Data protection Notice

 
  • Purpose of this Notice

    We are Investec Capital & Investments (Ireland) Limited (trading as Investec Wealth & Investment (IW&I)) and we are committed to processing your personal data in accordance with EU data protection laws. For the purposes of EU data protection laws, IW&I is the data controller.
  • Who we are

    We are Investec Capital & Investments (Ireland) Limited (trading as Investec Wealth & Investment (IW&I)) and we are committed to processing your personal data in accordance with EU data protection laws. For the purposes of EU data protection laws, IW&I is the data controller.
  • How we will use your information

    Personal data is information which directly or indirectly identifies you.
    It may be necessary for you to give us personal data so that we can:
    •     provide you with the requested products and services;
    •     fulfil any contractual relationship with you;
    •     inform you of our services;
    •     comply with applicable laws, regulations and/or codes of practice; and
    •     for the other purposes as set out in this Data Protection Notice, when in our legitimate interests.
  • How we collect your personal data

    We may collect your personal data in a number of ways:
     
    From you for example, when you:
     
    •     apply for and use our products and services;
    •     call us, we will monitor and/or record your telephone calls;
    •     look for advice about your investments;
    •     enter into any agreement with us;
    •     contact and interact with us;
    •     ask us to contact you;
    •     attend events, participate in surveys, prize draws or competitions.

      From someone else, for example
       
    • if a person applies for a joint account with you they may share your personal data with us or if  you are a stakeholder in or manager of a business, and the business applies for products or services or enters into an agreement or interacts with us, we may obtain personal data about you to carry out checks against the business;

    • third parties such as regulatory bodies, law enforcement bodies, financial advisors, introducers, research and data analysis partners, public sources - for example, Companies Registration Office.
  • What personal data we collect

    Types of information we may collect includes:

    Personal details
       
        date of birth
        contact details;
        nationality;
        tax details;
        employment details;
        regulatory history (where applicable)

    Financial information

       
        income and outgoings;
        assets and liabilities;
        bank details;
        account information and history;
        account activity;
        credit history and information (where applicable);
        shareholdings (where applicable).

    Information we have from our dealings with you or from anyone acting on your behalf

       
        recordings of telephone calls with us;
        records of our interactions/correspondence with you;
        details of your transactions.
     
    Sensitive personal data (we will only collect this with your explicit consent or where the processing is specifically authorised by a regulatory body or required by law)
     
    Including but not limited to the following:
     

        biometric data, such as voice or fingerprint information;
        religious beliefs;
        sexual orientation;
        political affiliation;
        race and ethnicity.
  • If you give us information about somebody else

    You must make sure that if you give us personal data about someone else, you should have a lawful basis for doing so, for example, you have their consent to share personal data with us. Where applicable, you should ensure they read this Data Protection Notice (DPN) and understand how we will use and disclose their information, in the ways described in this DPN.
  • How we secure your data

    We know how important the security of your personal data is. We use security measures that meet international standards,to protect your personal data against loss or theft, as well as from unauthorised access, disclosure, copying, use or modification, regardless of the format in which it is held.
  • Data Retention

    Subject at all times to applicable laws, we will retain your personal data for a period of at least 7 years from the end of the relationship to enable us to fulfil our record keeping obligations.
  • How we may use your personal data

    We may use your personal data for reasons including but not limited to the following:
    •     to verify your identity;
    •     to verify the accuracy of the data you have provided to us;
    •     to provide products and/or services requested by you;
    •     to manage your accounts;
    •     to manage any contractual relationship with you;
    •     to make credit decisions (where applicable);
    •     to trace and recover debts;
    •     to detect and prevent fraud and money laundering;
    •     to administer surveys, prize draws or competitions;
    •     to manage events;
    •     to conduct analysis and market research, for example, to identify trends in the use of our products and services so that we can:
            - improve the products and services we provide to you;
            - improve our business;
            - keep you up to date with relevant products and services.
    •     to comply with applicable laws, regulations and/or codes of practice;
    •     to support research and analytics which assist us in marketing our products and services in a way that is more personalised and relevant;
    •     To help us identify other potential clients similar to you, and inform them of products and services likely to be relevant to them.
  • How we will use your personal data to make automated decisions

    Detecting and preventing fraud, Anti-Money Laundering and Tax Avoidance

    We are legally required to prevent fraud, money laundering and terrorist financing and tax avoidance. We are obliged to collect certain information in relation to this and keep it up to date. If we are provided fraudulent information or we suspect criminal activity we are obliged to provide details of this to regulatory bodies or law enforcement agencies, both within and outside of Ireland. Further details can be found in the Terms & Conditions document.

    We may use real time fraud detection systems to help us to identify if your account is being used fraudulently. These systems make automated decisions for us and take account of information, for example fraud patterns. Your personal data may beused to make these decisions. For example, fraudulent activity may be suspected where there is unusual activity on your account. If we suspect a risk of fraud, we may stop any activity on the account, or refuse access to the account. You have the right to object to an automated decision, and ask for someone to review the decision.
  • How we may disclose your personal data

    We may disclose certain personal data as follows:
    • to other affiliates in the Investec Group. Investec Group consists of Investec Bank plc (a company registered in the UK)and Investec Limited (a company registered in South Africa) and any of their direct or indirect subsidiaries and/or holding companies;
    • to our professional advisors, receivers and administrators (where applicable), and service providers (including for example, information technology systems providers) who may help us provide products or services;
    • to courts, governmental and non-governmental agencies, regulators and ombudsmen;
    • law enforcement agencies;
    • relevant tax authorities;
    • to any relevant third party in the course of an acquisition, sale, transfer, reorganisation or merger of parts of our business or our assets;
    • as required or permitted by law or regulation, where we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of the Investec Group, our clients, or others;
    • where you have been introduced to us by an introducer (e.g. an independent financial adviser), unless you have told us not to, we will inform the introducer of the outcome of the enquiry including whether we have agreed to provide you with the relevant product or service;
    • to credit reference agencies (CRAs)
    • to fraud prevention agencies (FPAs).
    You may also ask us for details of the CRAs and FPAs we have used for your searches. If there are any errors in the information we hold about you, please tell us so we can correct the information we hold about you.
  • Our legal obligations

    All personal information provided by you and/or your financial adviser will be treated in accordance with:
    (a) from 25 May 2018, the General Data Protection Regulation (Regulation (EU) 2016/679) as amended, supplemented or replaced from time to time.
    (b) other laws that are similar, equivalent to or that are intended to implement, amend, or replace, the laws that are identified in (a) and (b) above (the “Data Protection Legislation”).
    Transfer of Personal Data Outside the European Economic Area (“EEA”)
    We may transfer your personal data to recipients who may carry out services on our behalf (including affiliates in the Investec Group) located in countries outside of the EEA, including South Africa. If we transfer your personal data to such a country,we will take all necessary steps to ensure your data is protected to an equivalent standard as within the EEA.
  • Your rights

    You have the right to:
    •     request access to your data and information and about how it is being used;
    •     request rectification or erasure of your personal data;
    •     request restriction of processing or to object to processing of your personal data; and
    •     request data portability (i.e. to request the transfer of personal data from one data controller to another.
    If you wish to exercise any of these rights or withdraw consent to use your personal data you should contact the Data Protection Manager as described below. You also have the right to lodge a complaint about the processing of your personal data with your local data protection supervisory authority (in Ireland, the Office of the Data Protection Commissioner).
  • Marketing

    We may contact you periodically to provide information regarding events, products, services and content that may be of interest to you and to invite you to participate in market research. If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent. Where this information is provided electronically we may track your response, for example which emails received from us that you open.
    If you wish to stop receiving marketing or market research communications from IW&I you can click on the unsubscribe link in the marketing communication, contact your Investment Manager or by emailing [email protected]
  • Changes to this Data Protection Notice

    We may revise or supplement our DPN from time to time to reflect for example, any changes in our business, law, markets,or the introduction of any new technology. We will publish the updated DPN on our website at:www.investecwealthandinvestment.ie/DPN
  • Enquiries, Requests or Concerns

    All enquiries, requests or concerns regarding this DPN or relating to the processing of personal data, should be sent to the Data Protection Manager, Investec Wealth & Investment, The Harcourt Building, Harcourt Street, Dublin 2, Ireland, D02F721.