to your data. These are:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights to automated decision-making and profiling.
Please ask us for an explanation of these data rights should you wish to have more information.
Communication and Marketing Rights
You have the right to opt out of any marketing or other communications at any time. Should you wish to opt out or discuss your communication and marketing rights, please contact: The Data Controller, NorthStar Wealth Management Group Ltd, Ocean Village Innovation Centre, Ocean Way, Southampton, Hampshire, SO14 3JZ. Alternatively, you may opt out using the ‘unsubscribe’ link provided in all email marketing communications.
Withdrawal of Consent
Where we process your data on the basis of your consent (for example, for marketing communications), you have the right to withdraw that consent at any time. Please note that withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal, and it does not affect processing that is carried out on other lawful bases such as contractual necessity or legitimate interests. Should you wish to withdraw consent, please contact: The Data Controller, NorthStar Wealth Management Group Ltd, Ocean Village Innovation Centre, Ocean Way, Southampton, Hampshire, SO14 3JZ.
Data Complaints
Should you believe your data has been wrongfully processed, stored or handled, you have the right to make a complaint with the Information Commissioner’s Office (ICO). Full details can be found at ico.org.uk/make-a-complaint/.
Use of Cookies
Cookies are small text files that are placed on your computer by websites you visit. Cookies help make this website work and provide information to us about how you interact with our website. We use this information to improve our website experience.
We use cookies to:
- Remember you when you visit this website and to keep track of your browsing patterns. This allows us to build up a profile of how you use the website. This helps us to improve the experience offered by our website.
- Make our website work as efficiently as possible.
This website uses first-party and third-party cookies for several purposes. First-party cookies are generally necessary for the website to function correctly, and they do not collect any of your personally identifiable data.
The third-party cookies used on this website are mainly for understanding how the website performs, how you interact with this website, keeping our services secure, supporting our own marketing and social media activity, and providing visitors with a better and improved user experience that helps speed up your future interactions with our website.
Most browsers allow you to turn off cookies. To do this, look at the ‘Help’ or ‘Options’ menu of your browser. Switching off cookies may restrict your use of the website and/or delay or affect the way in which it operates. You can also manage your consent for non-essential cookies at any time using the cookie settings on this page.
Cookies Used on this Website
Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and keep the site secure. They do not collect or store any personal information.
Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit, and so on. This data helps us understand and analyse how well the website performs and where it needs improvement.
Marketing: These cookies relate to our own marketing and social media activity. They help us understand the effectiveness of our marketing, and support relevant remarketing through platforms such as Facebook and Google when you visit other websites. The information stored in these cookies may also be used by the relevant third-party providers across their own networks.
Functional: These are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing content of the website on social media platforms.
Preferences: These cookies help us store your settings and browsing preferences, such as language preferences, so that you have a better and more efficient experience on future visits to the website.
Cookies used on this website:
| Cookie | Description |
|---|---|
| _fbp | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. |
| _ga | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
| _gat | This cookies is installed by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites. |
| _gat_gtag_UA_71261906_1 | This cookie is set by Google and is used to distinguish users. |
| _gid | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form. |
| _GRECAPTCHA | This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis. |
| CONSENT | These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video. |
| cookielawinfo-checkbox-advertisement | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement". |
| cookielawinfo-checkbox-analytics | This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics". |
| cookielawinfo-checkbox-functional | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Others". |
| cookielawinfo-checkbox-performance | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| fr | The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin. |
| IDE | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
| ls_smartpush | This cookie is set by the provider Litespeed Server. This cookie allows the server to store the settings and to improve performance of the site. |
| PHPSESSID | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
| ss | This cookie is set by the provider Eventbrite. This cookie is used for the functionality of website chat-box function. |
| st_samesite | No description |
| TawkConnectionTime | This cookie is set by Tawk.to which is a live chat functionality. The cookie is used to remember users so that previous chats can be linked together to provide better and improved service. |
| test_cookie | This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies. |
| VISITOR_INFO1_LIVE | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
| YSC | This cookies is set by Youtube and is used to track the views of embedded videos. |
| yt-remote-connected-devices | No description available. |
| yt-remote-device-id | No description available. |
Third Party Websites
This Privacy & Cookies Policy does not cover the links to websites owned and operated by third parties. Such websites have their own privacy policies, and are also likely to use cookies, and we therefore urge you to review them. They will govern the use of personal information you submit that may also be collected by cookies whilst visiting these websites. NorthStar Wealth Management Group Ltd does not accept any responsibility or liability for the privacy practices of any third party website, and your use of such websites is at your own risk.
Changes to This Data Protection & Cookies Policy
This Data Protection & Cookies Policy may be updated from time to time and is kept under regular review.
Further Information
Should you require more information about our Data Protection & Cookies Policy, or anything else covered on this page, please contact us.
Awards, Accreditations & Trade Associations
NorthStar is proud to be a member of the leading financial planning trade associations. Through a continued commitment to adhere to the highest professional standards and deliver exceptional service, NorthStar has received a number of awards and professional accreditations.
