IFA privacy notice


This Privacy Notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice and any other similar notice we may provide to you from time to time when we collect or process personal information about you.

You can find a downloadable version of the Privacy Notice here.

Who collects the information?

Thesis Asset Management Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you as a director, member or employee of a firm of independent financial advisers or introducers (‘Firm’).

What information do we collect about you?

We collect:

  • your name
  • your email address
  • your work address
  • your Firm’s name
  • your job title
  • your work/mobile telephone numbers
  • your signature
  • your dietary preferences
  • products and services of interest where you select breakout sessions at events hosted or co-hosted by us

How do we collect the information about you?

We may collect this information from you directly or from third parties, including:

  • your use of our website: when you register to use illustration tools or complete online forms. Website usage information is collected using cookies;
  • when you attend events hosted or co-hosted by us or from the contact details available on your business card or on your Firm’s
  • website and when you email or phone us;
    other publicly available sources, such as LinkedIn.

How will we use information about you?

We will typically collect and use this information for the following purposes:

  • For the performance of an introducer agreement with your Firm, or to take steps to enter into an introducer agreement
  • For the performance of our obligations under our client agreement with clients you have introduced to us where you have been designated as the client’s nominated person
  • To monitor and record telephone calls for quality, business analysis, training and related purposes in order to pursue the legitimate interests of the Company to improve its service delivery
  • To comply with legal and regulatory obligations imposed on us
  • In relation to a legal claim or legal proceedings
  • Where you have provided your consent to us processing your personal data for the purposes of informing you about other products and services available from the Company and of marketing campaigns and event invitations
  • For the purposes of our legitimate interests, but only if these are not overridden by your interests, rights or freedoms

We will not share your information for marketing purposes with other organisations.

Direct marketing

We would like to send you information about our products and services, which may be of interest to you. Please go to www.thesisam.com to register your preferences. If you have consented to receive marketing literature from us, you may opt out later. You have the right to stop us from contacting you for marketing purposes at any time. If you no longer wish to be contacted for marketing purposes, please contact marketing@thesisam.com.

How we may share the information

We may also need to share some of the above categories of personal information with other parties, such as external contractors, for example for customer relationship management services, our professional advisers and with potential purchasers of some or all of our business or on a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulator or as required to comply with the law.

We may share your personal data as an independent financial adviser or introducer with a service provider of a customer relationship management system. This data sharing will enable us to be more efficient in the administration of our relationship with you and is in our legitimate interests.

Sometimes when we contact people by email, we share personal data with an external email management company, currently DotMailer. This data sharing helps us manage and target our email contact more efficiently.

Our websites are hosted by an external hosting company, currently GoDaddy. The company has access to the personal data of people who submit their details on our website, for example to subscribe to news updates or register to attend events. This data sharing helps us to manage people’s preferences for how we contact them.

We use a cloud-based email management system provided by Mimecast Services Limited for email security, business continuity, mailbox management and document retention purposes.

Our websites are designed by an external company, currently StraightEdge. This company has access to the personal data of people who submit their details on our website, for example to subscribe to news updates or register to attend events. This data sharing helps us to manage people’s preferences for how we contact them.

We sometimes use external telemarketing agencies to conduct research or introduce our products and services to professional financial advisers. This data sharing helps us to target our marketing more effectively.

We sometimes host events where the venue operator requires details of the guests or delegates attending, for example in order to produce name badges or other personalised content. This data sharing helps us to tailor events to improve the experience for attendees.
We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.

Where information may be held

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. Information may be transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, for the reasons described above. We have security measures in place to seek to ensure that there is appropriate security for information we hold.

How long we keep your information

We will keep your information for the purposes of informing you about other products and services available from the Company and of marketing campaigns and event invitations until we are informed by your Firm that you have ceased to be employed by them, or until we decide that sufficient time has elapsed without any activity that confirms your interest in hearing from us, or until you request a change pertaining to your rights as a data subject, detailed below. Where we hold your personal data with records of clients your Firm advises, we will keep such personal data for the period we are required to do so by the Financial Conduct Authority or its successor body or for such period as is required in respect of any legal claim or proceedings involving such clients or your Firm, but such period will not exceed seven years after the date of termination of an agreement with a client advised by your Firm, unless a longer period to bring a legal claim is permitted by law, for example where a deed has been entered into. We will need a reasonable number of working days after this period to arrange for the deletion of such personal data from our internal systems and those of any third party.

Your rights as a Data Subject

You have the following rights in relation to your personal information:

  • right to access your personal information
  • right to rectify your personal information
  • right to restrict the use of your personal information (in certain specific circumstances)
  • right to request that your personal information is erased (in certain specific circumstances)
  • right to object to processing of your personal information (in certain specific circumstances)
  • right to data portability (in certain specific circumstances).
  • Please contact our Head of Compliance and Risk at compliance@thesisam.com if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice.

You also have the right to ask our Head of Compliance at compliance@thesisam.com for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Head of Compliance will provide you with further information about the right to be forgotten, if you ask for it. You can also write to us at Thesis Asset Management Limited, Exchange Building, St John’s Street, Chichester, West Sussex, PO19 1UP. We may only charge a small fee for responding to access requests if the request is manifestly unfounded or excessive, especially if it is repetitive, or the request is for further copies of the same information.

How we keep your information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. This also extends to our subcontractors.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Updating information

Please contact us at marketing@thesisam.com to correct or remove any information you think is inaccurate.


When you use out website, web browser cookies, which are small text files, are placed on your computer to store information such as your IP address or other identifier, your browser type, and information about the content you view and interact with on our website. This information is used to remember your preferences and settings, remember information you may enter online, to keep you logged on to portals that we may offer, to generate statistics about how visitors use our website and to improve our website. Cookies do not give us access to your computer or any information about you, other than the data you choose to share with us.

For more information on the cookies we use and why, please go to www.thesisam.com and refer to the Cookie Policy.

You can choose to accept or decline cookies via your browser settings. To find out how to manage and delete cookies, visit www.aboutcookies.org or www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

Opting not to use cookies may prevent you from taking full advantage of the website.

Other websites

Our website may contain links to other websites which are outside our control and are not covered by this Privacy Notice. If you access other websites using the links provided, you should read the privacy notices on those websites.

Changes to our Privacy Notice

We will keep this Privacy Notice under regular review. Any changes we make to our Privacy Notice will be posted on our website at www.thesisam.com or can be requested by email from the Head of Compliance at compliance@thesisam.com or by writing to the Head of Compliance, Thesis Asset Management Limited, Exchange Building, St John’s Street, Chichester West Sussex PO19 1UP. This Privacy Notice was created to be effective from 25 May 2018.

How to complain

We hope that the Head of Compliance can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.

How to contact us

If you have any questions about our use of your personal information, please contact us by email at compliance@thesisam.com, or by writing to The Head of Compliance, Thesis Asset Management Limited, Exchange Building, St John’s Street, Chichester, West Sussex PO19 1UP or by calling 01243 531234.