(as of 13 January 2016)
At the Channel Islands Financial Ombudsman (“CIFO”, “we” or “us”), we are committed to protecting your privacy and safeguarding your personal information.
The purpose of this Privacy Statement is to inform you about the types of Personal Information CIFO collects, uses and discloses. It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may correct that information.
From time to time, we may make changes to this Privacy Statement. The Privacy Statement is current as of the “last revised” date which appears at the top of this page. We will treat Personal Information in a manner consistent with the Privacy Statement under which it was collected, unless we have your consent to treat it differently. This Privacy Statement applies to any information we collect or receive about you, from any source.
We may provide links on our website to other websites. Those websites may have different policies and we do not assume responsibility for the information or privacy practices of those other sites.
The following topics will be covered in this Privacy Statement:
- What is Personal Information?
- How do we collect your Personal Information?
- Where do we store your Personal Information?
- How do we use your Personal Information?
- To whom do we provide your Personal Information?
- When and how do we obtain your consent?
- How do we ensure the privacy of your Personal Information when dealing with other third parties?
- How long will we utilize, disclose or retain your Personal Information?
- How can you review your Personal Information that we have collected, utilized or disclosed?
- How do you know that the Personal Information we have on you is accurate?
- What if the Personal Information we have on you is inaccurate?
- How fast will we respond to your written requests?
- Are there any costs to you for requesting information about your Personal Information or our privacy practices?
- How do we know that it is really you requesting your Personal Information?
- What safeguards have we implemented to protect your Personal Information?
- How do you contact us regarding access to your Personal Information or our privacy practices?
1. What is Personal Information?
“Personal Information” is any information that is identifiable with you, as an individual. This information may include but is not limited to your name, mailing address, telephone number, e-mail address and business facsimile number. If you are making a complaint about a financial services provider (FSP), we may also collect information about your finances and health. Personal Information, however, does not include your name, business title, business address, business telephone number, business e-mail address or business facsimile number in your capacity as an employee or official of an organization.
2. How do we collect your Personal Information?
We will always collect your Personal Information by fair and lawful means. We may collect Personal Information from you directly and/or from third parties, such as from FSPs, where we have obtained your consent to do so or as otherwise required or permitted by law.
3. Where do we store your Personal Information?
We will keep the Personal Information that we collect either at the CIFO offices in Jersey, on electronic records stored with an information technology service provider in Jersey, or in paper archives stored by a secure file storage company in Jersey.
4. How do we use your Personal Information?
We identify the purposes for which we use your Personal Information at the time we collect such information from you and obtain your consent, in any case, prior to such use. We generally use your Personal Information for the following purposes (the “Purposes”):
- to respond to your enquiries or complaints;
- to garner your opinions and comments in regard to CIFO’s operations;
- to administer our business activities and website;
- to include you on CIFO’s mailing list(s);
- for statistical research and demographic analysis;
- if you are at our offices, to administer the physical security of our offices;
- where appropriate, to recruit for positions in CIFO, and for planning and analysis relating to CIFO’s recruitment efforts;
- to investigate legal claims;
- such purposes for which CIFO may obtain your consent from time to time; and
- such other uses as may be permitted or required by applicable law.
If you are making a complaint to CIFO about the provision of financial services in or from the Channel Islands, your complaint, with personal identifiers removed, may be used to compile statistical data or prepare case studies, which may be made public.
5. To whom do we provide your Personal Information?
We identify to whom, and for what purposes, we disclose your Personal Information, at the time we collect such information from you and obtain your consent to such disclosure.
For example, we may transfer your Personal Information to third party service providers with whom we have a contractual agreement that includes appropriate privacy standards, where such third parties are assisting us with the Purposes – such as service providers that provide data storage or processing.
We will only make disclosures of Personal Information to such persons for whom you provide your consent, unless the disclosure is otherwise permitted or required by law.
6. When and how do we obtain your consent?
We generally obtain your consent at or before the time that we collect your personal information; however, we always obtain your consent prior to using or disclosing your Personal Information for any purpose, unless that consent is not required by law. You may provide your consent to us either orally, electronically or in writing. The form of consent that we seek, including whether it is express or implied, will largely depend on the sensitivity of the personal information and the reasonable expectations you might have in the circumstances.
7. How do we ensure the privacy of your Personal Information when dealing with third parties?
We ensure that all third parties with access to Personal Information, whether they are involved in a complaint, an investigation or otherwise, are contractually required to observe the intent of this Privacy Statement and our privacy practices.
8. How long will we utilize, disclose or retain your Personal Information?
We may keep a record of your Personal Information, correspondence or comments, in a file specific to you. We will utilize, disclose or retain your Personal Information for as long as necessary to fulfil the purposes for which that Personal Information was collected and as permitted or required by law.
9. How can you review your Personal Information that we have collected, utilized or disclosed?
You may make a written request to review any Personal Information about you that we have collected, utilized or disclosed. Upon receiving such a request, we will generally provide you with any such Personal Information in accordance with applicable law. We will make such Personal Information available to you in a form that is generally understandable, and will explain any abbreviations or codes.
10. How do you know that the Personal Information we have on you is accurate?
We will ensure that your Personal Information is kept as accurate, complete and up-to-date as possible. We will not routinely update your Personal Information, unless such a process is necessary. We expect you, from time to time, to supply us with written updates to your Personal Information, when required.
11. What if the Personal Information we have on you is inaccurate?
At any time, you can challenge the accuracy or completeness of your Personal Information in our records. If you successfully demonstrate that your Personal Information in our records is inaccurate or incomplete, we will amend the Personal Information as required. Where appropriate, we will transmit the amended information to third parties having access to your Personal Information.
12. How fast will we respond to your written requests?
We will attempt to respond to each of your written requests not later than thirty (30) days after receipt of such requests. We will advise you in writing if we cannot meet your requests within this time limit.
13. Are there any costs to you for requesting information about your Personal Information or our privacy practices?
Generally, we will not charge any costs for you to access your Personal Information in our records or to access our privacy practices.
14. How do we know that it is really you requesting your Personal Information?
We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such identifying information shall be used only for this purpose.
15. What safeguards have we implemented to protect your Personal Information?
We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. The only employees, who are granted access to your Personal Information, are those with a business ‘need-to-know’ or whose duties reasonably require such information.
16. How do you contact CIFO regarding access to your Personal Information or CIFO’s privacy practices?
All comments, questions, concerns or complaints regarding your Personal Information, this Privacy Statement or our privacy practices, should be forwarded to CIFO – Email: firstname.lastname@example.org