Intermediaries Privacy Policy. How we collect & use data


Privacy Policy

This Privacy Policy gives you information about how the Society processes the personal information of intermediaries, their employees and consultants, and Appointed Representatives and their employees and consultants.

Who we are

The data controller with conduct of your personal information is Foresters Friendly Society Limited of Third Floor, Enterprise House, Ocean Way, Ocean Village, Southampton, SO14 3XB.

The Society’s data protection officer is Roel van der Zanden of Third Floor, Enterprise House, Ocean Way, Ocean Village, Southampton, SO14 3XB.

Information: Collection, Use and Grounds for Processing

Sources of information

The Society collects and processes information about you from a variety of sources. These are summarised below:

(a) Information you provide to us – this includes the contents of your Intermediary Application Form and where you supply us with personal information by other means (such as letter, email, phone call or by contacting us through our website

(b) Information provided by a third party – this includes where your firm provides us with your information, for example on an Intermediary Application Form, or as a point of contact for us.

(c) Information obtained from public sources – sometimes we might obtain information about you from public sources, such as the Financial Services Register.

The information about you which we hold may include your name, address, place of work, email address and phone number.

Purpose and grounds for processing

We process your personal information primarily to administer the contractual relationship between (i) the Society and your firm; or (ii) the Society and you.

We carry out this processing on the grounds that it is necessary for us to perform our contract (for the payment of commission under our Intermediary Terms of Busines) with you, including taking pre-contractual steps you have instructed us to take (for example, assessing your firm’s eligibility to become an intermediary for the Society).

We may also process your information for research and marketing purposes which allow us to improve our processes, systems, product range and to notify you of changes to the same. We do so because we have a legitimate business interest in improving our service offering. In accordance with Data Protection Law, we are satisfied that your interests and fundamental freedoms do not take priority over our legitimate business interest.

Where we conduct direct marketing, we will obtain your opt-in consent beforehand. Your marketing communication preferences can be updated from your Account section of the Website or by contacting us directly.

In certain circumstances, your information may also be processed on the basis of your express consent, although this is uncommon.

How long we keep your Information for

We only keep your information for so long as it is reasonably necessary. Generally speaking, we retain your
information for the following periods of time:

(a) if your intermediary application is unsuccessful or withdrawn, for 3 Months from the date we notify you that it has been unsuccessful or you withdraw your application (whichever is later); or

(b) if you become an intermediary of the Society, for 6 years from the date you cease to be an intermediary of the society or you cease to be an employee or contractor for the Intermediary or Authorised Signatory.

These periods may be extended if, for example, there is a legal dispute between us or if we are otherwise required by statute or a regulatory body to retain the information for a longer period. We will notify you if we need to extend the period for which we retain your information.

In certain cases we may anonymise your information, along with the information of our other members, for recordkeeping purposes, statistical analysis and to improve our business practices and computer systems.

Once anonymised, you are no longer identifiable from the information we hold about you. This anonymised information is kept indefinitely.

How we share your Information

Your personal information is not shared with anyone except where we are required to do so to comply with the law, to protect our rights or to properly administer the contract between us.

In order to achieve this purpose, we will share your personal information with our external IT providers who host our IT systems. Typically, your personal information will be encrypted before it is transferred to our hosts but in certain circumstances they may require access to unencrypted data, for example when we need to troubleshoot an issue with your account on our computer system. Our IT providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity and to comply with data protection law at all times.

We may share anonymised data (which you cannot be identified from) with contractors and other third parties for the purpose of improving our business practices and computer systems.

To the best of our knowledge, understanding and belief, your information will not be transferred outside of the European Economic Area (EEA) or to any country which is not approved by the European Commission.

If this changes then we will let you know.

Your Rights

Under data protection law you have the following rights:

(a) the right to be informed as to what we do with your information. This includes, but is not limited to, the right to know what information we gather, process and store, what we do with it, who we share it with and how long we keep it for;

(b) the right to access a copy of your information which we hold. This is called a ‘subject access request’.
Additional details on how to exercise this right are set out in the ‘Access to Information’ section, below;

(c) in certain circumstances, the rights to request that we erase, rectify, cease processing and/or delete your information;

(d) in certain circumstances, the right to request copies of the information we hold about you in a machine
readable format so that you can transfer it to other services;

(e) the right to object to processing of your information where it is likely to cause or is causing damage or distress;

(f) the right to prevent us processing your information for direct marketing purposes. We will usually inform you (before collecting your information) if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your information, clicking the unsubscribe link in marketing emails we send you, opting out of marketing communications by changing your account details through our website portal or by contacting us using the details set out in the ‘Contact’ section, below; 

(g) the right to object to decisions being made about you by automated means;

(h) the right, in certain circumstances, to have your information rectified, blocked, erased or destroyed if it is inaccurate; and

(i) the right, in certain circumstances, to claim compensation for damages caused by us breaching data protection law.

Access to Information

Under data protection law you can exercise your right of access by making a written request to receive copies of some of the information we hold on you. If you make your request before 25 May 2018, you will need to pay a £10 fee and you must send us proof of your identity before we can supply the information to you.

From 25 May 2018 you will:

(a) no longer have to pay a £10 fee but we will be allowed to charge you for our reasonable administrative costs in collating and providing you with details of the information we hold about you if your request is clearly unfounded or excessive; and

(b) in certain circumstances, be entitled to receive the information in a structured, commonly used and machine readable form.

Data Security

If you choose or are provided with a user identification code, online account login, password or any other piece of information as part of our Website’s security procedures, you must treat that information as confidential and you must not disclose it to any third party. The Society has the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in the Society’s opinion you have failed to comply with any of the provisions of this Privacy Policy or the Terms and Conditions.

Unfortunately, the transmission of information via the internet is not completely secure. Although the Society will do its best to protect your personal information, it cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk.

IP Addresses and Cookies

The Society may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and management. This is statistical data about users’ browsing actions and patterns, and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. Cookies help us to improve our Website and deliver a better and more personalised service; to allow us to estimate audience size and usage pattern; to store information about your preferences and so allow our Website to be customised according to your individual interests; to speed up your searches; and to recognise you when you return to our Website.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our Website’s system will issue cookies when you access our Website.

Changes to this Privacy Policy

Any changes made to this Privacy Policy in the future will be posted on the Website and, where appropriate, notified to you by e-mail. It is recommended that you visit this page from time to time to review any changes. This Privacy Policy was last updated on 18 May 2018.


For questions, comments and requests regarding this Privacy Policy please contact Roel van der Zanden of Third Floor, Enterprise House, Ocean Way, Ocean Village, Southampton, SO14 3XB.