Nexus Global Privacy Policy (BFMI) for International Clients

Protecting your privacy and ensuring the security of your personal data is important to us at Cameron James/BFMI.
Cameron James/BFMI (“hereinafter referred to as “Cameron James/BFMI”) ensures all personal data is protected at all times, whether for prospective, actual or withdrawn clients.

The Privacy Policy below describes and explains how Cameron James/BFMI handles the collection, management and the protection of confidential Client, business partners and user’s information. Cameron James/BFMI takes security very seriously and adopts industry and information technology best practices to protect your personal information and ensures that your right to privacy is not infringed in any way and is not accessed by any unauthorized persons.

The terms “you” and “your” includes our clients, business partners and users of this website.

Cameron James/BFMI processes and stores personal information in accordance with the Data Protection Act 2004 (the “Data Protection Act”, which includes any modification or amendment to that Act), this Privacy Policy and the provisions of other applicable laws, regulations and rules.

What is Personal Information?

When used in this policy, the term ‘personal information’ has the meaning given to it in the Act. In general terms, personal information is information or an opinion that can be used to reasonably identify you, whether the information or opinion is true or not. This includes any information we collect from you directly, or from a third party such as your employer, in order to offer you a service or product. It may include, but is not limited to, your name, address, date of birth, contact details including email address, Tax File Number, occupation, financial information and/or any additional information you provide to us directly or indirectly through a website or via a representative. Personal information may also include ‘sensitive information’.

What is Sensitive Information?

Sensitive information includes information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional trade or association, membership of a trade union, sexual orientation or practices, criminal record, health information, genetic information or biometric information.

Cameron James/BFMI will not collect sensitive information about you without your consent unless it is required by Gibraltar law, or other limited exemptions apply.

Collection of your Personal Information

Generally, we are required to collect personal or sensitive information directly from you in the course of offering and administering our products and services and managing the employment and engagement of our staff and contractors. The information we may collect includes:

  • Name;
  • Address;
  • Date of birth;
  • Contact details (including telephone and email);
  • Gender;
  • Occupation;
  • Tax File Number;
  • salary;
  • Relevant financial information;
  • Employment history and other information collected during the recruitment process.
  • Any additional information relating to you that you provide to us directly through our websites or indirectly through our websites or online presence such as ‘cookies’.

Where relevant, your personal information may also be provided to us via a third party such as your employer, other superannuation or investment fund, recruitment company, financial adviser or other representative authorized by you, as well as publicly available sources.

The Purpose of Collecting Personal Information

We will only collect personal information about you where it is reasonably necessary for one or more of the activities or functions that we undertake for you, your employer or the trustee of a superannuation fund. Where it is reasonable and practicable to do so, we will collect the personal information from you directly.

We collect your information in order to provide the following services and products and to manage the employment and engagement of our staff and contractors and to give you information about these matters:

  • For financial advisory services, to provide you with financial advice and implement your instructions in relation to your finances;
  • For regular savings and Lump-Sum Investments;
  • Pension transfers services;
  • Tax planning services;
  • To provide any consulting or other services you may request;
  • For handling any complaints, inquiries or disputes regarding our services, products and your employment with Cameron James/BFMI;
  • To manage and assess your claim, and manage subsequent correspondence in relation to your claim; and
  • For recruitment purposes, to manage your employment application and, if you are successfully placed in a position at Cameron James/BFMI, your ongoing employment.

If you do not provide the personal information requested, we may not be able to provide you with these services and products or continue with your recruitment or employment. We may also use it to supply you with information about the other products and services offered by our related companies and us.

Use and Disclosure

Cameron James/BFMI collects, uses and discloses personal information about individuals for the primary purpose of providing a product or service and the recruitment and employment of staff and contractors as a part of conducting our business operations. Our business model includes the provision of:

  • Consulting and investment services to our clients;
  • Financial Advice and related services.

We use and disclose personal information to:

  • Provide products, services or financial advice to individuals and to send communications requested by them;
  • Answer enquiries and provide information or advice about new or existing products or services;
  • Manage and assess insurance claims;
  • Provide access to protected areas of our website; provide marketing information and materials (including direct marketing), product or service development and research purposes;
  • Perform data analytics for marketing, product or policy development;
  • Keep your contact details up-to-date;
  • Investigate and respond to any complaint and deal with any subsequent dispute resolution process;
  • manage applications for employment with us and any subsequent employment; and
  • Comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (where relevant).

We may disclose your information to:

  • Related bodies corporate, contractors or other business support service providers for the purposes of the operation of our business, products, and services such as administration, document storage warehouses, printing and mail houses, couriers, payment system operators, debt collectors and authorized professional advisers such as accountants, solicitors, and consultants;
  • Your financial adviser or other third-party appointed by you;
  • Our data hosting and IT (related and non-related party) service providers who may be located or store data in other countries;
  • Other Cameron James/BFMI companies which need to use the information to provide products or services to you;
  • Other superannuation, pension, and investment fund trustees or administrators should you transfer your investment to another fund;
  • Recruiters and employment screening service providers for the purposes of considering applications for employment;
  • As required by law, to government bodies.

Cameron James/BFMI is required to collect and use certain government-related identifiers such as Tax File Numbers when providing certain services to our employees, members, and clients. Cameron James/BFMI is not permitted to and does not adopt government identifiers as an identifier of the individual. Cameron James/BFMI does not use or disclose government related identifiers in any way that is inconsistent with the purpose for which they were originally issued other than where it is required or authorized by or under a Madagascar law or a court/tribunal order.

GDPR Compliant - The General Data Protection Regulation (EU)

From the 25th May 2018, the General Data Protection Regulation (Regulation (EU) 2016/679a>, more commonly known as the ‘GDPR’) provides data subjects more rights in relation to their personal data. You can find out more about the GDPR and your rights by accessing the European Commission’s website. You have the following rights:

  • Information about the processing of your personal data (and if you did not give it to us, information as to the source);
  • Obtain access to the personal data held about you;
  • Ask for incorrect, inaccurate or incomplete personal data to be corrected;
  • Request, in certain cases, that personal data be erased when it’s no longer needed or if processing it is unlawful;
  • Object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;
  • Request the restriction of the processing of your personal data in specific cases;
  • Receive your personal data in a structured, commonly used and machine-readable format, or ask us to send it to another person (‘data portability’); and
  • Request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.

Please note these rights may only apply in certain cases. For example, some rights only apply where our lawful ground of processing is your consent, or where we have a contract with you. You also have a right to lodge a complaint with the appropriate data protection authority whose details are provided below, and in certain cases may receive compensation from us, as data controller, for any damage you suffer.

We want to ensure that your personal information is accurate and up to date. If any of the information that you have provided to us changes, for example, if you change your email address or name, please let us know the correct details by contacting us on the details below. You may ask us, or we may ask you to correct information you or we think is inaccurate, and you may also ask us to remove information which is inaccurate. You can find out more about the GDPR and your rights by accessing the European Commission’s website.


Cameron James/BFMI places a high priority on the security of personal information, and we are committed to protecting the personal information that you provide to us. We take reasonable steps to ensure that your personal information is secure and we use and maintain appropriate safeguards to prevent misuse and loss and from unauthorized access, modification or disclosure. We implement administrative, physical and technical safeguards to protect the confidentiality and integrity of your personal information and data that we use and hold.

Where practical, your personal information is de-identified or destroyed when it is no longer required. Where Cameron James/BFMI becomes aware of any actual or potential unauthorized access or disclosure of your personal information, we will ensure that the potential breach is managed by Cameron James/BFMI in accordance with the law.

Privacy on The Internet

We take care to ensure that the information you give us via our websites is protected. Cameron James/BFMI uses and maintains appropriate safeguards to prevent unauthorized access to or use of your personal information and data. We implement administrative, physical and technical safeguards to protect the confidentiality and integrity of your personal information and data which may be transmitted via the internet.

We use ‘cookies’ to store the information provided by your browser when you visit our websites. This includes the date and time of your visit, the pages accessed and documents downloaded. This enables us to keep track of products or services you view so that, unless you have opted out, we can send you news about those products or services. We also use cookies to measure demographic usage patterns to determine which areas of our website have been visited and to improve our services.

Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third-party website, and we are not responsible for the privacy policies or the content of any third party website. Third-party websites are responsible for informing you about their own privacy practices.

Access and Correction

Cameron James/BFMI aims to ensure that the personal information we hold about individuals is accurate, up-to-date and complete. We will take reasonable steps to ensure the quality of your personal information at two distinct points in the information handling process: collection and use or disclosure.

If you advise us that the information that we hold about you is not accurate, up-to-date or complete, we will take reasonable steps to correct your information. Otherwise, you may request access to your personal information by contacting Cameron James/BFMI’s Privacy Officer (see the ‘Contacting Us’ section below). The Cameron James/BFMI Privacy Officer will need to establish the identity of the individual requesting the information prior to providing it Cameron James/BFMI.

There are a number of situations where Cameron James/BFMI may deny an individual access to personal information. These can include circumstances where it would have an unreasonable impact on the privacy of other individuals, the information relates to existing or anticipated legal proceedings, we have reason to suspect that unlawful activity or misconduct of a serious nature is being or maybe engaged in, or where the law requires or authorizes such access to be denied. Cameron James/BFMI’s Privacy Officer will advise you if any of these or other circumstances apply.

Cross-Border Disclosure

Cameron James/BFMI outsources some of its activities and may disclose personal information to our related bodies corporate and third-party suppliers and service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your information do not breach the privacy obligations relating to your personal information.

Direct Marketing

Cameron James/BFMI may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms including mail, fax and electronic media such as email and SMS and social media such as Twitter and Facebook. If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from Cameron James/BFMI by using the opt-out facilities provided within the marketing communications.

Cameron James/BFMI does not share, sell, rent or disclose your personal information to other organizations other than as described in this Privacy Policy.

Governing Law and Jurisdiction

All issues regarding our website and Privacy Policy are governed by Gibraltar law and are subject to the exclusive jurisdiction of the Gibraltar courts.

Your right to complain

We always try to meet the highest standards in order to protect your privacy. If you are concerned about the way in which we are managing your personal information and think we may have breached any applicable privacy laws or any other relevant obligation, please raise any complaints regarding the processing of personal data to us directly on the contact details above.

We will make a record of your complaint and refer it to our internal complaint resolution committee for further investigation. We will deal with the matter and keep you informed of the progress of our investigation.

If we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved to your satisfaction, you are entitled to make a complaint to the Data Protection Commissioner under the Data Protection Act, which is the Gibraltar Regulatory Authority (GRA). The GRA is responsible for ensuring that your rights and obligations are respected. The GRA is also competent to hear your complaints and may prohibit or restrict the processing of your personal data in certain cases. You can contact the GRA as per below.

  • Gibraltar Data Protection Commissioner
    Gibraltar Regulatory Authority
    2nd Floor, Eurotowers 4
    1 Europort Road

Nexus Global Privacy Policy (BFM UK) for UK Clients

The Blacktower Group was formed in 1986 to provide independent wealth management advice and a bespoke service for both individual and corporate clients. We value your privacy and are committed to protecting the privacy of all our clients, business partners and users of our services and website. We therefore ask that you please read our Privacy Policy before providing us with any information about you or any other person.

This Policy explains when and why we collect personal information about people who enquire about or make an investment using the services of Blacktower Group. The policy also explains how we use that information, the conditions under which we may disclose information to others and how we keep personal information secure.

When using the terms “personal data”, “personal information” or simply “your information” in our Privacy Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. These pieces of information are also known as “identifiers” and include a name, an online identifier, or a reference to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. It does not include data where the identity has been removed (anonymous data).

When using the term “processing”, we mean any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (so practically anything we do to your personal data is processing!)

When using the term “Blacktower Group”, we mean the group of companies forming part of the corporate structure of which the data controller (identified below) forms a part. This Privacy Policy is issued on behalf of Blacktower Group so when we mention “Blacktower Group”, “we”, “us” or “our” in this Privacy Policy, we are referring to the relevant company in the Blacktower Group responsible for processing your data. We will let you know which entity will be the controller or processor for your data when you purchase a product or service with us.


Navigating this policy

If you are viewing this policy online, you can click on the below links to jump to the relevant section:

  • Who we are and how to contact us
  • How we collect information from you
  • What type of information is collected?
  • How we use your personal information
  • How long we keep your information for
  • Your individual rights
  • Sharing your personal information
  • Keeping your information safe
  • Additional Information


Who we are and how to contact us

Blacktower Financial Management Limited (“BFM”) is the data controller of any personal data you provide and responsible for this website. BFM is regulated and authorised by the Financial Conduct Authority.

Our business is to help clients protect the financial assets they already have and advise them on how to manage and grow them to achieve their financial aspirations. We use our experience to find the right products for each individual’s circumstances, personal or business, both home or abroad. Any questions regarding our Privacy Policy should be sent to:

The Compliance Officer
Blacktower Financial Management Limited Fetcham Park House
Lower Road
Fetcham, Surrey, KT22 9HD, England Phone: +44 1372 844 344
Fax: +44 1372 844 530 Questions can also be sent by email to: contact@blacktowerfm.com


What type of information is collected?

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us or from a Blacktower IFA.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. More information on this is contained in our Cookie Policy
  • Profile Data includes your username and password to access our client portal, your interests, preferences, feedback and survey responses.
  • Usage Data includes information about how you use our website, products and services, and navigate through the website.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share ‘Aggregated Data’ such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

In most cases, we do not collect any ‘Special Categories’ of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. However, in limited cases, we may need to collect such categories of data and if so will rely on a lawful basis (such as your explicit consent) to ensure that we can lawfully process that data only as may be required as part of an ongoing business relationship you have with us.


How we collect information from you

We collect information about you when you:

  • use our website ‘contact us’ form to enquire about products and services
  • meet with an independent financial adviser (IFA) which is part of our network and acts as an Appointed Representative of Blacktower Group (a “Blacktower IFA”)– at this meeting an IFA may ask you questions which will be recorded onto our client take-on documents including for example our Fact-Find forms, Risk Profile Questionnaires or Client Agreements
  • register to receive one of our newsletters, or attend one of our events
  • call our office to enquire about our services
  • enter into a formal business relationship with a Blacktower IFA and/or any entity within the Blacktower Group

Other than from information you enter on our website, or provide on our documentation, we may also collect your personal data from documents you provide to us. For example, we may also ask you to provide evidence of your identity such as asking for a copy of your passport, driving licence, proof of residence or income. We are required to ask for this information to comply with anti-money laundering (AML) legislation such as the Proceeds of Crime Act 2015, to ensure we safeguard against and report any suspicious activity.



Please note that if you communicate with us electronically, including by e-mail, telephone or fax, this communication may be monitored and/or recorded to protect the interests of our business and our customers. This includes for the purposes of maintaining customer/service quality standards, detection of and/or prevention of crime and to ensure that Blacktower Group employees and Blacktower IFA’s comply with legal obligations.


If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services or those of a Blacktower IFA). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time


How we use your personal information

We use personal information about you in connection with the following purposes:

Provision of services and account management:

  • to provide you with the information, products and services that you have requested from us.
  • to complete any transaction you are undertaking with us;
  • to manage and operate your account with the chosen Blacktower IFA as well as any platform providers they recommend, including sending you information relating to your account controlled by Blacktower Group;
  • to meet a legal or regulatory obligation.

Service improvements:

  • to ensure that content from our site is presented in the most effective manner for you;
  • to administer our site and for internal business administration and operations, including
    troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to notify you about changes to our service;
  • as part of our efforts to keep our site safe and secure;

Direct Marketing:

  • to provide you with information about other services we offer that are similar to those that you already have or have enquired about;
  • to provide you with other marketing material such as our Newsletter.

If you do not want your personal information to be used for marketing purposes, please contact us on the above details.

Where you are an existing client, we will rely on our legitimate interests as the lawful basis for processing your personal information for the purposes of direct marketing. To this end, it may be necessary to process your information so we can directly market in our legitimate interest. In addition, we consider it reasonable for you to expect you may receive marketing material from us in the same methods we normally communicate with you (e.g. via email) and that there is no disproportionate impact to your individual privacy rights in this case.

In this context, “legitimate interest” means the interest of our business in conducting and managing our business to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us on the above details.


Change of Purpose:

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us on the above details.


Automated decision-making

We do not use automated-decision making methods (including profiling), save that we may risk profile our clients in compliance with applicable anti-money laundering legislation.

Decisions as to how your data is processed are therefore based on your instructions to us under any agreement we may have with you, or on our initiative in order to fulfil our agreement with you or to comply with our legal obligations (and on an occasional basis, to further our legitimate interests as outlined in this Privacy Policy. This means decisions are not made by robots or computers, and therefore not ‘automated’. However, certain third parties may use certain automated decision-making tools or software. We are not responsible for the privacy practices of others and will take reasonable steps to bring such automated decision-making to your attention, but you are encouraged to become familiar with the privacy practices of any third parties you enter into any agreements with.


How long we keep your information for

We retain your information only for as long as is necessary for the purposes for which we process the information as set out in this Privacy Policy. Records can be held on a variety of media (physical or electronic) and formats.

Retention periods are determined based on the type of record, the nature of the record and activity and the legal or regulatory requirements that apply to those records. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

However, we may retain your personal data for a longer period of time where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person or where we have a legitimate interest to do so for example, to manage your pension, tax and social security obligations etc.


Your individual rights

You have certain rights under applicable legislation, and in particular under The Data Protection Act 2018 which is the UK’s implementation of the General Data Protection Regulation (GDPR). We explain these below. You can find out more about the Data Protection Act 2018 and GDPR by visiting www.ico.org.uk


Right Information and access

You have a right to be informed about the processing of your personal data (and if you did not give it to us, information as to the source) and this Privacy Policy intends to provide the information. Of course, if you have any further questions you can contact us on the above details.


Right to rectification

You have the right to have any inaccurate personal information about you rectified and to have any incomplete personal information about you completed. You may also request that we restrict the processing of that information.

The accuracy of your information is important to us. If you do not want us to use your Personal Information in the manner set out in this Privacy Policy, or need to advise us of any changes to your personal information, or would like any more information about the way in which we collect and use your personal information, please contact us at the above details.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.


Right to erasure (‘right to be forgotten’)

You have the general right to request the erasure of your personal information in the following circumstances:

  • the personal information is no longer necessary for the purpose for which it was collected;
  • you withdraw your consent to consent based processing and no other legal justification for
    processing applies;
  • you object to processing for direct marketing purposes;
  • we unlawfully processed your personal information; and
  • erasure is required to comply with a legal obligation that applies to us.

We will proceed to comply with an erasure request without delay unless continued retention is necessary for:

  • Exercising the right of freedom of expression and information;
  • Complying with a legal obligation or other applicable law;
  • The performance of a task carried out in the public interest;
  • Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, under certain circumstances; and/or
  • The establishment, exercise, or defence of legal claims.


Right to restrict processing and right to object to processing

Instead of requesting erasure, you also have the right to right to restrict processing of your personal information where:

  • you contest the accuracy of the personal information;
  • processing is unlawful, but you do not want us to erase it;
  • we no longer need to process your personal information but you need us to retain your information as you need it for the establishment, exercise, or defence of legal claims; or
  • you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it

You also have the right to object to processing of your personal information under certain circumstances, such as:

  • where the processing is based on your consent and you withdraw that consent;
  • where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms; or
  • where we are processing your personal data for direct marketing purposes

Exercise of this right may impact the services we can provide and we will explain this to you if you decide to exercise it. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms, and this may allow us to continue to (wholly or partly) process your personal information.


Right to data portability

With respect to automated information which you initially provided consent for us to use, or where the processing is necessary for the performance of a contract to which you are party (or in order to take steps at your request prior to entering into a contract), you have a right to receive the personal information you provided to us in a structured, commonly used and machine-readable format, or ask us to send it to another person.


Right to freedom from automated decision-making

As explained above, we do not use automated decision-making, but where any automated decision-making takes place, you have the right in this case to express your point of view and to contest the decision, as well as request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers.


Right to object to direct marketing (‘opting out’)

You have a choice about whether or not you wish to receive information from us.

We will not contact you for marketing purposes unless:

  • you have a business relationship with us, and we rely on our legitimate interests as the lawful basis for processing (as described above)
  • you have otherwise given your prior consent (such as when you download one of our guides)

You can change your marketing preferences at any time by contacting us on the above details. On each and every marketing communication, we will always provide the option for you to exercise your right to object to the processing of your personal data for marketing purposes (known as ‘opting-out’) by clicking on the ‘unsubscribe’ button on our marketing emails or choosing a similar opt-out option on any forms we use to collect your data. You may also opt-out at any time by contacting us on the below details.

Please note that any administrative or service-related communications (to offer our services, or notify you of an update to this Privacy Policy or applicable terms of business, etc.) will solely be directed at our clients or business partners, and such communications generally do not offer an option to unsubscribe as they are necessary to provide the services requested. Therefore, please be aware that your ability to opt-out from receiving marketing and promotional materials does not change our right to contact you regarding your use of our website or as part of a contractual relationship we may have with you.


Right to request access

You also have a right to access information we hold about you. You can exercise this right at any time by contacting us on the above details.

We are happy to provide you with details of your personal information that we hold or process. To protect our customers’ personal information, we follow strict storage and disclosure procedures, which mean that we will require proof of identity from you prior to disclosing such information. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated


Right to withdraw consent

Where the legal basis for processing your personal information is your consent, you have the right to withdraw that consent at any time by contacting us on the above details. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent


Raising a complaint about how we have handled your personal data

If you wish to raise a complaint on how we have handled your personal data, you can contact us as set out above and we will then investigate the matter.


Sharing your personal information

We may pass your information to our Blacktower IFAs, business partners, administration centres, third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf, or to enable us to obtain a quote for you or provide you with other related services.

These third parties may include:

  • Fund managers, insurers, insurance brokers, or credit brokers.

When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

We also work closely with various third-party product and service providers to bring you a range of wealth management solutions. When you enquire about or invest in one or more of these products or services, the relevant third-party provider will use your details to carry out their obligations arising from any contracts you have entered into with them. These third-party providers will share your information with us which we will use in accordance with this Privacy Policy.

We may transfer your personal information to a third party as part of a sale of some, or all, of our business and assets or as part of any business restructuring or reorganisation, or if we are under a duty to disclose or share your personal data in order to comply with any legal obligation. However, we will take steps to ensure that your privacy rights continue to be protected.


Transferring your information outside of the European Economic Area

There may be instances where as part of the services offered to you by Blacktower Group, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). The EEA includes the European Union countries as well as Iceland, Liechtenstein and Norway. Transfers outside of the EEA are sometimes referred to as ‘third country transfers’.

This may happen if any of our Platform providers are located in a ‘third country’ outside of the EEA. If we transfer your information outside of the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Policy. This may require us to take certain additional steps to ensure that appropriate safeguards are in place if that third country is not deemed by the European Commission to offer an adequate level of protection for your privacy rights, which may include use of contractual safeguards to allow you to be able to enforce your rights and ensure these are preserved. In certain circumstances, we may need to ask you for your explicit consent to such third country transfers, and will always do so in writing and giving you full information about why we need your consent and your right to withdraw that consent at any time (together with the consequences of withdrawal).

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see further information on the European Commission’s website: European Commission: EU-US Privacy Shield.

If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.


Keeping your information safe

At Blacktower Group, we take our responsibility to look after your personal information and privacy seriously. In today’s world, we have all seen a growing trend in cybercrime and security breaches. We have a number of security measures in place to help prevent fraud and cybercrime.

If we become aware that a personal data breach has occurred and is likely to result in a high risk to the rights and freedoms of our clients, business partners or employees, we will inform them without undue delay.

We educate and train our employees on our information security, fraud prevention and privacy obligations annually. Information Security awareness also forms part of our new employee induction program.

We also educate our employees in identifying potential financial crime and internal fraud; any suspicious activity is reported to the Gibraltar Financial Intelligence Unit.


We will always interact with you in a safe, secure and consistent manner

To keep your information secure and to protect our clients from fraud, Blacktower Group will only interact with you in the following ways. If in doubt, call our office or email us at info@cjfinance.co.uk.


When interacting with you, we will:

  • Post information electronically to your email address
  • Verify who you are when speaking to you on the phone, by asking you security questions.

We will not:

  • Ask you for any password over the phone.
  • Send you an unsolicited email with a link to our login page asking you to enter your details
  • Ask you for payment or credit card details by email or telephone.


Physical controls – As well as protecting your digital information, Blacktower Group also protects its offices where personal data may be used and stored. This includes secure disposal of confidential waste and hardware, personal card access and locks on doors and file storage cabinets, with a ‘clear desk’ policy to ensure all information is locked away and protected.

Logical controls – Blacktower Group uses technical security measures to make sure our systems where we store and use personal information are protected from unauthorised access. Tools such as authentication controls, antivirus, firewalls, malware detection and back-up procedures are used across the business. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.


We have a business continuity plan.

The key drivers in developing the business continuity plans are;

  • To mitigate the risks that could lead to the significant disruption of our services to our clients.
  • To provide a recovery plan that supports a timely and full restoration of our services for our clients

Whilst we take appropriate technical and organisational measures to safeguard your personal information, please note that we cannot guarantee the security of any data that you transfer over the internet to us.


Additional Information

Privacy Protections for Children Using the Internet

Protecting children’s privacy is important to us. For that reason, we do not collect or maintain information on our website from those we actually know are under the age of 16, nor is any part of our website targeted to attract anyone under 16. We request that all visitors to our website who are under 16 not disclose or provide any personal data and discontinue use of our website.


Third Party Links

This website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. The privacy policies of others may differ significantly from our Privacy Policy. Therefore, we encourage you to read the privacy statement/policy of each and every website you visit.


Review of this Privacy Policy

We may make changes to this Privacy Policy from time to time. We encourage you to review the Privacy Policy whenever you access or use our website to stay informed about our information practices and the choices available to you. If you do not agree to the revised Privacy Policy, you should discontinue your use of our website.

Contacting Us

If you have any questions about this privacy policy, would like to know more about Cameron James personal information principles, or if you have any concerns or would like to make a complaint regarding the treatment of your personal information, you can contact Cameron James Privacy Officer using the details set out below.

We treat any concerns or complaints that you may have with respect and confidentiality. A privacy representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

How can you contact us or make a complaint?

The data controller for any personal data you provide to us is Cameron James. If you have any questions, concerns or comments or if you would like further information about this Privacy Policy, how we handle your Personal Data or otherwise wish to enforce your data protection rights, please contact us at:

Cameron James does not have a designated Data Protection Officer, but our Privacy Team can be contacted directly via the above details.

Reach Us