top of page
uk.jpg

Privacy Policy

Who we are

This Privacy Policy explains how we collect, use, disclose and protect personal data when you visit our website or interact with us.

The controller for this website and for client relationships booked in the United Kingdom is:

Manentia Wealth Consulting Group Limited, trading as MWC Group UK
Financial Conduct Authority Firm Reference Number: 973440
Head office (UK branch):
The Stables, Park Lidgett Farm
Ossington
Newark
Nottinghamshire
NG23 6LG
United Kingdom

For all privacy matters, you can contact our Data Protection Officer at: DPO@mwcgroup.ch.


Personal data we collect

We may collect and process the following categories of personal data:

  • Identification and contact details – name, title, postal address, email address, phone numbers, nationality, date of birth, tax residence, client identifiers, identification documents.

  • Client and engagement information – details about your financial circumstances, family situation, employment, assets and liabilities, objectives, risk tolerance, investment and pension preferences, insurance needs, and records of our advice and communications.

  • Regulatory and compliance information – information required for KYC, AML, sanctions and fraud-prevention checks, including documentation and screening results.

  • Special category data – for example, health information where relevant to insurance or other products, processed only where necessary and permitted by law (typically with your explicit consent).

  • Technical and usage data – device and browser information, IP address, log data and cookie identifiers when you visit our website (see our Cookie Policy).

We may obtain personal data directly from you, from persons acting on your behalf, from product providers and business partners, from publicly available sources and from compliance/screening tools.


Purposes and legal bases (UK GDPR and Data Protection Act 2018)

We process personal data for the following purposes and on the legal bases set out in the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018:

  • To provide our services and manage our relationship

    • To assess your needs, provide advice, implement and manage products, communicate with you and provide ongoing reviews.

    • Legal basis: Article 6(1)(b) UK GDPR – performance of a contract or steps taken at your request prior to entering into a contract.

  • To comply with legal and regulatory obligations

    • To comply with obligations under United Kingdom financial-services, AML, tax, accounting, consumer-protection and other applicable laws and regulations, including obligations to the Financial Conduct Authority (FCA) and other authorities.

    • Legal basis: Article 6(1)(c) UK GDPR – compliance with legal obligations.

  • To pursue legitimate interests

    • To manage our business and risks, monitor quality, perform internal reporting and analytics, improve our products and services, manage disputes and legal claims, protect our systems and information, and prevent fraud and financial crime.

    • Legal basis: Article 6(1)(f) UK GDPR – our legitimate interests, balanced against your interests and rights.

  • To protect vital interests

    • In limited circumstances, to protect your or another person’s vital interests.

    • Legal basis: Article 6(1)(d) UK GDPR.

  • With your consent

    • For specific purposes where consent is required, for example:

      • processing health or other special-category data in connection with insurance and certain planning services;

      • certain direct marketing and electronic communications;

      • the use of non-essential cookies and similar technologies.

    • Legal basis: Article 6(1)(a) and, where applicable, Article 9(2)(a) UK GDPR – your consent, which you may withdraw at any time without affecting the lawfulness of processing prior to withdrawal.

Where we process special-category data, we do so only where a condition under Article 9 UK GDPR and the Data Protection Act 2018 is met, such as your explicit consent or where necessary for the establishment, exercise or defence of legal claims.


Profiling and automated decision-making

We may use profiling to help determine your risk profile, investment objectives and product suitability or appropriateness. These tools support, but do not replace, the judgment of our advisers.

We do not make decisions about you based solely on automated processing that produce legal effects concerning you or similarly significantly affect you, within the meaning of Article 22 UK GDPR.


Sharing your personal data

We may share your personal data with:

  • Other MWC Group entities, where they provide services or support to MWC Group UK, or where they provide services directly to you;

  • Product providers and platforms, including banks, custodians, pension and investment platforms, insurers and other product providers involved in implementing or managing your arrangements;

  • Professional advisers and service providers, including auditors, lawyers, compliance advisers, IT and cloud service providers, communication providers and other suppliers that process personal data on our behalf under written contracts requiring confidentiality and appropriate security;

  • Regulators, authorities and courts, including the FCA, HM Revenue & Customs (HMRC), law-enforcement and other public bodies, where required or permitted by law; and

  • Other third parties, where you have asked us to share your information or where we are otherwise permitted or required to do so by law.

We do not sell your personal data.


International transfers, including the Philippines

We may transfer personal data to countries outside the United Kingdom, including to:

  • Other MWC entities;

  • Our support office in the Philippines, which provides back-office, administrative and IT support; and

  • Third-party service providers (for example, IT hosting, cloud and communication providers).

Where personal data is transferred to a country that is not subject to a UK adequacy regulation, we implement appropriate safeguards such as:

  • The UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses;

  • Contractual obligations limiting access and use; and

  • Technical measures such as encryption and access logging.

You may contact DPO@mwcgroup.ch for more information about transfers and the safeguards we use.


Security

We implement technical and organisational measures designed to protect personal data, including role-based access controls and multi-factor authentication, encryption where appropriate, secure configuration and patching, network and endpoint security, backups and business continuity plans, and incident detection and response.
 

Retention of personal data

We retain personal data for as long as reasonably necessary to fulfil the purposes described in this Privacy Policy, including to satisfy legal, regulatory, accounting and reporting requirements and to defend or establish legal claims.

As a general indication:

  • Client and advice records are typically kept for at least five to seven years after the end of the client relationship or last transaction, or longer where required by law or necessary for legal claims.

When personal data is no longer required, we will delete or irreversibly anonymise it in line with our retention policies and applicable laws.


Your rights under UK data protection law

Subject to conditions and applicable law, you have the following rights:

  • Right of access – to obtain confirmation whether we process your personal data and, if so, access to that data.

  • Right to rectification – to request correction of inaccurate or incomplete personal data.

  • Right to erasure – to request deletion of personal data in certain circumstances.

  • Right to restriction – to request that we restrict processing in certain circumstances.

  • Right to data portability – to receive personal data you have provided to us in a structured, commonly used and machine-readable format and transmit it to another controller where technically feasible.

  • Right to object – to object to processing based on our legitimate interests and to object at any time to processing for direct marketing.

  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

To exercise your rights, please contact DPO@mwcgroup.ch. We may need to verify your identity before responding.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your personal data.


Cookies and similar technologies

Our website uses cookies and similar technologies. Essential cookies are required for the site to function. Non-essential cookies (for example, analytics or marketing cookies) are used only with your consent.

You can manage your cookie preferences via the cookie banner or your browser settings.
For more information, please see our Cookie Policy.


Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on our website with an updated “Last updated” date.

bottom of page