Privacy
We are committed to protecting your personal data. We’ll use your information for a number of different purposes, for example to provide our services to you and to meet our legal and regulatory obligations. By your ‘personal data' we mean any information about you that you or third parties provide to us.
This policy, together with our terms of service and our Cookies Policy, sets out the basis on which your personal data will be collected and processed by us.
We are a data controller in respect of personal data that we process in connection with our business (including the products and services that we provide). In this policy, references to “we”, “us”, “our” or “Interactive Investor” are references to Interactive Investor Services Limited.
Full details of the companies in our group are available on request. Our contact details (including the contact details of our Data Protection Officer) are set out at the end of this policy.
To get the best from our services, please keep your personal data (including your email address) accurate and up to date. You can do this via our Security Hub at https://www.ii.co.uk/security-hub or by contacting us at the address or telephone number given at the end of this policy.
Please take the time to read this policy carefully. In opening an account with us and/or providing any personal data to us via our website, you acknowledge that your personal data will be used in accordance with our terms of service, our Cookies Policy and this policy.
By accessing, browsing or otherwise using our website you confirm that you have read and agree to this policy. If you do not agree with any part of this policy, you should not use our website or use our services.
We reserve the right to change the contents of our website, our terms of service, the Cookies Policy and/or this policy at any time, by posting such changes on our website. It is your responsibility to familiarise yourself with these resources to ensure you are aware of any changes. Your continued use of our website following the posting of any such changes will constitute your acceptance of the revised terms.
This policy was last updated on 22 November 2023.
Contents
- Why have a privacy policy?
- What personal data do we collect about you and how?
- How do we use your personal data?
- Data retention
- What is the legal basis upon which we deal with your data?
- Marketing
- Credit reference, fraud prevention agencies, regulators and tax authorities
- Cookies
- Who is your personal data shared with?
- Safeguarding your personal data
- Sale of the business
- Third party links
- Your rights and contacting us
- Complaints
1. Why have a privacy policy?
Information that identifies or can be used to identify a living individual is known as "personal data." All organisations processing personal data must do so fairly and in accordance with all applicable data protection laws. This includes the obligation for us to tell you how we will use your personal data. We treat all of our legal obligations seriously and take all steps necessary to ensure compliance when storing and processing your personal data.
2. What personal data do we collect about you and how?
We may collect the following information about you:
- Your contact details such as your name, address, telephone number and email address;
- Your date of birth, nationality, country of birth, country of residence, employment status and tax identification number (e.g. National Insurance Number);
- Passport details, driving licence and utility bills;
- Details of the services you request from us; and
- Certain additional information which may be necessary in order for us to provide particular services to you.
We collect your personal data in a number of different ways, including (but not limited to) the following:
- If you provide it when communicating with us (for example when registering for our services);
- If you order any of our products or services;
- If you enter a competition or promotion;
- If you make payments or modify your account details; and
- When you visit our websites (for example by cookies, your IP address and other browser-generated information). More information is provided in our Cookies Policy which can be found at www.ii.co.uk/cookies.
We record all service calls for quality and training purposes, to enable us to deal effectively with queries and complaints and, in the case of calls where customers place transactions on regulated markets, in order to comply with our regulatory obligations.
In most cases, you are not obliged to provide any personal data to us, but if you have requested information or you have ordered a service from us, we must obtain, and it is a contractual requirement for you to provide, certain information so that we can verify your identity and in order for us to meet our legal obligations. Please see section 7 below for further details.
Some of the information that we collect about you or which you provide to us about you or your family members may be special category data for the purposes of applicable data protection laws. Special category data includes information about physical and mental health, sexual orientation, racial or ethnic origin, political opinions, philosophical belief, trade union membership and biometric data. We take special care of this data in accordance with applicable data protection laws.
3 . How do we use your personal data?
We retain and use your personal data for some or all of the following purposes:
- Security, payment verification, insurance, debt tracing and debt recovery;
- Dealing with any queries, complaints or problems reported by you;
- Enabling you to participate in our promotions and competitions;
- Enabling you to participate in the interactive features of the website and ensuring content from our website is presented in the most Effective manner for you and your computer or device;
- Notifying you about changes to our service and/ or the terms on which the services are provided;
- To ensure the proper operation of our systems;
- To keep our client records up to date;
- To better understand your requirements and provide you with services specific to your needs;
- To comply with applicable laws where we are obliged to retain and/or disclose certain information;
- Generating statistics on our users, such as the popularity of certain of our services and about the "traffic" visiting our websites in order to improve our services to you; and/or
- To provide you with information about goods or services we feel may interest you in accordance with applicable laws (please see further details on our marketing activities at section 6 below).
Automated Decisions
As part of our account-opening process we will carry out automated checks using your personal data, such as your name, postal address, date of birth, telephone numbers and employment status. These checks include credit checks, identification verification checks and financial crime checks and involve our obtaining information (such as your credit history) from credit reference agencies and any records held by financial crime prevention agencies, the Electoral Register, and providers of utility services. We need to carry out these checks in order to meet our obligations ‘Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017’ (the MLRs) and any other applicable legislation. The information obtained from these checks is used by us (together with information provided by you in your application) to build a ‘scorecard’ relating to the applicant which is used to determine if an account can be opened, whether further information is required or the application is rejected, based on factors such as whether we have been able to verify your identity and any records relating to financial crime. We will process all such information in accordance with applicable data protection laws.
4. Data Retention
We will only keep your personal data for as long as we need to in order to fulfil the relevant purpose(s) it was collected for, as set out above in this privacy policy and for as long as we are required to keep it by law. We retain copies of our customer contracts in order to enable us to deal with any legal issues along with the information provided to us for identification verification checks and anti-money laundering checks (as required by law) for 6 years after termination or expiry of our contract with you. Details of complaints are retained for 5 years from receipt in accordance with the DISP chapters of the FCA Handbook and telephone call recordings are retained for five years or longer if required by law or the FCA. If you have a query in relation to how long we retain your personal data for, please contact us using the contact details provided below.
6. Marketing
We (or a third party acting for us) may use the information you provide us with to keep you informed about products and services which we believe you may be interested in, carry out market research and/or to review how you use your account in order to maximise customer engagement and assess customer satisfaction. This information may be sent to you by e mail, SMS, other electronic means, telephone and/or post.
In most cases, we will only conduct such marketing activities where we have obtained your consent, a third party has obtained consent on our behalf or otherwise in accordance with applicable laws. Depending on the nature of the consent collected, we (or a third party acting for us) may carry out targeted electronic marketing based on, for example, location or profiling data.
In some circumstances, we may rely on a provision contained in Article 22 (3) of the ‘Privacy and Electronic Communications (EC Directive) Regulations 2003’ (PECR). This is also known as the ‘Soft Opt-In’. You can find out more about it on the ICO website, here:
In summary, the Soft Opt-In allows a business send direct marketing providing it has obtained the contact details of the recipient in the course of establishing a service relationship (or the sale of a product), the marketing is in respect of similar products and services and the legitimate interests balancing test set out in section 5 is met.
In such circumstances, we will provide you with a simple means of opting-out of such marketing at the time that we collect your contact details and in any subsequent communications.
The Soft Opt-In cannot be used to promote third party products and services.
If you do not want to receive any marketing communications from us, you can unsubscribe when we initially obtain your details, or by contacting us in writing at any time or by opting out by following the opt out instructions on our website or app or contained in the relevant telephone, SMS, other electronic means, post, or email marketing communication.
Please note that your opting out of marketing communications will not prevent us from continuing to communicate with you as necessary to manage your account (such service messages may include, for example, where we consider it suitable or proper, in the circumstances, to make you aware of economic matters which may require your attention, and that you may otherwise have been unaware). Please refer to www.ii.co.uk for details of our products and services. Any such opt-out requests will not affect the running of your existing account or the services you request from us, in respect of which we will still process your personal data in accordance with this policy.
7. Credit reference, fraud prevention agencies regulators and tax authorities
If you apply to open an account with us or where you apply for additional services, we will make searches about you at credit reference agencies who will supply us with credit information, as well as gathering information from the Electoral Register and providers of utility services for the purposes of credit risk reduction – these checks will include but will not be limited to ID verification and anti-money laundering checks. You are obliged to provide us with the personal information which we need to carry out these searches. If you object to us carrying out these searches, we will not be able to provide you with the services you requested from us. The agencies will record details of the search whether or not your application with us proceeds. We may make periodic searches of our records and those of Group companies, credit reference and financial crime prevention agencies, to manage your account with us (including but not limited to enabling the repatriation of lost assets where possible). We and other organisations who may be from other countries may access and use the information recorded by financial crime prevention agencies.
We may give details of your account and how you manage it to credit reference agencies. If you do not repay sums due in full and on time, we may tell credit reference agencies who will record such details.
To prevent or detect financial crime, or to assist in verifying your identity in order to fulfil our legal obligations, we may make searches at financial crime prevention agencies. We may also pass information to financial and other organisations involved in financial crime prevention to protect ourselves and our customers from theft and fraud. If false or inaccurate information is provided and financial crime is identified or reasonably suspected, details will be passed to financial crime prevention agencies who will record this. Law enforcement agencies may access and use this information. We, other Group companies, and other organisations may also access and use this information to prevent financial crime, for example, when:
- Checking details on applications for credit, credit related services or other facilities;
- Managing credit and credit related accounts or facilities;
- Recovering debt;
- Checking details on proposals and claims for all types of insurance; or
- Checking details of job applicants and employees.
We will process all such data in accordance with applicable data protection laws but please note that:
- We may disclose your personal information to third parties, the court service, regulators, or law enforcement agencies in connection with enquiries, proceedings, or investigations by such parties anywhere in the world or in order to enable us and other relevant Group companies to comply with their regulatory requirements or dialogue with its regulators as applicable; and
- International regulations regarding the automatic exchange of information require financial institutions to collect and report certain information about an individual’s tax residency. We may be legally obliged to pass on your personal information to tax authorities who may, under inter-governmental agreements, exchange this information with tax authorities in other jurisdictions.
You have a right of access to your personal records held by credit reference and financial crime prevention agencies.
- The identities of the credit reference agencies we use, their role, the data they hold, the ways in which they use and share personal data, data retention periods and your data protection rights are explained in more detail on their respective websites:
TransUnion - Credit Reference Information Notice (CRAIN) | TransUnion UK
Equifax - Credit Reference Agency Information Notice (CRAIN) | Equifax UK
Experian - Credit Reference Agency Information Notice (CRAIN) | Experian
- Please contact our Data Protection Officer using the details at section 13 below if you want to receive details of the relevant financial crime prevention agencies.
8. Cookies
Our website uses cookies to allow customers to access the services and to give us an overall view of visitor habits and visitor volumes. To view more information on what cookies we use and how we use them, please review our separate Cookies Policy which can be found at www.ii.co.uk/cookies
9. Who is your personal data shared with?
We may disclose your personal data to:
- Entities within our Group;
- Law enforcement bodies and/or other regulatory entities in order to comply with any legal obligation;
- Third parties who we use to carry out the checks that we need to carry out on you, such as identification verification, account verification, anti-money laundering checks, including financial crime prevention agencies and utility companies, and as specified in the terms of service;
- Other parties who help us to deliver the services to you who may be located in or outside the UK or European Economic Area (EEA);
- Third parties for marketing purposes subject to the limitations set out in section 6;
- Third parties to run, develop and/or grow our business, when it is in our legitimate interests to do so;
- Third parties who we partner with for the provision of our shareholder voting service (subject to you meeting our eligibility criteria for the service from time to time). Your personal data will be processed by these parties only to the extent necessary for the provision of the shareholder voting service. You can opt out of this service at any time by changing the settings in the Personal Details and Preferences section of your online account; and
- Your employer (or the employer of a person who you are connected to) and/or an agent designated by your employer, if required by law or regulation which the relevant employer is subject to and you have consented to such data sharing.
For account verification, we use a third party supplier, TransUnion. You can find Transunion’s privacy policy at the following link: https://www.transunion.co.uk/legal-information/bureau-privacy-notice.
Third parties who we share your personal data with may only use it for the purposes set out in this policy and in accordance with all applicable laws.
If we transfer your data outside of the UK or EEA, we will always ensure that appropriate controls are in place to protect your data in accordance with applicable data protection laws.
For details of the potential transfers of or access to your personal data within or outside of the UK or EEA and the safeguards that we have in place when transferring, or allowing access to, your personal data, (and for a copy of the safeguards, where applicable) please contact our Data Protection Officer via email at dataprotection@ii.co.uk or using the postal address given at the end of this policy.
Your information may also be collected and used by any of the parties detailed in this section.
10. Safeguarding your personal data
We take all reasonable care in the collection, storage, processing and disclosure of your personal data and have implemented internal security procedures to minimise the risk that unauthorised parties will be able to access and misuse the information. It is because of these security procedures that we may ask for proof of identity before we disclose any personal information about you.
For more information and top tips please visit www.ii.co.uk/security.
11. Sale of the business
In the event that we are sold (fully or partially), integrated with another business or dispose of our rights and obligations under any agreement with you, your records may be disclosed under appropriate confidentiality terms to our advisers and any prospective purchaser’s adviser, and will be passed onto the new owners in accordance with all applicable laws.
In the event that we buy any business or assets, we may disclose your personal data to the prospective seller of such business or assets under appropriate confidentiality terms and in accordance with all applicable laws.
12. Third Party Links
Please bear in mind that this policy only applies to websites and services operated by us and not those operated by third parties, including those to which our websites may link. We suggest that you make yourself familiar with any privacy policy provided by such third- party websites before providing personal information about yourself.
13. Your rights and contacting us
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information, as follows:
- To ask us not to process your personal data for marketing purposes;
- To access personal information held about you and to obtain a copy of it (Please note: If you require information about your account and/or about any services we have provided to you, please contact our Customer Services team in the first instance. In most cases, we should be able to provide the information you require, and this will typically be quicker than submitting a Data Subject Access Request (DSAR));
- To prevent any processing of a record of personal data that is causing or is likely to cause unwarranted and substantial damage or distress to you or another individual;
- To obtain the rectification or completion of records of personal data which are inaccurate or incomplete;
- To restrict or object to the processing of your personal data and to request its erasure under certain circumstances. Please note that we will not be able to erase personal data where we have a legal obligation to retain such data or if we need to hold onto such data for other legitimate purposes e.g. defending any potential legal claim. In most cases, this means that we need to retain all or some of your personal data for 6 years after the closure of your account with us;
- In certain circumstances, to request that the personal data which you have provided to us, be transmitted to another data controller in a structured, commonly used, and machine-readable format without hindrance, where technically feasible;
- To obtain a copy of personal information safeguards used for transfers outside your jurisdiction;
- To lodge a complaint about the way in which your personal data is being shared with a supervisory authority; and
- Where we rely on your consent to use your personal data, you have the right to withdraw that consent at any time.
If you wish to exercise any of the above mentioned rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing personal information to you. We reserve the right to charge a fee where permitted by law, for example if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us using the details below. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
Please note that we may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally permitted to deal with the request in a different way.
If you have any queries about this policy or our use of your personal data, please contact our Data Protection Officer at dataprotection@ii.co.uk or in writing at:
Interactive Investor
201 Deansgate
Manchester
M3 3NW
If you have any queries about any of our terms of service documents or the website in general, do not hesitate to contact us at:
Customer Services
Interactive Investor
201 Deansgate
Manchester
M3 3NW
Tel: 0345 607 6001
Email: interactivehelp@ii.co.uk
14. Complaints
If you have any concerns or complaints as to how we have handled your personal data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us or by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.