Who we are
APCL is part of the Funeral Partners Group (“Group”) and, in order to sell and administer funeral plans, it is authorised and regulated by the Financial Conduct Authority with firm reference number 965282.
Protecting your rights and interests
Personal Data is information which relates to an identified or identifiable living individual. Protecting your data, and operating in line with the UK’s data protection standards, is very important to us.
This Policy explains what Personal Data we collect, how we may use and manage it and the rights you have in relation to your Personal Data. Before you or anyone else provides us with your Personal Data or browses our website, please read through this Policy in full, and make sure that you are comfortable with our privacy practices. Please do speak to us if you have any questions.
Our website may contain links to other organisations or other service provider websites. These third party sites are not subject to this Policy and we recommend that you check the privacy and security policies of each website that you visit. We are responsible only for the privacy and security of the data that we collect and we have no control over the actions of these third parties sites in relation to your data.
Please refer to the Glossary section at the end of this Policy for an explanation of the important terms in this Policy.
The Personal Data we collect
References in this policy to “you” or “your” are references to individuals whose Personal Data we may collect and process. We will collect and process your Personal Data in different ways, which will depend upon the relationship we have with you, how we obtained your Personal Data and how you interact with the products and services we offer.
We collect Personal Data from a range of individuals in the context of our business activities, such as:
- customers (people who buy, or may wish to buy, a funeral plan);
- covered individuals (people who are named in a funeral plan and insured in the event of their death);
- nominated representatives (those who may be informed of the details of a funeral plan purchase);
- suppliers, contractors, and other business contacts;
- users of our websites;
- individuals who contact us by any means;
- our employees and those who are working with us on our behalf; and
- job applicants.
How we collect your Personal Data
We obtain Personal Data which you knowingly and voluntarily disclose to us, both in an online and offline context. We may collect Personal Data when you:
- visit our website and / or complete one of our web forms (for example, to contact us);
- make contact with funeral homes where our funeral plans are sold;
- contact a support office or request information from us in any other way;
- visit one of the premises where our funeral plans are offered;
- purchase a Choice Funeral Plan;
- are listed as either a covered individual or a nominated representative in a Choice Funeral Plan;
- make an enquiry to us;
- communicate with us via social networking websites, third party apps or similar technologies;
- visit one of our trade displays at an exhibition or local community event; or
- participate in competitions run by us, for example, prize draws;
- provide us with feedback as part of our services (for example, by responding to feedback requests or taking part in market research or in the event you make a complaint about our services).
Where you provide us with Personal Data about someone other than yourself (for example, a covered individual or a nominated representative), you must obtain their freely given, informed consent before doing so. You must also bring this Policy to their attention before you provide their Personal Data to us. If the person other than yourself withdraws their consent, you (or the other person) must contact us, at the earliest opportunity, to inform us of this fact.
What Personal Data we collect
We may collect a range of Personal Data from you, such as your name, gender, email address, home address and other contact details including phone and/or mobile phone details, details of your employment or business and other interests, communications with you (including notes from arrangement meetings) and financial and payment information.
We may also collect Personal Data that may reveal race or ethnic origin, religious or philosophical beliefs, but only where you choose to give this to us, for example, in funeral plan forms as part of the personal wishes associated with a funeral plan.
The purposes for which we process your Personal Data
We process your Personal Data for the following purposes:
- to contact you, in return, when you contact us. For example, if we miss a call from you
- to get in touch with you when you provide us with personal information online as part of a purchase process, in order to provide you with any support you may need and to facilitate any purchase
- to provide you with information about products and services you are enquiring about or are purchasing (for example, funeral plans and associated requests);
- to notify you of any changes to the services we are providing you;
- to inform you of our community work and to provide you with information in relation to similar goods and services which may be of interest to you, where we have the appropriate permissions to do so;
- to support us with market research, where we have the appropriate permissions to do so;
- to request feedback on our products and services in order to continually improve what we do (we may do this using independent and external providers who request a review from you);
- to communicate with you and third-party contacts in order to provide services and fulfil requests;
- to manage and build community relations;
- to administer our websites and help improve our products and services;
- to understand the success of our advertising and different methods of contact with us;
- to carry out analytics in relation to the use of our websites;
- to comply with applicable laws and regulations, including obligations placed on us as a result of APCL being authorised and regulated by the Financial Conduct Authority;
- other business-related purposes, including negotiating, concluding and performing contracts, managing accounts and records, supporting corporate social responsibility activities, legal, regulatory and internal investigations and debt administration.
The legal basis for us to process your Personal Data
In order to comply with applicable data privacy laws, we are required to set out the legal basis for the processing of your Personal Data. In accordance with the purposes for which we collect and use your Personal Data, as set out above, the legal basis for our processing of your Personal Data will typically be one of the following:
- the performance of a contract which we have in place with you, or other individuals;
- our legitimate business interests;
- compliance with our legal or regulatory obligations; or
- your consent.
Who we share your Personal Data with
We may share your Personal Data with people within our company and our Group who have a “need to know” that data for business or legal reasons, for example, in order to carry out an administrative function such as processing an invoice, or to direct a query that you have submitted to the relevant provider within our network.
If you purchase a funeral plan, we may share your data with our insurer. Funeral plan monies invested on or after 29th July 2022 are invested in Ecclesiastical Life Limited, which is an independent Data Controller associated with the funeral plan you have purchased from us. For further details please visit https://www.ecclesiastical.com/privacy-policy/.
Funeral Director Businesses
We may disclose your data to funeral directors who will provide the services stipulated in the funeral plan. These funeral directors also act as Data Controllers, in particular, at the time of redemption of the funeral plan. You should review the privacy policies associated with your nominated funeral director in order to inform yourself about their specific privacy practices.
Those Close to You
Prior to redemption of the funeral plan, we may share your data with those who have a lawful basis to know it, for example, in the event that a Power of Attorney relationship may apply, or in the event that you have provided your consent to share your data with others (for example, with other family members or friends). In addition, at the time of redemption of a funeral plan, we may share certain aspects of your Personal Data with Executors or Personal Representatives of the covered individual’s estate. In these circumstances, and at all times, we will try to communicate with you in the first instance, and we will aim to minimise any data we provide to third parties.
Regulators and Providers of Redress and Compensation
As required, we may be required to share your data with third parties, such as the Financial Conduct Authority, the Financial Services Compensation Scheme and the Financial Ombudsman Service, in order to enable your rights and in order for us to fulfil our obligations in the event that you require certain services associated with the regulated product(s) we offer.
Data Screening Providers
When you provide us with personal data, we will use certain data to perform certain screening activity with the aim of minimising the risks of financial crime. Some of these checks are required as a result of APCL being authorised and regulated by the Financial Conduct Authority. The screening extends to, but may not be limited to, political exposure, adverse media and sanctions checks. In relation to political exposure, and in line with our regulatory commitments, your family members and associates may also be screened.
New Businesses and Insolvency Practitioners
In the unlikely event that we go out of business and you are referenced in one of our funeral plans, there is a reasonable likelihood that the funeral plan arrangements would transfer to another funeral plan firm. When you sign our Terms, you allow for such a transfer to take place and this may include the transfer of your Personal Data to a new firm.
We may disclose your Personal Data to third parties in the event that we sell, buy or merge any business or assets, including to the prospective seller or buyer of such business or assets. If a change happens to our business, the new owners may, or may not, use your Personal Data in the same way as set out in this privacy notice and updated privacy practices may apply.
You may decide to share comments, postings, testimonials, or other information on third party sites (such as apps and websites) which are in some way linked to us, for example, if we have a corporate presence on these sites. If you choose to submit information to these sites, the information that you submit may be available generally to the public. Information that you provide may be read, collected, and used by others who access them and control them and you should look at the privacy practices associated with these sites before you provide your data.
Data Cleansing Providers
When you provide us with your Personal Data and you have purchased a funeral plan, we may use a third party data cleansing service on an ongoing basis in order to ensure your personal data is kept up-to-date. For example, if you move house, we may be informed of your new address by the third party service. We do not sell your data to the third party. We simply use the service to ensure we have accurate records for our communications with you. This may happen, for example, when we communicate marketing or service messages to you (such as a Funeral Plan Statement every 3 years). Our communications with you may take place a number of years after having initially obtained your data.
Providers who support us in generating reviews
We may disclose your Personal Data to third parties including our suppliers who administer and support pre-need (Choice) funeral plans (such as any outsourced providers), IT service providers and third parties engaged by us for the purpose of providing services requested by you (for example, out of hours contact centres), to protect any intellectual property rights in any materials displayed on or otherwise available from our websites, for the purposes of seeking legal or other professional advice, to respond to a legal request (for example, as received by the police, for the prevention and detection of crime) or to comply with any other legal obligation, and to enforce our websites Terms and Conditions of Use.
When we do so we may aggregate or de-identify the information so that a third party would not be likely to link data to you, your computer, or your device. Aggregation means that we combine the non-Personal Data of numerous people together so that the data does not relate to any one person. De-identify means that we attempt to remove or change certain pieces of information that might be used to link data to a particular person.
Finally, we work with partners and use service providers based around the world. As a result, your Personal Data may be processed in countries outside of the UK and European Economic Area (“EEA”). If we transfer Personal Data outside the UK or EEA we will, as required by applicable law, ensure that your data protection rights are adequately protected by appropriate safeguards. Please contact us if you would like more information about these safeguards.
When you apply for a job via our websites or otherwise, we will collect additional more specific Personal Data about you, such as your qualifications, career history, third party references and interview notes. We may also ask you for other information, for example your interests and the types of jobs you are interested in. Any Personal Data you provide to us in relation to a job vacancy will be processed in accordance with our Recruitment Privacy Notice which can be viewed here funeralpartners.co.uk/privacy-policy/recruitment.
We take all reasonable technical and organisational security measures to protect Personal Data from accidental or unlawful destruction, accidental loss and unauthorised access, destruction, misuse, modification or disclosure. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions.
If you are concerned about any electronic communication (such as email) you have received from us, you should raise this to us at firstname.lastname@example.org. You should not open any attachments or respond to the communication until such time as we have been able to investigate your concern. Once we have completed our investigation, we will contact you to discuss any action that may or may not be required.
Your Personal Data is not kept for longer than is necessary for the purposes for which it is collected. This means that data and records (including Personal Data) are destroyed or erased from our systems when no longer required. The amount of time that records are kept for varies depending upon the type of Personal Data they contain.
There may be occasions where we hold your data for longer than our typical retention period. This may be because you might bring a claim against us, or have brought a complaint or a claim against us, or because there is a wider legal or regulatory obligation to do so.
Your choices and rights
You have a number of rights in respect of your Personal Data:
- The right to have your personal data corrected if it’s inaccurate and to have incomplete personal data completed
- The right to object to the processing of your data
- The right to restrict processing of your data
- The right to have your personal data erased (the ‘right to be forgotten’)
- The right to request access to your data
- The right to move, copy or transfer personal data (‘data portability’)
- The right for us to manually review any of our automated decision making procedure, including profiling
If you wish to exercise any rights associated with your data, please submit your request to the Data Protection Compliance Officer who can be contacted via email at email@example.com or call 01803 298 243.
We try to respond to all legitimate requests within one month from receipt of the request. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. If this is the case, we will notify you and keep you updated.
Rights associated with your data are not absolute rights and certain limitations may apply. We will work with you to understand any concerns you may have, and to explain what we can do to support you.
If you are receiving certain optional communications from us (such as marketing), whether by email, telephone or post, you can “object” or “opt-out” or “withdraw” your consent to receiving such communications by responding to us either by replying to the correspondence that you have received or by contacting us.
Questions and complaints
If you have a concern or complaint about how we have used your Personal Data, as a first step, you should raise this in writing with us by contacting us at the following address:
The Data Protection Compliance Officer
61 Chertsey Road
Alternatively, you can contact the Data Protection Compliance Officer via email at firstname.lastname@example.org or call 01803 298 243.
If you are not satisfied with the handling of your concern or complaint, you can escalate this to your national Data Protection Authority. In the United Kingdom, this is the Information Commissioner’s Office https://ico.org.uk/
Changes to this Policy
We reserve the right to modify or amend this Policy at any time by posting the revised Policy on our websites. It is your responsibility to review the Policy every time you submit information to us or purchase a service.
The Data Protection Compliance Officer
61 Chertsey Road
Alternatively, please email email@example.com in order to request a written copy or call 01803 298 243.
What are cookies
The cookies we use are “analytical cookies” sent by Google Analytics.
They allow us to recognise and count the number of visitors per page and to recognise and track which parts of our websites you visit when you are using our websites. This helps us to improve the way our website works, for example by making sure visitors are finding what they need easily.
The specific elements of Google Analytics 4 which we use are as follows:
- Google Signals – if you are signed in to your Google account (and you have turned on “ads personalisation”) then this service allows us to understand how you have interacted with our website across different sites and applications across the different devices which you may use to access our websites. We may obtain your IP address when you interact with our website, such as when you buy a plan, fill in a contact form or request a brochure.
- Granular Location & Device Data – if you have enabled granular location-and-device data on your device, then this allows us to understand where you are when you are accessing our websites, along with understanding such things as the browser and device you are using so that we can ensure our pages are optimised for the customers who use them
- Personalised ads – if you have enabled personalised ads in your Google account, we may use this feature to promote relevant products/services to you on Google or other sites which partner with Google
Social media features
Our websites may include social media features, such as sharing or following buttons. These features may collect your IP address, which page you are visiting on our sites, and may set a cookie to enable the feature to function properly.
Social media features are either hosted by a third party or hosted directly on our websites. This Policy does not apply to these features. Your interactions with these features are governed by the privacy practices and other policies of the companies providing them.
We may also record the precise interactions which certain visitors have with our website. This is called “session recording” (and it is anonymised and never attributed to an individual). This enables us to learn how visitors to our site navigate our webpages in real time.
At times, we may also use what is known as A/B Testing. This shows different content at different times to different users of our website, so we can in turn determine which performs better. A/B testing does not identify you as an individual, but it means you may see different content from other visitors on our websites.
We may also choose to enable website surveys, which may ask you to provide your feedback about our websites and this may be stored alongside your session recording.
We think it is very important to hear what you have to say about our privacy practices. If you have any feedback about this Policy, please e-mail us at firstname.lastname@example.org.
Last Updated 02.11.2023
A party that determines the purposes and means of data processing.
Data Protection and Privacy Laws
The UK General Data Protection Regulation, as per section 3 (10) (and as supplemented by section 205 (4)) of the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Data Protection Authority
The relevant supervisory authority with responsibility for privacy or data protection matters.
European Economic Area (EEA)
The EEA includes all European Union member states and Iceland, Liechtenstein and Norway.
Information which relates to an identified or identifiable individual (for example, data about employees, contractors, applicants, employees, suppliers, contractors, business contacts, customers/clients using our products and services and individuals who use our websites or service centres). It includes names, addresses, email addresses, job applications, user account information, and correspondence. Personal Data can also include web browsing information (for example, data associated with a particular cookie) and IP addresses, when such information can be linked to an individual.
Doing anything with Personal Data; this includes collecting it, storing it, accessing it, combining it with other data, sharing it with a third party, or deleting it.