The term PhiGold UK Plc (“PhiGold” or “us” or “we”) refers to the owner of the Website whose registered office is Hallswelle House, 1 Hallswelle Road, London, England, NW11 0DH. Our company registration number is 10386878. The term 'you' or 'your' refers to the user or viewer of our Website. This privacy notice sets out the processing practices in relation to personal data which is collected, stored and retained through the use of this Website and any other electronic communications by Philgold.
Your right to privacy is important to us. This privacy notice sets out how Phigold uses and protects any information that you give us when you use this website. We are keen to strike a fair balance between your personal privacy and ensuring that you obtain full market value from the internet and other products and services we may market to you.
If you do not agree to the following policy, you may wish to cease viewing/using this Website, and or refrain from submitting your personal data to us.
We may change this notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place. If you have any requests concerning your personal data or any queries with regard to this notice, please contact us at firstname.lastname@example.org.
We are registered with the Information Commissioner’s Office (ICO); our registration number is ZA524562. Information on the Data Protection Act 2018 and the General Data Protection Regulation (the GDPR) is also available on the Information Commissioner's website at www.ico.gov.uk.
Under the GDPR, your individual rights in relation to your personal data are as follows (you can read more about your rights in detail at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/);
- the right to be informed about the personal data being processed,
- the right of access to the data,
- the right to rectification,
- the right to erasure,
- the right to restrict processing,
- the right to data portability(to receive an electronic copy of your personal data) ,
- the right to object to processing of your personal data and
- the right not to be subject to automated decision-making. including profiling
Personal data we collectWe collect your personal data typically when you register for our services, make a purchase, enter a sales promotion or otherwise interact with us. Below are examples of the categories of the data we collect on you.
Technical Information. For the most part, you may visit our website without having to identify yourself. However, certain technical information is normally collected by us as a standard part of our services. This information relates to your IP address, information about your device and other technical information your browser provides us with, and data about your use of our website (such as when you use the website and how you interact with its content).
Information you provide to us. To allow us to provide you with the products and services you have requested, or to communicate with you, we may ask you to provide us with certain information such as your name, date of birth or age, email address, home or postal address, or financial situation. In registering for our services, you may create user names, passwords and other credentials that we use to authenticate you and to validate your actions. You may send us copies of your personal identity documents or details about other financial products to which you may be a party.
Location data. Certain services may involve the use of your location data. Use of your location data is, however, subject to your prior consent for each service. Personal data obtained from third parties. We may obtain personal data about you from third party sources such as social media analytics, and from the following partners: [list identified third party sources where possible, such as credit reference agencies, commercial databases]
Use of personal dataWe collect and process your data for one or more of the following grounds:
To fulfil our contract with you. We use your personal data as is necessary to provide you with our products and services in line with our overall contract. We process and use your personal data to provide you with a personalised service and the product or service you have requested, to fulfil your other requests, process your order(s), and as otherwise may be necessary to perform or enforce the contract between us.
We are required to do so by law or regulation. We are required to process and store some of your data in order to fulfil our regulatory obligations. This may include the information we need to establish your needs and requirements and to provide you with a personalised recommendation or advice. We may capture and share your personal data with organisations that can confirm your identity and provide information necessary to prevent fraud or other financial crimes.
You have provided us with your informed consent. Where you have given your informed consent, we will process your data in accordance with the permission you have given us and this privacy notice. You may withdraw your consent at any time by contacting us email@example.com
Our other legitimate interests in using your dataTaking into account your interests, we process your personal data for the following purposes:
To verify your identity and administer your account. We process and use your personal data to ensure the functionality and security of our products and services, to identify you and the instructions you give us, and to prevent and detect fraud and other misuses.
Development of products and services. We process and use your personal data to develop our products and/or services. However, for the most part we use only aggregated and statistical information in the development of our products and services, and not data directly identifiable to you. We may also process and use your personal data to personalise our offerings and to provide you with service more relevant to you, for example, to make recommendations and to display customised content and advertising.
Communicating with you and marketing.Marketing purposes may include using your personal data for personalised marketing or research purposes in accordance with applicable laws, for example, to conduct market research and to communicate our products, services or promotions to you via our own or third parties’ electronic or other services. When contacting you for the purpose of marketing, we will take into account any preferences you have expressed to us, including any desire not to receive marketing.
Any email marketing messages we send are in accordance with the GDPR and the Privacy and Electronic Communication Regulations (PECRs). We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences/the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences,
Business continuity. In the event of an interruption or cessation of our business, we need to ensure that we can implement our business continuity procedures (for example, we may need to rebuild our IT systems) or wind down planning to protect your interests. This may involve a transfer of your personal data to a third party (see below).
How do we secure your personal data? We have robust procedures in place within our business;
- to protect data against accidental loss,
- to prevent unauthorised access, use, destruction or disclosure,
- to ensure business continuity and disaster recovery where required,
- to restrict access to personal information,
- to conduct privacy impact assessments in accordance with the law and our business policies,
- to train staff and contractors on data security, and
- to manage third party risks, through use of contracts and security reviews
How long do we keep personal data?
We will keep your personal data only for so long as it is reasonable for us to do so, depending upon the nature of the data and our processing, and the grounds upon which we collected it. In general, we will delete redundant account information within 14 days of our relationship ending. However, we are obliged to keep certain records of our relationship to comply with the FCA’s and other regulatory rules, in which case we will instead restrict access through our archiving processes. Subject to any actual or potential legal claim or regulatory investigation, the maximum time that we envisage retaining any of your information is seven years, after which time it will be destroyed. Information we use for marketing purposes will be kept by us until you notify us that you no longer wish to receive this information. If you do notify us that you no longer wish to receive marketing information, we will keep an encrypted version of your contact information to ensure we respect your wishes.
Our website may contain links to other websites which are outside the control of Phigold and are not covered by this privacy notice. If you access other websites using the links provided, the operators of these websites may collect information from you which will be used by them in accordance with their privacy notice which may be different to the privacy notice of (Firm name). You should exercise caution and look at the privacy notice applicable to the website in question.
Transfers of your personal data
We may transfer your personal data to the third parties noted below, or as required by law.
Material service providers. We may transfer your personal data to the following third parties who provide us with a material service: [List all material outsourcing / service providers such as payment services or e-money firms; KYC providers; credit reference agencies; product providers etc. The firm should include adequate information to enable a user to understand the nature of the processing by the third party].
Generic service providers (data processors). We may transfer your personal data to third parties who process personal data on our behalf to enable the efficient technical and logistical provision of our services. These service providers may, for instance, supply us with cloud data storage, data security services, customer relationship management software, and other support services. We may substitute a technical or logistical service provider from time to time. Such parties are generally not permitted to use your personal data for any other purposes than that for which your personal data was collected, and we require them to act consistently with applicable laws and this Privacy notice as well as to use appropriate security measures to protect your personal data.
Event-driven transfers. We may transfer your personal data to third parties in certain events where it is necessary to protect your, or our, legitimate interests. This includes the cessation, sale or transfer of our business, civil or criminal legal, or regulatory, proceedings or insurance claims. Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of information on an international basis. Therefore, by browsing the Website and communicating electronically with us, you acknowledge and agree to Phigold processing personal data in this way.
What are your rights?
You have the right to request information on and access to the personal data we hold about you.
You also have the right to request that we correct or delete any incomplete, incorrect, unnecessary or outdated personal data we hold about you. However, we cannot delete personal data that is necessary for compliance or if the personal data must be retained according to applicable laws, or is required for the exercise or defence of a legal or regulatory claim.
In case you consider your personal data collected by us to be inaccurate but you do not wish your personal data to be deleted, if we have used your personal data unlawfully or you have objected to the processing and the existence of legitimate grounds for processing is still under consideration, you may request restriction of processing of your personal data.
You may also at any time object to your personal data being processed for direct marketing purposes, sending promotional materials, profiling, or for the performance of market research. Where your personal data is processed based on your consent, you have the right to withdraw your consent for such processing at any time. In case you wish to make use of your rights mentioned above, you may, as appropriate and in accordance with applicable laws, exercise such rights by contacting us through the contact points referred in the marketing materials or below in this notice. In some cases, especially if you wish us to delete or cease the processing of your personal data, this may also mean that we may not be able to continue to provide the services to you.
Please note that we may need to identify you and to ask for additional information in order to be able to fulfil your requests. Please also note that applicable law may contain restrictions and other provisions that relate to your above rights.
Subject access rights
You have a right to a copy of and details of the personal data held about you. To obtain a copy of the personal data we holds about you, please write to us at firstname.lastname@example.org. No charge will normally be made by us for providing this information. If your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.