Professional Business Privacy Notice
Last updated: December 2023
Protecting your personal information is extremely important to Legal & General. It’s especially important for a large financial company like ours, as our customers and professional business clients trust us to look after a huge amount of sensitive information on everything from their business affairs to their medical history.
The way we collect and share your information is equally important. Our professional business clients expect us to manage their information privately and securely. If we don’t, they’ll lose trust in us.
This policy tells you how we collect and process your personal business information. Please take a few minutes to read it, and show it to anyone else connected to the business relationship.
What does this policy cover?
What is personal information?
When we talk about personal information we mean information about an individual that can identify them, like their name, address, e-mail address, telephone number and financial details. It can relate to customers, employees, shareholders, business contacts, investment contacts and suppliers. Any reference to “information” or “data” in this policy is a reference to personal information about a living individual.
What information do we hold?
We may collect and process the following personal information about you. In most cases this will be limited to business information that relates to you, how these have an impact on our products and services that may be of interest to you and how we manage our relationship:
|Type of data
|Examples of how we use it
|Open data & public records
|Documentary data & national identifiers
Where do we get our information from?
- Information you give us directly (when you fill in forms or contact us by phone, e-mail etc.).
How do we use your information?
We use personal information that we hold about you:
- To carry out our responsibilities resulting from any business or commercial agreements we may be entering into or you’ve entered into with us and to provide you with the information, products and services that you’ve asked from us.
- To provide you with business to business marketing information about services and products we offer across the Legal & General Group which may be of interest to you.
- To talk to you about investment opportunities.
- To invite you to industry events.
- To tell you about changes to our services and products.
- To comply with any applicable legal or regulatory requirements (including to comply with any applicable regulatory reporting or disclosure requirements).
- For carrying out market research, statistical analysis to help us to improve our processes, products and services and generate new business (e.g. to understand digital behaviours, identify financial attitudes and develop more engaging communications).
- To run our business in an efficient and proper way. This includes testing our systems, managing our financial position, business capability, planning, communications, corporate governance, and audit.
- For any other purpose that we’ve agreed with you from time to time.
- To assess your needs and that we have aligned company values before working together.
Using your information in accordance with data protection laws
- Providing our contracts & services to you: We’ll process your personal information to carry out our responsibilities resulting from any commercial agreements or contracts you’ve entered into with us and to provide you with the information, products and services you’ve asked from us, which may include online services. This may include negotiations for entering into a contract with us.
- Complying with applicable laws: We may process your personal information to comply with any legal obligation we’re subject to.
- Carry out market research and product development.
- We may provide you with business to business marketing information about our services or products. You may object to this type of marketing at any time by e- mailing or telephoning your customer servicing team. Alternatively, you can use the Contact Us section of our consumer website or the adviser, employer, institutional or LGC websites. Details of all other Legal & General websites can be found on our Group website.
- Develop and test the effectiveness of marketing activities.
- Develop, test and manage our brands, products and services.
- Study and also manage how our professional business clients use products and services from us and our business partners.
- Manage risk for us and our retail customers.
- To manage our existing investments and make contact regarding future opportunities.
- To assess your company suitability to receive funding.
Where we seek to rely on legitimate interests it requires us to carry out an assessment of our interests in using your personal data against the interests you have as a citizen and the rights you have under data protection laws.
- Consent: We may process your personal information for different purposes where you’ve provided your consent to do so (e.g. collecting your preferences when we plan and host conferences and seminars).
- Special category (sensitive) data: We may process medical and health, racial and ethnic origin, religion and philosophical beliefs, political opinion information you have provided, and any other sensitive information obtained from a third party (fraud prevention agencies). We will only process data that is needed for specific purposes, such as financial crime prevention or to fulfil your needs at an event. Our lawful basis for processing will be either substantial public interest in accordance with applicable law, or by obtaining your explicit consent.
- Criminal Conviction Data: We may process this type of information for the purposes of identifying any criminal activity and/or to meet our legal obligations.
Please be aware that the personal information you provide to us, and which we collect about you, is required for us to be able to provide our services to you and without it we may not be able to do so.
How long do we keep your information for?
We’ll keep your personal information in accordance with our internal retention policies. We’ll determine the length of time we keep it for based on the minimum retention periods required by law or regulation. We’ll only keep your personal information after this period if there’s a legitimate and provable business reason to do so.
Who do we share your personal information with?
We may disclose your information to:
- To customers you may currently or previously had a relationship with.
- Other companies within the Legal & General Group, third-party suppliers, contractors and service providers for the purposes listed under “How do we use your information” above.
- Our regulators, government (e.g. HMRC) and law enforcement or fraud prevention agencies.
Additionally, we may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we’ll disclose your personal data to the prospective seller or buyer of such business or assets.
- If we, or substantially all of our assets, are acquired by a third party, in which case personal data held by us about our professional business clients will be one of the transferred assets.
- If you have been dealing with a financial adviser (e.g. employer broker consultant), we’ll provide information about your product and, where appropriate, with other information about your dealings with us, to enable your adviser to give you informed advice.
- In order to enforce or apply the terms of any contract with you.
- If we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or regulatory requirements, or otherwise for the prevention or detection of fraud or crime.
- To protect you and Legal & General from financial crime, we may be required to verify the identity of new and sometimes existing professional business clients. This may be achieved by using reference agencies to search sources of information relating to you (an identity search). This will not affect your credit rating. If this fails, we may need to approach you to obtain documentary evidence of identity.
- In accordance with the terms of business agreement, we may perform credit checks on certain types of professional business clients (e.g. directors of intermediary firms).
Legal & General may need to check your details with fraud prevention agencies (e.g. we have to screen at firm and director level of anyone we remunerate, receive payments from or invest in). If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. We may also share information about you with other organisations and public bodies, including the police and we may check and/or file your details with fraud prevention agencies and databases.
If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:
Legal & General and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
- Checking details on applications for credit and credit related or other facilities.
- Managing credit and credit related accounts or facilities.
- Recovering debt.
- Checking details on proposals and claims for all types of insurance.
- Checking details of professional business clients, job applicants and employees.
Legal & General and other organisations may access and use from other countries the information recorded by fraud prevention agencies. Please contact our Group Financial Crime department if you wish to receive the relevant details of the fraud prevention agencies:
Address: Group Financial Crime, Legal & General, Four Central Square, Cardiff, CF10 1FS
Transferring your data outside the UK
We’ll only transfer your data to a recipient outside the UK where we’re permitted to do so by law (for instance, (A) where the transfer is based on standard data protection clauses adopted or approved by the European Commission, (B) where the transfer is to a territory that is deemed adequate by the UK’s Information Commissioner’s Office , or (C) where the recipient is subject to an approved certification mechanism and the personal information is subject to appropriate safeguards, etc.).
Unfortunately, sending information via e-mail is not completely secure; anything you send is done so at your own risk. Once received, we will secure your information in accordance with our security procedures and controls.
How do we keep your personal information secure?
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, altered, disclosed or accessed in an unauthorised way. We limit access to your personal information to those individuals who have a business need to access it. As part of our security measures, we may sometimes require you to give proof of your identity before we disclose personal information to you.
We regularly monitor our systems for possible vulnerabilities and attacks and carry out tests to identify ways to further strengthen our security. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
You have rights under data protection law that relate to the way we process your personal data. More information on these rights can be found on the Information Commissioner’s website. If you wish to exercise any of these rights, please get in touch with your relationship manager or your customer services team. Alternatively, you can use the Contact Us section of our consumer website or the adviser, employer, institutional or LGC websites. Details of all other Legal & General websites can be found on our Group website.
The right to be informed about how we process your personal information. This right is met by the provision of this document.
|The right to access the personal data that we hold about you.
|The right to make us correct any inaccurate personal data we hold about you
The right to make us erase any personal data we hold about you. This right will only apply where for example: W
The right to restrict our processing of the personal data we hold about you. This right will only apply where for example:
|The right to object to our processing of personal data we hold about you (including for the purposes of sending marketing materials to you).
|The right to receive personal data, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to make us transfer this personal data to another organisation.
|The right to withdraw your consent, where we’re relying on it to use your personal data.
Contacts and complaints
If you have any concerns about the way we process your personal data, or are not happy with the way we’ve handled a request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is:
First Contact Team
Information Commissioner's Office
Data Protection Officer
Legal & General has appointed a Data Protection Officer to provide independent expert advice and monitor compliance with data protection laws:
Name: Liz Bradley
E-mail address: Data.Protection@landg.com
Address: 1 Coleman Street, London, EC2R 5AA