Who we are
This website is provided by MFM Investment Ltd, a company incorporated in England and Wales with company number 9088155 and registered office at 90-92 Pentonville Rd, London N1 9HS (“Moneyfarm”). MFM Investment Ltd is part of a group which is made up of different legal entities, including:
- MFM Investment Ltd – Italian branch, registered office: Largo Carlo Felice, 26 – 09124 Cagliari
together, the “Moneyfarm Group”.
Moneyfarm’s products and services are not designed to appeal to or not available to, persons under the age of 18. Therefore, Moneyfarm does not knowingly attempt to solicit or receive any information from anyone under the age of 18.
Lawful basis of processing
Under data protection laws, Moneyfarm must have legal bases in order to process your personal data. The legal bases on which Moneyfarm may process your data are:
- Consent: where you have consented for us to process your personal data for one or more specific reasons
- Performance of a contract: in order to perform a contract we have with you
- Legal obligation: where processing of the data is required by law. We are also required by law to retain certain information of those that register to open an account with us and the data of customers beyond the date when they cease to be our customers
- Legitimate interest: in order to carry on the purposes of Moneyfarm’s business. We also have a legitimate interest in preventing fraud and money laundering and to verify identity, in order to protect our business and our customers; in order to understand how people interact with our website; to provide communication which we think will be of interest to you; to determine the effectiveness of promotional campaigns and advertising
What information does Moneyfarm collect and how does Moneyfarm collect this information from you?
Moneyfarm may need to collect information about you and your computer to allow you to use some services, including:
- Identity data: First name, middle name, last name, email, marital status, title, date of birth and gender.
- Contact data: billing address and telephone numbers.
- Financial data: bank account and payment card details.
- Transaction data: details about payments to and from you and other details of products and services you have purchased from us.
- Technical data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile data: your username and password, your interests, preferences, feedback and survey responses.
- Usage data: information about how you use our website, products and services.
- Marketing and communications data: your preferences in receiving marketing from us and our third parties and your communication preferences.
The information may be collected:
- Directly when you register or log on to the website or when you choose to use an available Moneyfarm service via the website, including when you fill out forms, transfer any policies into our agency, upload any documentation, send Moneyfarm any communication by email, fax or post, make an enquiry, complete the Moneyfarm risk profiling questionnaire or any other communication that Moneyfarm receives directly or indirectly from you.
- As you browse the Moneyfarm website, including information relating to your browsing patterns and technical data about the equipment you are using to access the website is automatically collected using cookies, server logs and other similar technologies.
- From third parties/public sources:
- technical data may be obtained from the following parties:
- analytics providers
- advertising networks
- search information providers
- Contact, financial and transaction data may be obtained from providers of technical, payment, credit referencing, and delivery services based both inside and outside the EU.
- identity and contact data from publicly available sources such as Companies House and the Electoral Register based inside and outside the EU.
- We utilise third-party service providers to secure information related to financial crime, fraud, sanctions and Politically Exposed Persons.
- technical data may be obtained from the following parties:
What does Moneyfarm do with this information?
Moneyfarm may use your personal data for the following purposes:
- to provide the requested services to you;
- to monitor traffic patterns and usage of the website to help to improve the website design and layout;
- to record and store communications made via phone, Skype or the website chat function;
- to personalise your experience on the Moneyfarm website or communications/advertising;
- to provide customer service, including to respond to your enquiries and fulfil any of your requests for information;
- to send you important information regarding the Moneyfarm services and/or other technical notices, updates, security alerts, and support and administrative messages; and
- as Moneyfarm believes to be necessary or appropriate:
- in order to comply with a legal obligation. This applies where the processing is necessary for Moneyfarm to comply with the law;
- to protect Moneyfarm’s legitimate rights, privacy, property or safety, and/or those of a third party and your rights do not override those interests.
We may carry out fraud prevention checks using fraud prevention databases. If false or inaccurate information is provided, and/or fraud is identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. We may access and use the information recorded by fraud prevention agencies from other countries.
We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services you have requested.
Fraud prevention agencies can hold your personal data for different periods of time, also depending on whether or not you are considered to pose a fraud or money laundering risk.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services you have requested, or we may stop providing existing services to you.
In order to carry out your instructions, Moneyfarm may also pre-populate the forms of third party websites with the personal data you have supplied us with. This may be done manually or through secure and encrypted data transfers.
Retention of your data
Moneyfarm will not retain your personal data for longer than is necessary for the purposes for which the personal data is processed. This means that your data will only be retained for as long as it is still required to provide you with services or is necessary for legal reasons. When calculating the appropriate retention period for your data Moneyfarm considers the nature and sensitivity of the data, the purposes for which Moneyfarm is processing the data and any applicable statutory retention periods. Using these criteria, Moneyfarm regularly reviews the personal data which we hold and the purposes for which it is held and processed. Our regulatory requirements mean that we are obliged to retain data for a minimum of seven years from the end of our business relationship with you.
When Moneyfarm determines that personal data can no longer be retained (or where you request Moneyfarm to delete your data in accordance with your right to do so (please see below for more information), Moneyfarm ensures that this data is securely deleted, anonymised or destroyed.
However, please note that, in some circumstances Moneyfarm may decide to retain your personal data for research or statistical purposes and, in such circumstances, Moneyfarm will anonymise your data before retaining it.
Accuracy of your data
It is important that the personal data Moneyfarm holds about you is accurate and current. Please keep Moneyfarm informed if your personal data changes during your relationship with us.
Security of your data
In order to protect your personal data, Moneyfarm has appropriate organisational and technical security measures. These measures include storing data on a dedicated and secure server with at least 256-bit encryption, restricting access to your personal data to certain employees, ensuring the Moneyfarm internal IT systems are suitably secure, and implementing procedures to deal with any suspected data breach.
In the unlikely event of a data breach, Moneyfarm will take steps to mitigate any loss or destruction of data and, if appropriate, will notify you and any applicable authority of such a breach.
In addition to the above, where Moneyfarm has given you (or where you have chosen) a password which enables you to access certain parts of the website, you are responsible for keeping this password confidential and should not share your password with anyone. When setting a password you should make it as secure as possible and not use the same password for different purposes.
Data transfers and sharing your data with third parties
Moneyfarm will not disclose your personal data to third parties other than as described in this section unless it is otherwise legally permitted or required to do so.
Moneyfarm may share your data with other members of the Moneyfarm Group.
Moneyfarm may also need to pass your information to third party service providers which maintain, administer or develop the website on our behalf and the information will only be provided for such limited purposes and as detailed below. In addition, Moneyfarm may provide aggregate statistics about its customers, sales, traffic patterns and related website information to reputable third-parties, but these statistics will include no personally identifiable information.
Moneyfarm may transfer your personal data to third parties of the following types:
- companies providing identity or financial validation services;
- financial product providers;
- Payment services companies acting on your, or our behalf;
- companies providing analytics services;
- data, service and software providers;
- companies collecting and publicising customer reviews;
- marketing services companies;
- regulatory and law enforcement bodies.
- Regulated Financial Services firms subject to market abuse regulations that require disclosure of their personnel’s investment activities
- Accounting firms subject to independence rules which restrict certain of their personnel from holding investments with audited financial institutions.
The security of your data is important to us and Moneyfarm will therefore, only transfer your data to such third parties if one or more of the following apply:
- you have expressly consented to your data being shared with specific third parties;
- the third party needs to access the personal data for the purposes of providing any contracted services to you;
- the third party has agreed to comply with Moneyfarm’s instructions, required data security standards, policies, and procedures and put adequate security measures in place;
- the transfer complies with any applicable cross border transfer restrictions and suitable safeguards have been put in place; and
- a fully executed written contract that contains suitable obligations and protections has been entered into between the parties.
- only transferring your personal data to countries which have been deemed to provide an adequate level of protection for personal data by the European Commission;
- where your data will be transferred outside of the EEA, entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA; or
- where your data will be transferred to the US, ensuring that the third party to which Moneyfarm are transferring your data is part of the Privacy Shield.
Your personal data is protected by legal rights, which include:
- Right to rectification: you have the right to require us to correct any inaccuracies in your data.
- Right to erasure: you have the right to require us to delete your data, subject to certain legal requirements.
- Right to restriction of processing: you have the right to require us to restrict the way in which we process your personal data. You may wish to restrict processing if, for example:
- You contest the accuracy of the data and wish to have it corrected;
- You object to processing but we are required to retain the data for reasons of public interest; or
- where you are remaining as a customer but do not wish to receive marketing communication.
- Right to data portability: you have the right to obtain from us easily and securely the personal data we hold on you for any purpose you see fit.
- Right to object to processing: you have the right to require us to stop processing your personal data should you wish the data to be retained but no longer processed. Please be aware that this may prevent us from continuing to provide services to you.
- Right of access: you have the right to request access to personal data that we may process about you.
- Right to withdraw consent: you have the right at any time to withdraw consent allowing us to process your personal data. This will not affect the legality of any processing prior to the date of such withdrawal.
If you would like to exercise any of the above rights, please:
- put your request in writing and send it to us through your usual registered channel (e.g. registered e-mail);
- specify the right you wish to exercise.
For more information or to exercise your data protection rights please, please contact us at: firstname.lastname@example.org.
We will respond to requests made by you within one month.
Moneyfarm may use your personal data to notify you of news about Moneyfarm, changes to the website, special events or new services that Moneyfarm thinks may be of interest to you if you have consented to, and have not at any point opted out from, receiving marketing communications.
If, at any time, you would rather not receive such information, please contact Moneyfarm in writing, either by post or email (to email@example.com) to let us know. All emails include links to unsubscribe options, to allow you to stop or tailor the emails you receive at any time.
If you ask not to receive such news, Moneyfarm will still need to keep your personal data so that you can continue to use the website and so that Moneyfarm can deal with the administration and security of the website. Moneyfarm will still contact you by email or post for anything necessary for the administration of your membership and to comply with any legal or other important conditions; however, Moneyfarm will not then email you or contact you for promotional purposes without your subsequent consent.
We will also contact existing active customers when we think information or a new service is relevant to them. Don’t worry, you will continue to receive these relevant notifications even if you restrict marketing communications.
We will ensure that we obtain your consent before we share your personal data with any company outside of the Moneyfarm Group for marketing purposes.
From time-to-time Moneyfarm may request information from users for the purposes of running contests or competitions. Participation in these contests or competitions is completely voluntary and you, therefore, can choose whether or not to disclose this information for this purpose
For more information about the cookies we use, please see our Cookies Policy.
Links to other websites
You should also be aware that you have the right to raise any concerns in relation to how we process your personal data to the Information Commissioner’s Office (ICO).
Our full details are:
Full name of legal entity: MFM Investment Ltd
Email address: firstname.lastname@example.org
Postal address: 90-92 Pentonville Rd, London N1 9HS
Telephone number: +44  203 745 6991
If you believe at any time that we have not handled your data in accordance with this Policy you should contact the Data Protection Officer. You may also contact the Information Commissioner’s Office (ICO) who supervise the protection of data by companies within the UK.
Last updated 29 October 2018