GDPR and our gift to you
Your email inbox has probably been bombarded with requests from all sorts of people asked you to confirm that they can continue to send you their emails. Some companies have made it easy and all you have to do is click and confirm whereas others seem to have gone out of their way to make life difficult for us. For those where you have to click a link, go to their website, type in your name, email address, and all sorts of other information, confirm that you are not a ‘robot’, then respond to a confirmation email it’s as if they want to get you removed from their lists. For the last week I have had to respond to about 15 a day and it has become a real chore.
This is not to say that GDPR is not wanted, indeed I think that it is wonderful and puts us all in control of our data. It is long overdue, and it is yet another advantage of the UK being part of the EU that we may soon regret being without. At Interface we have taken the view that since we only communicate with clients who are paying us for an ongoing service they will want to continue to receive the information that we send them as part of that service. If by any chance you are on this list and want to be removed, then the unsubscribe button is always available so that you can unsubscribe at any time.
Our documentation has been revised to reflect the new changes and you can view our Data Protection and Privacy Statement, Our Terms of Business (which has the privacy section removed because it is now part of the new DPP Statement), and Client Agreement (which now includes reference to the DPP), are all available on our website and also when you log in to your Personal Finance Portal account.
For over a year we have asked you all to register and communicate securely using your Portal account. This request has been made with your protection and GDPR in mind and after a lot of preparation time the 25th of May 2018 is upon us. At Interface we will not send any sensitive information or documents by email. Wherever possible all communication will be via the Portal. On the odd occasion where email is the only communication possible we have taken a licence with Stay Private and if you receive an email you will have to create a PIN and accept T&Cs before you can view the email contents via our Stay Private secure web site.
At Interface we take data protection seriously and we have recently completed Cyber Essentials Certification which took us some time, focus, and not insignificant cost. Please visit Interface Financial Planning homepage and take a look at the Cyber Essentials badge – bottom left of the website and when you click on the badge it will take you to the National Cyber Security Centre. You can also view our Cyber Essentials certificate. When you are there click on Site Lock logo and you will see that our site is secure and constantly monitored. Security Hint: when you are browsing the internet look at the web address – if it doesn’t start with https:// it is not secure and it is time to proceed with caution. All of the sites that we ask you to log into are secure and the web addresses start with https://
We believe that we have done all that we can do to protect your data and probably we have done more than many, but please remember it is up to you to ensure that you use secure passwords. I have mentioned this in my previous communications, but I can’t say it enough so please check how secure is your password. My everyday password would take a hacker 5000 years to crack and if yours is anything less then PLEASE change it to something more secure.
Interface has always ensured that we do more than simply follow the regulations and we have aimed to go above and beyond the requirements in order to demonstrate our professionalism and commitment. To ensure that we could demonstrate our GDPR compliance we completed the WeareAstrid GDPR procedure and our certificate will be alongside out Cyber Essentials certificate.
So far, I have spent a lot of time discussing email, but you may not be aware that GDPR applies to all communications including email, phone, post (snail mail), SMS (text), Social Media (Twitter, Facebook, and all other SM), automated sales calls (whoever invented these!), and anything else that I may not have thought of. This means that you now have control to stop any and everyone using any or all of these means of communication – wonderful!
While we do not use post by choice on the occasions that it becomes absolutely necessary we may have to use Royal Mail Secure delivery so that we can track and prove delivery. This means that you will have to be available to personally sign and accept delivery and we will receive a copy of your signature which we will hold on file as proof of delivery. This delivery costs about £7.50 each time so we would prefer to use it sparingly however if we were to send sensitive data by ordinary post and it did not arrive this would be a notifiable event under the GDPR rules and the resulting administration would cost a lot more than £7.50.
With everything on line every time that you log in to your bank account you are exposing your credentials to possible interception. So, what would you pay for one facility where you could view all of your investments, bank accounts, credit cards, mortgages, confidential documents in one place with the knowledge that it was absolutely and categorically secure?
This is of course your own Personal Finance Portal which uses the international banking communication system provided by Yodlee to obtain one way information to PFP – there is no possibility of anyone or anything going back the other way so whatever happens there is no possibility of anyone accessing your bank account from PFP – none whatsoever. The Personal Finance Portal premium service is an additional service where you would normally pay a monthly charge however Interface Financial Planning has agreed to pay for that service for you so that all of our clients are provided with the premium service free of charge. The majority of our clients are now using this service and I cannot recommend it strongly enough – for your own protection and for the ultimate in security please ensure that you use your free gift in full without delay.
A client gave me a brilliant idea last month: she is going away and wanted a safe place to store copies of her passport and other documents. She uploaded them to PFP and she can view them from her Smart Phone or Tablet. Intelliflo updated the App this month and it now has all of the same features and facilities that you get when you log on via a PC or Mac, and the App works on Apple (iPhone or iPad) or Android so I recommend that you take a look.
I have mentioned passwords and some clients have asked about dual authentication: Multi- factor authentication requires you to supply more than one source of information to access your account. This is being considered for development and you may have the option for two-factor authentication before the year is out.
My apologies that this was another heavy communication: In my earlier newsletters I have referred to the fact that there are more regulatory changes in the first 5 months of 2018 than there were in the previous 5 years. At least by next month GDPR will be done and dusted (I hope!) and then we can return to any additional implications arising from MiFID (such fun!)