By ‘We’ or ‘Us’, we mean ‘FF Bequest Limited’ trading as ‘Bequest’ (Companies House Number: 12367897). By “You” we mean the customer or individual who has accessed our service. We are a company registered in England and Wales. Registered Address: Founders Factory, Northcliffe House, London, United Kingdom, W8 5EH. We are authorised and regulated by the Financial Conduct Authority and our Firm Reference Number (‘FRN’) is 923791.
Who is the data controller?
How you can contact us
Full name of Legal Entity: FF Bequest Limited
Postal Address: FF Bequest, Level 4, Northcliffe House, Young Street, London, W8 5EH, UK.
Telephone Number: 02039165433
Your right to complain to the supervisory authority
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contacting us in the first instance.
What information do we collect from you?
Providing our services
We may collect, use, store and transfer different kinds of personal information about you if you enquire about, or purchase, the products and services that we offer, and if you subscribe to our newsletter and/or email notifications. This may include:
- Identity Data: First name, last name, maiden name, marital status, date of birth, gender, account username and account password.
- Contact Data: Current address, previous addresses and post codes, email address and telephone number.
- Transaction Data: Information relating to payments made through our website (securely collected and processed by our bank or payment provider), details of products and services you have engaged us for.
- Technical Data: Internet Protocol (IP) address, browser type and version, timer zone setting and location, browser plug-in types and versions, operating systems and platform and other technology on devices you use to access the website
- Profile Data: Information to understand the services you’ve engaged, your interests, preferences, feedback and analysing the data you have provided as part of the service to improve our services, marketing, customer relationships and experiences.
- Usage Data: Information about how you use our website, products and services.
- Marketing and Communications Data: This includes your preferences in receiving marketing from us and any third parties, as well as your communication preferences.
Special Categories of Personal Data
We may collect data relating to your health to ensure we can tailor and adjust our services to your needs and circumstances. We will obtain your consent to obtain and store this data for the sole purpose of delivering our services.
We do not collect any other “special categories” of personal data about you. Nor do we collect any information about criminal convictions and offences.
If you do not provide Personal Data?
You are not required (by law or by any contract with us) to provide personal information to us via our website. We will only require you to provide personal information to us where it is necessary for us to provide you with a service at your request.
Where we need to collect personal data by law, or under the terms of a contract we have entered with you, and you fail to provide the data when requested, we may not be able to perform the contract with you (for example, to provide you with goods or services). In this case, we may have to cancel the services and the contract you have entered into with us. As is your right to be informed, we will notify you of any change or cancellation deemed necessary.
How is your personal information collected?
We have different methods of collecting data from and about you, including via:
- Direct Interactions:
- Engage our services;
- Provide us with feedback; or
- Request marketing to be sent to you.
- Automated Technologies or interactions
- Third Parties or publicly available sources
- information we receive about you if you use any of the other websites that we operate or the other services that we provide;
- information from third parties that we work with to provide our services, such as technical support companies; and
- information you have shared publicly, including on social media.
You may provide us with your Identity Data, Contact Data and Transaction Data by completing online forms or by corresponding directly with us via telephone. This includes personal data you provide when you:
We may receive personal data about you from other sources, including:
How do we use your personal information?
- Enable you to use, and provide you with information about, our website.
- Contact you about any changes that we make to our website.
- Verify your identity.
- Deal with any complaints you may have.
- Administer our website, including troubleshooting problems, analysing statistics, conducting research and tests and keeping the website secure.
Ordinarily, we do not rely on consent as a legal basis for processing data other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent at any time by contacting us.
Purposes for which we will use your personal data
We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contacting us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
To register you as a new customer
To process and deliver our services to you, including:
(a) Making a representation to an insurer.
(b) Collecting information for your will.
(c) Marketing and Communications
(d) Special Category
(b) Asking you to leave a review or take a customer satisfaction survey
(d) Marketing and Communications
Necessary to comply with a legal obligation
Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
(e) Marketing and Communications
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you
Necessary for our legitimate interests (to develop our products/services and grow our business)
We will only use your personal information for the purposes for which we collected it as set out above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. You can ask us to stop sending you marketing messages at any time by contacting us to amend your preferences, methods of contact and products/services you wish to hear about.
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and, in each case, you have not opted out of receiving that marketing.
We will get your express opt-in consent before we share your personal data with any company for marketing purposes.
You can opt-out of third-party marketing at any point by contacting us.
A cookie is a small file of letters and numbers that is downloaded on to your computer when you visit a website. Cookies are used by many websites and can do a number of things such as remembering your preferences, recording what you have put in your shopping basket, and counting the volume of people accessing the website.
Disclosure of your personal data
We share the information that you provide to us with our staff so that we can provide our services to you.
We may also share your personal data with the parties set out below for the purposes set out in the table in paragraph 9 above. These companies will not use your information to contact you. Selected third parties will be subject to obligations to process your personal information in compliance with the same safeguards that we deploy.
We may need to disclose your information to any one of the following:
- Third parties service providers, for example: Telecommunications, IT systems etc acting as processors based in the United Kingdom who we engage to deliver our services (e.g. host our dialler system, electronic storing of your personal data).
- HM Revenue & Customs, Regulators (Financial Conduct Authority, Office of Communication, Information Commissioner’s Office), and other authorities based in the United Kingdom who require reporting of processing activities in certain circumstances.
- Accountants, Solicitors, Compliance Consultants and other like-services based in the United Kingdom who require the reporting of processing activities in certain legal and compliance circumstances.
If you have any concerns about your personal information being shared, please contacting us for more information.
There are certain exceptional circumstances in which we may disclose your information to other third parties. This would be where we believe that the disclosure is:
- Required by the law, or in order to comply with judicial proceedings, court orders or legal or regulatory proceedings
- Necessary to protect the safety of our employees, our property or the public.
- Necessary for the prevention or detection of crime, including exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction.
We do not transfer your personal data outside of the United Kingdom.
We are committed to ensuring your information is safe and secure. In order to prevent unauthorised access or disclosure, we have developed, implemented and maintained suitable physical, electronic and managerial procedures to safeguard and secure the information collected online. We wish for our customers to be completely confident in using our services, therefore we regularly review our processes and procedures to protect your personal information from unauthorised access, use, accidental loss, destruction or disclosure.
We try to ensure that all information you provide to us is transferred securely via our website (always check for the padlock symbol and “https” in the URL bar). Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
All information you provide to us is stored on secure servers with Google Cloud Platform in the UK. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
How long will we hold your personal data?
We will only retain your personal data for as long as we need it for the purposes for which it was collected, as well as for any purposes necessary to satisfy any legal, accounting or reporting requirements.
Where we provide you with life insurance products and services, we will retain information you provide to us in respect of this service for up to 35 years.
Where we provide you with any other family protection service, such as will writing services, we will retain the information you provide to us in respect of such services for up to 50 years.
If you create and maintain an account on our website but do not order any products or services, we will retain any information you provide to us at least for as long as you keep your account on our website, and afterwards for a period of 6 years from the date of your last log in.
Where you contact us, but you do not have an account on our website (and we don’t have an ongoing relationship with you), we will retain your information for a period of 12 months, so that we can recognise you if you contact us again in the near future.
If you would like us to delete your personal information before the end of these periods, please contacting us.
Your legal rights
In accordance with the GDPR, you, in your capacity as a consumer and citizen you are entitled to a range of specific DATA SUBJECT RIGHTS that you may exercise under particular conditions, with a few exceptions.
Your right to ACCESS
You have the right to ask us to confirm whether or not we hold any of your personal information. If we do, you have the right to have a copy of your information and to be informed of the following:
In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold. The first copy of your information that you request from us will be provided free of charge, if you require further copies we may charge an administrative fee to cover our costs.
Your right to RECTIFICATION
You have the right to have inaccurate personal data rectified. You may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary statement to the incomplete data.
Your right to ERASURE
Under certain circumstances you have the have the right to have personal data erased. Also known as ‘the right to be forgotten’. This could be if:
In those situations, you have the right to have your personal data deleted. If you believe that one of these situations applies to you, please contacting us.
Your right to RESTRICT PROCESSING
Under certain circumstances you have the right to request the restriction or suppression of your personal data. Restriction of processing means we are permitted to store your personal data, we are unable to use it. This right is available where:
Your right to DATA PORTABILITY
You have the right to obtain a copy of your personal data for your own purposes. This allows you to move, copy or transfer your personal data more easily from one IT environment to another, safely and securely, without affecting the usability of the data.
Your right to OBJECT
Sometimes, we use your personal information to achieve goals that will help us, you, or the other organisations that we work with. This includes when we tell you about products or services that are similar to ones you have already received; when we use your information to help us make our business better; and when we contact you to interact, communicate or to let you know about changes we are making.
We aim to always ensure that your rights and information are properly protected. If you believe that the way we are using your data is not justified due to its impact on you or your rights, you have the right to object. Unless we have a compelling reason to continue, we must stop using your personal data for these purposes.
You can tell us at any time that you would prefer that we do not use your information for direct marketing purposes. If you would not like to receive any direct marketing from us, please contacting us or use the links provided in any of our marketing communications.
Your right to be INFORMED
You have the right to be informed about the collection and use of your personal data. Your right to be informed forms part of this policy, and provides the purposes for processing your data, our retention periods and who it will be shared with.
Your rights in relation to AUTOMATED DECISION-MAKING AND PROFILING
Any automated decision-making or profiling we undertake is solely for the purpose of tailoring the information which we provide to you. We will not use automated decision-making or profiling to make decisions which will have a legal effect upon you or otherwise significantly affect you, and you have the right not to be subject to such decisions. If you have any concerns or questions about this right, please contacting us.