Portfolio Login

J C Roxburgh Financial Services Ltd

Privacy Notice

Privacy Notice

At J C Roxburgh (Financial Services) Ltd, we take your data privacy seriously. In order to provide you with our services we collect and use personal data which means that we are a ‘Data Controller’ and we are responsible for and committed to protecting your privacy and complying with the UK General Data Protection Regulations (UK GDPR), Data Protection Act 2018, the EU General Data Protection Regulations where applicable and any subsequent laws or regulations applicable.

We are an independent advisor providing advice on a range of finance and investment to Individuals and Businesses. We collect and process personal data in the course of delivering our services in order to provide you with the right advice and arrange the right products and services to suit your individual needs. In this Privacy Notice, we want to inform you what information we collect, how we use it and what rights individuals have in relation to the collection and processing of their personal data.

If you are providing personal data of another individual to us, you must tell them you are providing their information to us and show them a copy of this notice.

Our Contact Details

If you have any questions in respect of this Privacy Notice or how we manage your personal data, please contact us at:

J C Roxburgh (Financial Services) Ltd
151 Glasgow Road
Clydebank
G81 1LQ

19-21 Ayr Street
Troon
Ayrshire
KA10 6EB

Tel: 0141 952 0371 / 01292 314313
Email: info@roxburghfinancial.co.uk

Whose Information Do We Collect?

We collect and process personal data in different ways during the course of delivering our services. This can belong to our Corporate Clients, Private Clients, Partners, Enquirers, Suppliers, Associates and often the employees and customers of our clients where it is necessary as part of the service or product we provide.

We also process data on behalf of our corporate clients as part of our services to them. This includes where we deliver services in relation to their employees or customers. Where we do so, we act as a data processor on behalf of our clients, and they remain the data controller. We maintain data processor agreements with all such clients to ensure that each party is committed to their obligations under the UK GDPR to protect your personal data.

What Personal Data Do We Collect And Process?

For all of our services and clients we collect the following types of information:

• General contact details such as, name, address, email address, telephone number
• Business activities or occupation of the person whose information we are processing
• Details of services or policies provided or negotiated
• Identification details and Information required to understand your needs in respect of financial advice such as, date of birth, marital status, nationality, National Insurance number, residency details
• Other Financial Details – such as income status, expenditure, benefits, debt or loan status, employment benefits, investment details, financial records, pension information.
• Existing insurance and protection arrangements that we are being asked to review
• Power of Attorney Status where applicable
• Correspondence and communications between us and a data subject
• Information obtained through our use of cookies (please see our Cookie Policy)
• Your marketing preferences

We also collect additional information when delivering our services to private clients and employees or customers of our corporate clients:

• Date of Birth
• Marital Status
• Residency Details
• Power of Attorney Details
• Employer / Employment details
• National Insurance Number

Please Remember: Where you provide any of this information relating to or on behalf of another individual such as a dependant or other family member, you must remember to ensure that you have the consent of the individual and provide them with a copy of or access to this Privacy Notice.

Special Categories Of Personal Data That We Can Collect

• Details relating to medical history or health where it is relevant to the policy or service being arranged
• Information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction), which can be established directly from you or as a result of carrying out sanctions checks.
• We may collect other special category information volunteered or offered by you in the course of your discussions with us. These can relate to race, ethnicity, religious or philosophical beliefs, political opinions, trade union memberships or data concerning your sex life or sexual orientation.

We generally rely on your consent to collect and process this information and do not retain this information beyond the time period of which it is necessary.

How We Collect Your Information

In most cases, we collect your data directly from you. We collect data and process it when you

• Complete an online ‘contact us’ form
• Speak to us on the telephone to discuss or use our services
• Email or write to us to enquire about or use our services
• View our website via your browsers cookies (see our Cookie Policy)

We also receive your data indirectly from the following sources:

• If you are an employee or customer of our corporate clients, we will receive your personal data in the course of delivering our professional services to them.
• If you are nominated as a point of contact from one of our commercial customers, we may receive your details from them.
• If you are named as a beneficiary in relation to one of our products we receive this information from our client.
• Your authorised representatives or those who hold power of attorney will share your information with us.
• Social Media Sites including LinkedIn.
• Public Sources – Demographic Data, Market Research, Companies House

Please Remember: Where you provide any of this information relating to or on behalf of another individual such as a nominated contact, you must remember to ensure that you have the consent of the individual and provide them with a copy of or access to this Privacy Notice.

Why Do We Collect Your Information?

Where we collect and process personal data, we identify both the purpose and legal basis for doing so. The legal bases which are:

Consent – where we have consent from the individual to the processing of his or her personal data for one or more specific purpose

Contract – where the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract

Legal Obligation – The processing is necessary for compliance with a legal obligation to which we are subject

Vital Interests – Where the processing is necessary in order to protect the vital interests of the data subject or another natural person Public Interest – Where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

Legitimate Interests – Where the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal date, in particular where the data subject is a child.

Our purpose and legal basis for the information we collect, and process allows us to:
PurposeLawful BasisAdditional Condition For Special Category Information
To understand your financial advice requirements, needs and risk appetite prior to arranging quotes for you and entering into a contract of service with youThe processing is necessary for the performance of an anticipated ContractIt is necessary for an Insurance Purpose
To add you as a prospective client including carrying out credit, fraud, sanctions and anti-money laundering checksThe processing is necessary to enter into a ContractThe prevention of fraud is in the substantial Public Interest
To comply with our legal obligations, law enforcement, court, financial and tax requirements set by Government bodies and executive agencies.We have a Legal or Regulatory ObligationIt is necessary to establish and exercise our Legal Rights
To communicate with you, respond to your queries and notify you about changes to our serviceIt is in our Legitimate Interests to use your personal information to keep you informed about any changes that may affect youN/A
For marketing of similar services to existing customers or previous enquirersIt is in our Legitimate Interests to market similar services to individuals who have enquired about of purchases services from us previously. We will always provide an option to opt out of such marketing.N/A
For electronic marketing of services to new individual customersWe rely on Consent for direct electronic marketing to individualsN/A
For direct marketing to incorporated businessesIt is in our Legitimate Interests to market our services to other businesses which can include personal business email addressesN/A
To refer you to other companies in the Roxburgh GroupWith your consent we may refer you to services provided by other companies in the Roxburgh Group.N/A
To process health and medical details to endure that contracts and services are suitable for our clients’ needs.We need to ensure that Contracts of services are suitable for the needs of our clients and customers.We rely additionally on Consent to process any details of vulnerability which are categorised as special category personal data.
To note potential vulnerabilities and ensure that our services and products meet the characteristics of our client / customer.We need to ensure that Contracts of services are suitable for the needs of our clients and customers.We rely additionally on Consent to process any details of vulnerability which are categorised as special category personal data.
To review and improve our products services and support by analysing complaints, feedback and vulnerable customer dataIt is in our Legitimate Interests to ensure that we constantly review our services and support to understand what improvements we can make for clients.It is in the Substantial Public Interest that we understand the different characteristics of clients and improve our services and deliver good customer outcomes.
Managing our Business operations such as maintaining accounting records, analysing financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)It is in our Legitimate Interests to manage and improve our business operations and activitiesN/A
Where we rely on your consent you have the right to withdraw this consent at any time by contacting our Data Protection Officer. Contact details can be found at the beginning of this policy.

Legitimate Interests – Where the processing of personal data is based on our Legitimate Interests, it is to improve on our service, security and prevent fraud or illegal activity in favour of the wellbeing of our customers, employees and stakeholders.

Direct Marketing

We may send you details of similar services to those you have enquired about or purchased from us previously. You can opt out of receiving this information from us at any time by contacting us at the above address or clicking ‘unsubscribe’ on any messages you may receive.

We will never share or sell your information to any other party for marketing purposes.

Who Do We Share Your Information With?

From time to time we may share your personal information with third parties for the various purposes set out above. These are:

• Insurers with whom we are obtaining quotations or placing cover
• Industry bodies
• Other companies in the Roxburgh Group
• Our Payment Service Providers
• Professional Services used to support us in operating an effective business such as Lawyers, Auditors and Regulators
• Software and Cloud storage providers
• Banks, Lenders, and other firms upon your request and with your consent only.
• Police and Law Enforcement agencies where reasonably necessary for the prevention or detection of crime.
• Governing Bodies and Executive Agencies such as Companies House, HMRC, Pension Providers and Regulators where required.
• Selected Third Parties in connection with any future sale, transfer or disposal of our business.

International Data Transfers

With today’s modern technology including Cloud Storage and Software, some recipients of your personal data can be located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country.

Where this is the case, we make sure that additional safeguards are in place such as ensuring that those countries have a decision of adequacy under the UK GDPR, or have entered into appropriate agreements and contract clauses, or in the case of the US, the recipients of personal data are certified under the EU-US Data Privacy Framework (including the UK extension).

Automated Decision-Making Or Profiling

We do not use automated means to make decisions about the products we source, however providers can do so when providing us with a quotation. They consider the information provided (for example, details of your level of cover required, financial status etc) to determine whether your application can be accepted and the appropriate rates. All of such decisions are however reviewed by us and you can request that the decision be made by an individual decision maker.

How Long Do We Keep Personal Data For?

We will retain personal data in accordance with legal and regulatory requirements and for no longer than is necessary to fulfil the purposes set out in this privacy policy. We maintain and review a detailed retention policy and schedule which documents how long we will hold different types of data. The time period will depend on the purpose for which we collected the information and is never on an indefinite basis. Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for tax, accounting or auditing purposes).

The following details the criteria used to establish the retention period set out within our policy.

Where it is still necessary for the provision of our services

This includes the duration of any contract for services we have with you and for a period of 7 Years after the end of any contract with a view to maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. Most of our retention periods are determined on the basis of this general rule only where we are not required to retain the data for longer.

Where required by statutory, contractual or other similar obligations

Corresponding storage obligations may arise, for example, from laws or regulation, for example depending on the type of product we arranged for you. It may also be necessary to store personal data with regard to pending or future legal disputes. Personal data contained in contracts, notifications and business letters may be also subject to statutory storage obligations depending on national law. Where we do retain or archive files for these purposes, these are reviewed after the initial 7 year period and minimised to ensure only necessary information is retained.

Your Rights As A Data Subject

As a data subject, you have rights in relation to your personal data. These are:

The Right to Access – You have the right to request details of personal information held or processed and to copies of this data. We do not usually charge for this service.

The Right to Rectification – You have the right to request that any information be corrected that you believe is inaccurate or to complete any information that you believe is incomplete.

The Right to Erasure – You have the right to request that we erase your personal information under certain conditions

The Right to Restrict Processing – You have the right to request that we restrict the processing of your personal data under certain circumstances

The Right to Object to Processing – You have the right to object to our processing of your data, under certain conditions.

The Right to Data Portability – You have the right to request that we transfer the data that we have collected to another organisation or directly to you, under certain conditions.

As previously detailed, you also have the Right to Withdraw Consent where you have previously provided this at any time.

To exercise any of these rights or wish to make a complaint to us in respect of those rights, please contact us using the details at the beginning of this notice.

If we cannot satisfy your complaint, you also have the right to complain to the Supervisory Authority. In the UK, where you wish to report a complaint or feel that we have not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office at:

The Information Commissioner’s Office – Scotland
Queen Elizabeth House
Sibbald Walk
Edinburgh
EH8 8FT

Telephone: 0303 123 1113 or live chat

Or alternatively you can click the link below to begin the process online.
https://ico.org.uk/make-a-complaint/data-protection-complaints/data-protection-complaints/

Contractual Obligations and Consequences

In some circumstances, the provision of personal data is partly required by law (for example, tax regulations, legal obligations) or can also result from contractual provisions such as payment details. This means that it may sometimes be necessary to conclude or fulfil a contract, that the personal data be provided. In those circumstances where the data is not provided or where certain rights are exercised, (Erasure, Object) there is a possible consequence that the contract could not be fulfilled or concluded and may be cancelled.

Cookies & Similar Technologies

When you visit our Website, we use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalised advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you visit or use the Website. For full details please see our separate Cookie Policy.

To learn more about how to manage your browser cookie settings in general please see www.allaboutcookies.org

Please remember: When you click on any external links on our site including the member log in, or where you find us on social media, you are redirected to those websites. We have no control over the privacy of those domains, so please check and review the privacy information on those sites.

Data Security

We aim to protect your personal data through technical and organisational security measures to minimise risks associated with data loss, misuse, unauthorised access and unauthorised disclosure and alteration.

We store customer records in cloud-based services which have controlled and restricted access. We also operate internal policies and procedures detailing physical security, cloud storage security monitoring, access control and password security measures.

Changes To Our Privacy Notice

All businesses change from time to time. At J C Roxburgh (Financial Services) Ltd we keep our Privacy Notice under regular review.

This Privacy Notice was last updated on 16th January 2025.

Main

Investment

Retirement Planning

Protection Planning

Estate Planning

Financial Planning

Business Planning

Mortgages

Glasgow Office: 151 Glasgow Rd, Clydebank G81 1LQ T: 0141 952 0371 E: info@roxburghfinancial.co.uk
Troon Office: 17 Ayr Street, Troon KA10 6EB T: 01292 314313 E: info@roxburghfinancial.co.uk
Roxburgh Financial Services is the trading name of J C Roxburgh (Financial Services) Ltd, (FCA 585728), and is registered in Scotland under number 417019. Registered office 151 Glasgow Road Clydebank Glasgow Scotland G81 1LQ. J C Roxburgh (Financial Services) Ltd is authorised and regulated by the Financial Conduct Authority.
Facebook-f Linkedin