Privacy notice


CLIENTS AND PROSPECTS (CURRENT AND PREVIOUS); INTERMEDIARIES; AND ASSOCIATED PARTIES

To view on a mobile phone, or to print, please click here for a PDF version.

Contents

Executive Summary
Introduction
Data Collection
Types of Personal Data
Purposes of Processing
Data Sharing
International Transfers
Data Retention
Security of Your Personal Data
Data Subject Rights
Marketing
Complaints About Our Services
Changes to the Privacy Notice
Queries and Complaints

Executive Summary

This is a summary of how RBC Brewin Dolphin process personal data. Please contact us using the details at the end of this notice for more information regarding the specific RBC Brewin Dolphin entities covered by this privacy notice.

Who is this privacy notice for: This privacy notice applies to current or previous clients, prospective clients, intermediaries or clients of intermediaries, and any associated parties.

Why we collect personal data: We collect your personal data in the course of providing our services.

Where we collect personal data from: We may collect personal data directly from you, our staff, third parties or our clients. This is likely to be done face-to-face, by post, over the phone or online.

What personal data we collect: Types of data that we collect include personal details, financial data, ID and verification documents, special category and sensitive data, technical data from your personal devices, and any other information which you choose to provide.

What we use personal data for: We only use personal data for necessary and proportionate purposes. These include for advising you from the time you are a prospective client to the time we onboard you as our client, carrying out suitability assessments and anti-money laundering checks, managing and administering your accounts, managing relationships with intermediary firms, recording calls for regulatory compliance reasons, marketing and events, handling feedback, requests, queries and complaints, and improving the quality of our products and services.

Our legal basis for processing personal data: As a controller, we ensure that we and our processors process personal data lawfully. Most commonly, we will process data to perform a contract with you, to comply with a legal or regulatory obligation, in our or your legitimate interests or with your consent. We may rely on other lawful bases from time to time, including where we process sensitive or special categories of data.

Who we may share personal data with: We are owned by Royal Bank of Canada (“RBC”) and we are part of the RBC Group. We will share personal data with other RBC Group entities, as well as third parties including our business partners, service providers, credit reference agencies, government bodies, regulatory authorities and agencies. Your data is likely to be shared within and outside of the UK or the EU. In cases where data is shared outside of the UK or the EU, we ensure that appropriate safeguards and transfer mechanisms are in place.

How long we keep personal data for and our security measures: We keep your data until the purpose for which it was collected is fulfilled and in line with our retention schedules. We may need to keep certain data for longer to fulfil any legal, regulatory or reporting requirements. Your data is processed and stored securely in our systems, and, in the unlikely event of a data breach, we would take appropriate steps to notify the regulator or you where applicable.

Your rights and making queries or complaints: You can exercise your rights or make a query or complaint about the way we handle personal data by using the contact details in the “Contact Us” section of our Privacy Notice.

Cookies: For information about how we use cookies, please see our Cookie Policy.

Marketing: If you would like to update your contact details or update any of your communication preferences, please get in touch with your usual contact at Brewin Dolphin by phone, post, or email. If you are a private client, you can also use the Client Preference Centre or, if you are a business client or a non-client, the Preference Centre. Please allow 14 days from receipt of your information for any changes to be reflected across our systems.

Introduction

Company Information 

References to “RBC Brewin Dolphin,” “we,” “us” and “our” refer to Brewin Dolphin Wealth Management Limited and may, as appropriate, include the RBC Brewin Dolphin Group.

More information on how the RBC Brewin Dolphin Group manages your data can be found at https://www.brewin.ie/privacy-notice/

Brewin Dolphin Wealth Management Limited is trading as RBC Brewin Dolphin. Brewin Dolphin Wealth Management is regulated by the Central Bank of Ireland and is registered in Ireland Number 223158. Registered Office: Number One Ballsbridge, Building 1, Shelbourne Road, Dublin 4, D04 FP65.

Purpose of this Notice

We respect your right to privacy and our obligations under relevant data protection legislation including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

The purpose of this Privacy Notice is to outline how we process your personal data, including special categories of data, the legal basis on which personal data is processed by us, the basis on which personal data is obtained from you, or collected about you from other sources, details on who we share this data with, and your rights afforded to you under the GDPR.

Please note that this Privacy Notice provides an overview of how we process personal data, and we may provide further information in just-in-time privacy statements during the course of your interactions with our people and services.

Scope of this Notice

This Privacy Notice applies to current or previous clients, prospective clients, intermediaries or clients of intermediaries, and any associated parties.

It is important that you read this Notice and show it to anyone else who is named under your portfolio of investments as it also applies to them. Please take the time to read and understand this Privacy Notice.

References to “you” or “your”, within this Notice, are with regard to individuals whose personal data we process in connection with the provision of our services.

Data Controller

For the purposes of the GDPR, a “data controller” is a person or organisation who alone, or jointly with others, determines the purposes and means of the processing of personal data.

Unless otherwise stated, we are a data controller in respect of your personal data. We are responsible for ensuring that it uses your personal data in compliance with data protection law.

For the purposes of applicable data protection law, in particular the GDPR and the UK GDPR, your data will be controlled by the RBC Brewin Dolphin affiliate or subsidiary undertaking that you have instructed, that is providing services to you, or that is communicating with you, and each such entity is regarded as an independent data controller of your personal data.

Legislation

All personal data will be processed in accordance with all applicable data protection laws and principles, including the EU General Data Protection Regulation 2018 and the applicable Irish Data Protection Acts.

Data Collection

Personal data is any information which identifies an individual person. It does not include personal data where the identity has been removed, this is known as anonymous data.

Directly from You 

We may collect personal data directly from you, our staff, third parties, or our clients. This is likely to be done face-to-face, by post, over the phone, or online.

Third Parties

We may process personal data collected from sources other than you, and, as appropriate receive personal data from third parties. These include, but not limited to, intermediaries, public sources, pension provider, agents, dealers, brokers, introducers, and authorised representatives acting on your behalf such as a family member or legal representative.

This can include personal data relating to you and other individuals, such as your family, spouse, and dependants. This may include information about your health, contact details and relevant assets, financial or policy details for the purposes of administering services we provide to you.

Our Clients

We may process personal data about you, which is provided to us by our clients. For example, where financial planning involves understanding a client’s dependents and family circumstances.

Data Sources

Personal data is collected via paper or web forms, in face-to-face meetings, phone, or e-mail communications.

During our client onboarding process and throughout our relationship with you it may be necessary for you to provide personal data, including special categories of data, relating to other people.

Where this occurs, you must ensure that they understand how their information will be used, have given you their permission to disclose it for these purposes, and allow us and our partners and processors to process it as set out in this Privacy Notice.

We also collect personal data from representatives nominated by you to act your behalf such as a family member or legal representative.

Children’s Personal Data

Our services are not intended for children, we typically process children’s personal data where they are named on a portfolio as dependants, are beneficiaries, or with regards to trusts.

Types of Personal Data

The type of personal data we collect will depend on the product or service we provide.

We will only collect information that is adequate, relevant, and limited to what is necessary in relation to the purposes identified within this Privacy Notice.

The table below outlines the categories of personal data we process, with common examples. Please note that this is an indicative, non-exhaustive list, and the data we use may change over time.

Data CategoryData Type
Personal DetailsBiograpahical Contact details e.g., email, home address etc.
Gender
Marital status
Dependants
Family circumstances and background
Date of birth
Nationality
Employment history
Occupation
Organisational role(s) e.g., trusteeships, directorships, partnerships
Professional qualifications
Education history
Internal client identification codes
Behavioural and lifestyle
Risk profile
Official identification documents
National identification numbers e.g., a National Insurance number (NI)
Personal Public Service Number (PPSN)
Proof of address e.g., bank statement and utility bill
Passport number
VAT number
Records of communications and correspondence, including phone and video recordings
Records and logs of activities on your accounts
CCTV footage
Opinions, comments, and feedbackAny other personal information that you have chosen to share with RBC Brewin Dolphin during communications e.g., opinions, holiday, and travel plans.
Financial DataRisk appetite and score 
Investments and financial products 
Assets e.g., savings and properties owned and their valuation 
Debts and financial commitments e.g., mortgages and loans
Salary and other income e.g., rental 
Source of wealth and source of funds
Records and logs of activities on your accounts
Investments, financial products, and pensions
Portfolio position and performance
Pension
Insurance policies and positions
Financial planning information
Billing and banking details e.g., bank account detailsEthical and investment restrictions Service, product and account information and history Tax information e.g., tax residency Current and Financial history Any other financial information that you choose to share with us. 
Special Category DataInformation about your health, relevant to the management of your portfolio and investment suitability.Mental and physical health, including vulnerability.Any other personal information that you have chosen to share with us e.g., political, or religious beliefs.
Anti-Money Laundering DataDocumentation to verify your identity, and on request, including:PassportsDriving licences This will likely include photographic identification and signatures.Documentation to verify your address, and on request, including:Bank statementsUtility billsFinancial information to support your source of wealth and source of fundsAdverse media reportsSource of wealth and source of fundsDetails for conducting Politically Exposed Person and Sanctions checks against relevant lists.Criminal convictions and judgements relating to, or resulting from, above checks or which you have disclosed to us.
Cookies and Technical DataWe collect cookies from your device when you access and use our website. For more information, please see our Cookie Policy.
Marketing and Communications DataMarketing and communication preferencesHistory of event attendanceDietary requirements
Cookies and Technical DataWe collect cookies from your device when you access and use our website. For more information, please see our Cookie Policy.
Anonymised DataIn addition to the categories of personal data described above, we produce anonymised and aggregated data and information that is not processed by reference to a specific individual.

Purposes of Processing

Our primary purpose of processing your personal data is to provide our services to our clients. This includes onboarding clients, assessing suitability for financial products and services, providing investment advice, and sending information about marketing products, services, and events you may be interested in.

We will take steps to ensure that personal data is handled only by personnel that have a need to do so for the purposes described in this Notice.

The table below provides an overview of the purposes for which we process your personal data and the lawful basis which we rely upon under Article 6 and Article 9 GDPR. Please note that this is an indicative, non-exhaustive list.

ProcessPurpose of ProcessingLawful Basis
Prospective ClientsTo provide tailored information on our offerings to you as a prospective client and to market our services.To take steps, at your request, prior to entering a contract with us in order to begin the process of onboarding you as a client.Article 6 (1) (b) – Performance of a contractArticle 6 (1) (f) – Legitimate interests
Including business developmentArticle 6 (1) (a) – Consent 
Client OnboardingTo onboard you as our client and set up a file with your documentation, including information relating to vulnerability or health position if applicable, and to verify your identity.To execute our business relationship with you. For example, we ask you to complete a client risk questionnaire, provided by our supplier Oxford Risk, before risk discussions in order to generate a risk appetite score (regularly reviewed and agreed by you) on which to base our services during the course of your relationship with us.Article 6 (1) (b) – Performance of a contract.Article 6 (1) (f) – Legitimate interests Including relationship managementArticle 9 (2) (a) – Explicit consentArticle 9 (2) (f) – Defence of legal claims Article 9 (2) (g) – Substantial public interest
Anti-Money Laundering (AML) ChecksTo verify your identity and comply with legal obligations under anti-money laundering legislation, where applicable.To prevent, detect and report fraud, money laundering and other offences.To protect our business and for risk management.Article 6 (1) (c) – Compliance with legal obligationArticle 6 (1) (f) – Legitimate interests
Including risk management and fraud preventionArticle 9 (2) (g) – Substantial public interestArticle 10 – Schedule conditions for processing
Suitability AssessmentsTo ensure your suitability for financial products and services. including information relating to vulnerability or health position if applicable.This can include information about your health, relevant to your investment suitability.Suitability is regularly reviewed throughout your relationship with us.Article 6 (1) (c) – Compliance with legal obligationArticle 6 (1) (f) – Legitimate interests Including suitability for products and servicesArticle 9 (2) (a) – Explicit consentArticle 9 (2) (f) – Defence of legal claims Article 9 (2) (g) – Substantial public interest
Relationship Management and AdministrationTo provide services, products, or offerings, including online and digital, as requested.To provide investment management and financial planning services directly to you or through a third party such as a representative or intermediaryTo communicate important changes to our services, products, or offerings.To manage our relationship with you, including notifying you about changes to the services, or terms and conditions.To effectively manage, administer and operate contractual arrangements and comply with instructions or requests on your behalf. We may use providers such as DocuSign to securely exchange information with you.To provide you with valuations, statements, and account information.To administer fees and charges.To analyse and report on the effectiveness of our operations and growth strategies to increase efficiency, innovation and maintain a competitive edge.Article 6 (1) (b) – Performance of a contractArticle 6 (1) (c) – Compliance with a legal obligationArticle 6 (1) (f) – Legitimate interests
Including communication with you
Management and Transfers of PensionsTo manage and administer pensions or transfer your pension to or from a third-party pension providerArticle 6 (1) (b) – Performance of a contractArticle 6 (1) (b) – Performance of a contractArticle 6 (1) (f) – Legitimate interests
Including communication with you
Recording or Telephone and Video CallsTo comply with our regulatory monitoring requirements under financial regulations by recording communications in phone calls.To analyse, assess, and improve our services, and for training and quality purposes.For training, quality, product and service development and improvement.To use as evidence in the event of a dispute or as evidence in courtArticle 6 (1) (c) – Compliance with legal obligationArticle 6 (1) (f) – Legitimate interests
Including the improvement of services and quality.
Marketing and Non-Marketing CommunicationsTo provide you with marketing communication about other services that we consider suitable to you and may be of interest.To send appropriate marketing communications, knowledge and insight and recommend products and services that we think might be suitable for you or that we think is of importance, interest, or relevance, including in response to requests from you via our webforms.To inform you about products and services you might be interested in, as well as to invite you to exclusive client events.To provide knowledge, insight, and information that we think is of importance, interest, or relevance.To invite you to (exclusive face-to-face and online) events, including webinars, that we think you will be interested in and manage your attendance, including updating you with key information such as the date, time, and location.To ensure that, where you have unsubscribed or ‘opted -out’ of certain communication types or channels, including marketing, we do not send such communications to you.Article 6 (1) (a) – ConsentArticle 6 (1) (f) – Legitimate interests 
Including business developmentArticle 6 (1) (c) – Compliance with legal obligation
Cookies and Technical DataTo collect, analyse and report on technical information about the services that you interact with when visiting our websites applications and online advertisement. For more information, please see our Cookie Policy: https://www.brewin.ie/cookie-policy To collect, through our technology security services, traffic and security reports, information, and activity logs on the usage of our systems and services. For example, websites visited by users, documents downloaded, security incidents and prevention measures taken by the gateway. https://www.brewin.ie/cookie-policyArticle 6 (1) (a) – ConsentArticle 6 (1) (f) – Legitimate interests
Including the necessary function of the website
Handling Complaints, Queries, and Legal ClaimsTo respond to complaints, legal claims, data breaches or data protection rights requests.Article 6 (1) (c) – Compliance with legal obligationArticle 6 (1) (f) – Legitimate interests
Including the necessary function of the websiteArticle 9 (2) (f) – Defence of legal claims
Management and Operations or Technology SystemsTo enable quick and easy access to information on RBC Brewin Dolphin services.To maintain security of our systems and prevent fraud and offer proactive, up-to-date security for our technology services.To obtain further knowledge of current threats to network security in order to update our security solutions.To test, develop and improve our systems and services.Article 6 (1) (f) – Legitimate interests
Including the testing and improvement of our systems and services
Regulatory and Internal ComplianceTo comply with regulatory audit and reporting requirements. To monitor the use of our copyrighted materials and comply with internal policies and procedures.Article 6 (1) (c) – Compliance with legal obligationArticle 6 (1) (f) – Legitimate interests
Including for risk management
CCTV SurveillanceTo use CCTV footage at our office locations for monitoring and securing our premises, assets, staff, and visitors.Article 6 (1) (f) – Legitimate interests Including prevention and detection of crime

Data Sharing

We share personal data internally with our employees, agents and service providers and other companies within RBC, who are required to maintain the confidentiality of this information.

We share personal data externally with other parties to assist with our provision of services and comply with our legal obligations. Any transfer of personal data is based on a lawful basis, and we will only engage third parties that have appropriate technical and organisational measures to process, store, and safeguard your personal data.

We will take steps to ensure that the personal data is accessed only by the personnel of such third parties that have a need to do so for the purposes described in this Notice.

Please note that we cannot discuss your investment portfolio with any representatives or family members without your explicit permission, authorising them as a nominated contact to your account. While the third parties we engage will change occasionally, the following table is an indicative, non-exhaustive list to help you understand the types of data sharing activities we undertake.

Third PartyPurpose of Sharing
Royal Bank of Canada (RBC) Group Entities We are owned by Royal Bank of Canada (“RBC”), and we are part of the RBC Group. We share personal data with other RBC Group entities, entities to operate and manage shared services, systems and suppliers, request information about services and offerings provided by another entity, to transfer or refer clients, to undertake client AML checks, for RBC Group entities to send you marketing and non-marketing communications, to conduct internal reporting and to co-operate in the investigation and response to complaints, legal claims, data breaches or rights requests.
RepresentativesWe may share information with authorised representatives acting on your behalf, such as a family member or legal representative.
Suppliers and VendorsWe outsource certain functions to third party suppliers and vendors to assist with our business operations and may share certain types of personal data in the course of business. This may include accountants, professional advisers, IT and technical support providers, communications providers and specialist financial service providers and platforms.
Anti-Money Laundering (AML) CompaniesWe may undertake an electronic check to verify the personal identity information you have provided. The check will be undertaken by a reputable AML company which will retain a record of that check according to their retention policy. This information may be used by other firms or financial institutions for fraud prevention purposes.For example:
LexisNexis
SmartSearch
Oxford Risk (UK)To establish our clients risk tolerance score and associated factors with financial personality. 
Pershing Securities International Ltd (PSIL)For settlement and safe custody purposes.
Our Business Partners
This could include intermediaries who provide you or your organisation with services alongside or related to, those provided by RBC Brewin Dolphin. 
To facilitate and host face to face and online events and webinars.To co-operate in response to complaints, legal claims, data breaches or data protection rights requests. We may share data with our business partners including intermediaries, financial advisers and pension or product/service providers, who provide you or your organisation with services alongside or related to those provided by us. Your information may be shared for the purpose of facilitating and hosting face-to-face and online events and webinars. We may also share information to co-operate in response to complaints, legal claims, regulatory authority requests, data breaches or data protection rights requests.
Third Party Service Providers and Contractors 
This can include accountants, professional advisors, IT, and communications providers.
We outsource functions to third party vendors to assist with our business operations. For example, Microsoft, and Onespan (for signing documents)
Prospective Buyers or SellersIn the event we decide to sell any of our business or assets, or buy another business or its assets, we may share personal data for due diligence purposes. If we are acquired by a third party, personal data held by us about you will be disclosed to the third-party buyer.
Government Departments, Bodies or Agencies
 
We may disclose information to:any court or tribunallaw enforcementlocal authoritiesGardaiRegulators including, but not limited to, the Central Bank of Ireland, the Data Protection Commission, the Competition and Consumer Protection Commission (CCPC), and the Financial Services and Pensions Ombudsman of Ireland.This may also include tax, law enforcement and regulatory bodies, and courts and judicial bodies in other countries, such as the US, where applicable.We will disclose your personal data to the above where:required by applicable law or regulationswe are under a duty to disclose your personal data to comply with any legal obligationto establish, exercise or defend our legal rightsto resolve queries, concerns, or complaints

International Transfers

From time to time your personal data will be transferred, accessible, or visible to individuals and/or entities located outside the Republic of Ireland and the European Economic Area (the “EEA”). These countries include:

  • United Kingdom
  • Guernsey
  • Jersey
  • Switzerland
  • Canada
  • India and;
  • United States of America

These scenarios include, but are not limited to:

  • RBC Brewin Dolphin Group offices, including but not limited to the UK, Canada, and Jersey
  • Suppliers such as those who provide IT security assistance
  • Data hosting sites
  • Technical support for software licences
  • Third party vendors who are based in the UK e.g., Oxford Risk
  • Tax authorities under tax information exchange agreements e.g., the US government agencies where relevant

Countries outside of the EEA may not, as considered by the European Commission, provide an equivalent level of legal protection to data privacy as the Republic of Ireland. Therefore, where your data is transferred, or could be potentially accessed, outside the EEA we will ensure that there are adequate security measures in place to safeguard and maintain the integrity of your personal data.

We will implement appropriate measures to ensure that your personal data is protected and secured to the same extent as within the EEA in accordance with applicable data protection and privacy laws.

These measures will include: 

  • Standard Contractual Clause: We will put in place a data transfer agreement with the recipient of the information using the contractual wording approved by the European Commission. For further information please contact the Data Privacy Team using the details at the end of this Notice.
  • Adequacy Decision: We will ensure that the specific country provides an adequate level of protection to data privacy as approved by the European Commission, this includes the UK, Switzerland, and Canada.

If you would like further details regarding the measures that RBC Brewin Dolphin have taken in relation to the transfer of your personal data, please contact RBC Brewin Dolphin using the details set out in this Notice.

Data Retention

The duration for which we retain your personal data will vary depending on the type of personal data and our reason for collection and processing. We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements. To determine the appropriate retention period for personal data, we consider the following;

  • the volume of personal data.
  • the nature, and sensitivity of the personal data
  • our obligations and legal requirements to retain your personal data
  • the purpose of processing your personal data
  • the risk of unauthorised use or disclosure of your personal data.

Where we share data with RBC: 

RBC will retain the information we share with them for a period of seven years (or 11 years if the data controller of your personal information is located in Jersey) from the date of termination of your relationship with them, or for such other period as may be required from time to time under relevant laws and regulations, including those relating to record keeping and prescription periods. Such information may be retained after your account with them has been closed, and for customer identification purposes in accordance with their record keeping policy. 

More information on how RBC manage your data can be found at https://www.rbcwealthmanagement.com/en-eu/

Security of Your Personal Data

We will take all appropriate technical and organisational steps to safeguard your personal data. In the unlikely event of a data breach, we will contact you in line with our legal obligations.

We follow several industry good practices to ensure this protection is fully effective and the appropriate technical and organisational measures are in place. All personal data is provided protection in line with security and data protection policies.

All our employees and contractors receive mandatory information security and data protection training on being hired and subsequently on at least a yearly basis to ensure that they are aware of the security policies and their specific information security responsibilities. This also ensures that they are properly equipped to perform their duties in maintaining our security posture.

Data Subject Rights

Overview of Rights

The GDPR provides you, the data subject, with a number of rights when it comes to your personal data.

On receipt of a valid request to invoke one of your rights, we will do our best to adhere to your request as promptly as reasonably possible, however, restrictions will apply in certain situations.

Your Requests

To exercise your rights or raise a query about the way we handle personal data, please email us at dataprivacy@brewin.co.uk, with as much detail as possible regarding your requirements to enable us to deal with your request efficiently, i.e., date range, subject of the request).

Alternatively, write to us at:
Data Privacy Team
Risk & Compliance
Number One Ballsbridge
Building 1
Shelbourne Road
Dublin
D04 FP65

Please provide us with information to help us deal with your request, such as the context in which we have processed your information and the relevant time periods. We may ask you to provide ID for identification and verification purposes.

Requests Received by Third Parties 

If a request is submitted by a third-party representative (such as a solicitor) on your behalf, we require a written Letter of Authority which confirms your permission of authority.

Our Response to Your Request

Upon receipt of a request, we will have one month to provide a response, with an extension of two further months if required. If we require more time to deal with your request, we will notify you of the delay, and the factors responsible for the delay, within one month of receiving your request. If we refuse your request, we will notify you within one month of the receipt of the request accompanied by the reason for refusal. If we refuse your request, you are entitled to contact the Data Protection Commissioner, details are outlined in Subject Rights under “Right to Complain” below. We will not charge a fee for any requests, provided we do not consider them to be unjustified or excessive. If we do consider these to be unjustified or excessive, we may charge a reasonable fee or refuse the request.

Data Subject Rights

Right to Access – GDPR Article 15 

You have a right to a copy of your personal data, which we hold relating to you, and other information regarding this data including categories of personal data held and the source of the data. 

There are exceptions to this right, for example, if making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. 

Right to Rectification – GDPR Article 16

You have the right to request that your personal data, collected, and processed by us is up to date and accurate. Where you feel data is incomplete or inaccurate, 

Where information is considered inaccurate or incomplete, you have the right to have this data rectified. Once we receive this request, we will ensure personal data is updated as soon as reasonably possible.

Right to Erasure – GDPR Article 17

You have the right to ask us to erase personal data we hold about you. The right is not absolute and only applies in certain circumstances.

Please note that there are certain circumstances where we may need to retain some information e.g., marketing preferences or where we are required by a legal obligation.

Right to Restrict Processing – GDPR Article 18 

In certain circumstances, you have the right to request the restriction of processing your personal data,

When the processing of your personal data has been restricted, we will only further process your personal data for one of following reasons: 

a)    with your consent. 
b)    for the establishment, exercise, or defence of legal claims. 
c)    for the protection of the rights of other individuals.

Right to Portability – GDPR Article 20

In certain circumstances, you have the right to request to move, copy or transfer your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format.

Right to Object – GDPR Article 21

You have an absolute right to object to the processing of your personal data for direct marketing. The opting out of direct marketing communications will not affect the processing of personal data for the provision of our services. In other cases where the right to object applies, the right is not absolute and only applies in certain circumstances.

Right not to be subject to Automated Decision Making – GDPR Article 22

You have a right not to be subject to a decision based solely on automated processing or profiling, where such decisions would have a legal effect or significant impact on you. 

At present, we do not use automated decision-making in order to execute our business relationship with you. 

Right to Withdraw Consent – GDPR Article 7

Where you have provided your consent for the collection, processing, or transfer of your personal data, you have the right to withdraw your consent fully or partly. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented, unless there is another legal ground for the processing.

Right to Complain – GDPR Article 77

If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority or to seek a remedy through the courts. To contact the Data Protection Commission, please use the following details:

Data Protection Commission
21 Fitzwilliam Square
South Dublin 2
D02 RD28
Ireland
Telephone: +353 (0)761 104 800, +353 (0)57 868 4800

Email: info@dataprotection.ie or through the online form https://forms.dataprotection.ie/contact

Marketing

Changing your marketing preferences

If you would like to update your contact details or update any of your communication preferences, please get in touch with your usual contact at RBC Brewin Dolphin.  

Complaints About Our Services

To make a complaint about our services, please follow the Complaints Procedure on our website.  

Cookies

When you visit any of the RBC Brewin Dolphin’s Websites, cookies are used to collect technical information about the services that you use, and how you use them.

For more information on the cookies used by RBC Brewin Dolphin please see our Cookie Policy.

Changes to the Privacy Notice

This Privacy Notice may be updated from time to time, the most recent revisions will be uploaded to this page. 

If material changes are made to the Privacy Notice we will notify you, for example, by placing a notice on our website. 

Queries

If you would like further information on the processing of your personal data, or the exercise of any of the rights listed above, please contact your Investment Manager or your usual RBC Brewin Dolphin contact. Alternatively, if you have any concerns or questions about how we handle your personal data, you can contact our Data Protection Officer in confidence by email at DataPrivacy@brewin.co.uk or in writing at:

Data Protection Officer
Risk & Compliance
Number One Ballsbridge
Building 1
Shelbourne Road
Dublin
D04 FP65