Who we are
APCL is part of the Funeral Partners Group (“Group”) and, in order to sell funeral plans, it is authorised and regulated by the Financial Conduct Authority with firm reference number 965282.
Protecting your rights and interests
Personal Data is information which relates to an identified or identifiable living individual. Protecting your data, and operating in line with the UK’s data protection standards, is very important to us.
This Policy explains what Personal Data we collect, how we may use and manage it and the rights you have in relation to your Personal Data. Before you or anyone else provides us with your Personal Data or browses our website, please read through this Policy in full, and make sure that you are comfortable with our privacy practices. Please do speak to us if you have any questions.
Our website may contain links to other organisations or other service provider websites. These third party sites are not subject to this Policy and we recommend that you check the privacy and security policies of each website that you visit. We are only responsible for the privacy and security of the data that we collect and we have no control over the actions of these third parties sites in relation to your data.
Please refer to the Glossary section at the end of this Policy for an explanation of the important terms in this Policy.
The Personal Data we collect
References in this policy to “you” or “your” are references to individuals whose Personal Data we may collect and process. We will collect and process your Personal Data in different ways, which will depend upon the relationship we have with you, and how we obtained your Personal Data.
We collect Personal Data from a range of individuals in the context of our business activities, such as:
- customers (people who buy, or may wish to buy, a funeral plan);
- covered individuals (people who are named in the funeral plan and insured in the event of their death);
- nominated representatives (those who may act on behalf of the customer or covered individual);
- suppliers, contractors, and other business contacts;
- users of our websites;
- individuals who contact us by any means;
- our employees and those who are working with us on our behalf; and
- job applicants.
How we collect your Personal Data
We obtain Personal Data which you knowingly and voluntarily disclose to us, both in an online and offline context. We may collect Personal Data when you:
- visit our website and / or complete one of our web forms (for example, to contact us);
- make contact funeral homes where our funeral plans are sold;
- contact a support office or request information from us in any other way;
- visit one of the premises where our funeral plans are offered;
- purchase a Choice Funeral Plan;
- are listed as either a covered individual or a nominated representative in a Choice Funeral Plan;
- make an enquiry to us;
- communicate with us via social networking websites, third party apps or similar technologies;
- visit one of our trade displays at an exhibition or local community event; or
- participate in competitions run by us, for example, prize draws;
- provide us with feedback as part of our services (for example, by responding to feedback requests or taking part in market research or in the event you make a complaint about our services).
Where you provide us with Personal Data about someone other than yourself (for example, a covered individual or a nominated representative), you must obtain their freely given, informed consent before doing so. You must also bring this Policy to their attention before you provide their Personal Data to us.
We may also collect information received by us from third party sources, for example, relating to your use of other websites which we operate and from related third parties such as sub-contractors.
What Personal Data we collect
We may collect a range of Personal Data from you, such as your name, gender, email address, home address and other contact details including phone and/or mobile phone details, details of your employment or business and other interests, communications with you (including notes from arrangement meetings) and financial and payment information. We may also collect Personal Data that may reveal race or ethnic origin, religious or philosophical beliefs, but only where you choose to give this to us, for example, in funeral plan forms as part of the personal wishes associated with a funeral plan.
When you use our website, we may collect certain standard information that is sent by your browser to our website. This may include technical information, such as your IP address, browser type, operating system, language, time zone setting and location, access times and any referring website addresses.
The purposes for which we process your Personal Data
We process your Personal Data for the following purposes:
- to provide you with information about products and services you are enquiring about or are purchasing (for example, funeral plans and associated requests);
- to notify you of any changes to the services we are providing you;
- to inform you of our community work;
- to provide you with information in relation to similar goods and services which may be of interest to you, where we have the appropriate permissions to do so;
- to support us with market research, where we have the appropriate permissions to do so;
- to request feedback on our products and services in order to continually improve what we do;
- to communicate with you and third-party contacts in order to provide services and fulfil requests;
- to manage and build community relations;
- to administer our websites and help improve our products and services;
- to understand the success of our advertising and different methods of contact with us;
- carry out analytics in relation to the use of our websites;
- to comply with applicable laws and regulations, including obligations placed on us as a result of APCL being authorised and regulated by the Financial Conduct Authority;
- other business-related purposes, including negotiating, concluding and performing contracts, managing accounts and records, supporting corporate social responsibility activities, legal, regulatory and internal investigations and debt administration.
The legal basis for us to process your Personal Data
In order to comply with applicable data privacy laws, we are required to set out the legal basis for the processing of your Personal Data. In accordance with the purposes for which we collect and use your Personal Data, as set out above, the legal basis for our processing of your Personal Data will typically be one of the following:
- the performance of a contract that we have in place with you or other individuals;
- our legitimate business interests;
- compliance with our legal or regulatory obligations; or
- your consent.
Who we share your Personal Data with
We may share your Personal Data with people within our company and our Group who have a “need to know” that data for business or legal reasons, for example, in order to carry out an administrative function such as processing an invoice, or to direct a query that you have submitted to the relevant provider within our network.
If you purchase a funeral plan, we may share your data with our insurer. Funeral plan monies invested on or after 29th July 2022 are invested in Ecclesiastical Life Limited, which is an independent Data Controller associated with the funeral plan you have purchased from us. For further details please visit https://www.ecclesiastical.com/privacy-policy/.
We may disclose your Personal Data to third parties including our suppliers who administer and support pre-need (Choice) funeral plans (such as any outsourced providers), IT service providers and third parties engaged by us for the purpose of providing services requested by you (for example, out of hours contact centres), providers who assist us in generating reviews of our products and services, to protect any intellectual property rights in any materials displayed on or otherwise available from our websites, for the purposes of seeking legal or other professional advice, to respond to a legal request (for example, as received by the police, for the prevention and detection of crime) or to comply with any other legal obligation, and to enforce our websites Terms and Conditions of Use.
We may disclosure your data to funeral directors who will provide the services stipulated in the funeral plan. These funeral directors also act as Data Controllers, in particular, at the time of redemption of the funeral plan. You should review the privacy policies associated with your nominated funeral director in order to inform yourself about their specific privacy practices.
Prior to redemption of the funeral plan, we may share your data with those who have a lawful basis to know it, for example, in the event that a Power of Attorney relationship may apply, or in the event that you have provided your consent to share your data with others (for example, with other family members or friends). In addition, at the time of redemption of a funeral plan, we may share certain data with Executors or Personal Representatives of the covered individual’s estate. In these circumstances, and at all times, we try to minimise the data we provide to third parties.
As required, we may be required to share your data with third parties, such as the Financial Services Compensation Scheme and the Financial Ombudsman Service, in order to enable your rights in the event that you require certain services associated with the regulated product(s) we offer.
We may disclose your Personal Data to third parties in the event that we sell, buy or merge any business or assets, including to the prospective seller or buyer of such business or assets. If a change happens to our business, the new owners may use your Personal Data in the same way as set out in this privacy notice.
You may decide to share comments, postings, testimonials, or other information on third party sites (such as apps and websites) which are in some way linked to us, for example, if we have a corporate presence on these sites. If you choose to submit information to these sites, the information that you submit may be available generally to the public. Information that you provide may be read, collected, and used by others who access them and control them and you should look at the privacy practices associated with these sites before you provide your data.
We may share non-Personal Data with other third parties that are not described above. When we do so we may aggregate or de-identify the information so that a third party would not be likely to link data to you, your computer, or your device. Aggregation means that we combine the non-Personal Data of numerous people together so that the data does not relate to any one person. De-identify means that we attempt to remove or change certain pieces of information that might be used to link data to a particular person.
Finally, we work with partners and use service providers based around the world. As a result, your Personal Data may be processed in countries outside of the UK and European Economic Area (“EEA”). If we transfer Personal Data outside the UK or EEA we will, as required by applicable law, ensure that your data protection rights are adequately protected by appropriate safeguards. Please contact us if you would like more information about these safeguards.
When you apply for a job via our websites or otherwise, we will collect additional more specific Personal Data about you, such as your qualifications, career history, third party references and interview notes. We may also ask you for other information, for example your interests and the types of jobs you are interested in. Any Personal Data you provide to us in relation to a job vacancy will be processed in accordance with our Recruitment Privacy Notice which can be viewed here funeralpartners.co.uk/privacy-policy/recruitment.
We take all reasonable technical and organisational security measures to protect Personal Data from accidental or unlawful destruction, accidental loss and unauthorised access, destruction, misuse, modification or disclosure. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions.
Your Personal Data is not kept for longer than is necessary for the purposes for which it is collected. This means that data and records (including Personal Data) are destroyed or erased from our systems when no longer required. The amount of time that records are kept for varies depending upon the type of Personal Data they contain.
Your choices and rights
You have a number of rights in respect of your Personal Data.
You have a right to be informed about the Personal Data we hold about you. Typically, it is this policy which will inform you about what we do with your data.
In addition, if you wish, you can:
- request a copy of the Personal Data that we hold about you; or
- request that we rectify, delete, or restrict the processing of your Personal Data;
- receive the Personal Data you have given us, in a structured, commonly used and machine-readable format. You may also have the right to require us to transfer your Personal Data to another organisation;
- object to our data processing.
If you wish to exercise any rights associated with your data, please submit your request to the Data Protection Compliance Officer who can be contacted via email at firstname.lastname@example.org or call 01803 298 243.
We try to respond to all legitimate requests within one month from receipt of the request. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. It this case, we will notify you and keep you updated.
Rights associated with your data are not absolute rights and certain limitations may apply. We will work with you to understand any concerns you may have, and to explain what we can do to support you.
If you are receiving certain optional communications from us (such as marketing), whether by email, telephone or post, you can “object” or “opt-out” or “withdraw” your consent to receiving such communications by responding to us either by replying to the correspondence that you have received or by contacting us.
Questions and complaints
If you have a concern or complaint about how we have used your Personal Data, as a first step, you should raise this in writing with us by contacting us at the following address:
The Data Protection Compliance Officer
61 Chertsey Road
Alternatively, you can contact the Data Protection Compliance Officer via email at email@example.com or call 01803 298 243.
If you are not satisfied with the handling of your concern or complaint, you can escalate this to your national Data Protection Authority. In the United Kingdom, this is the Information Commissioner’s Office https://ico.org.uk/
Changes to this Policy
We reserve the right to modify or amend this Policy at any time by posting the revised Policy on our websites. It is your responsibility to review the Policy every time you submit information to us or purchase a service.
The Data Protection Compliance Officer
61 Chertsey Road
Alternatively, please email firstname.lastname@example.org in order to request a written copy or call 01803 298 243.
The cookies we use are “analytical cookies” sent by Google Analytics. They allow us to recognise and count the number of visitors and to recognise and track which parts of our websites you visit when you are using our websites. This helps us to improve the way our website works, for example by making sure visitors are finding what they need easily.
You are not obliged to accept cookies. If you wish, you can set your browser to notify you before you receive a cookie so you have the chance to accept it and you can also set your browser to refuse to receive or send all cookies. The website www.allaboutcookies.org (run by the Interactive Marketing Bureau) contains step-by-step guidance on how cookies can be switched off by users.
Google Analytics also uses web beacons (also known as web bugs). A “web beacon” is a clear picture file which keeps track of your navigation through the website. Turning off the website’s cookies as detailed above will prevent web beacons from tracking your specific activity. The web beacon may still record an anonymous visit from your IP address but unique information will not be recorded.
Additionally, the Google Analytics cookie may be used to enable remarketing. Remarketing works by targeting previous site visitors when they visit Google search again in the future, using search ads.
In both cases, a user’s anonymised cookie can be used to identify users (anonymously) who did or did not complete an action on the site, and retarget them with the intention of encouraging a repeat visit to the site. You are free to opt out of this type of cookie use by adjusting your Google settings.
If you wish to opt out of being tracked by Google Analytics across all websites you can visit tools.google.com/dlpage/gaoptout and download the Google Analytics Opt-out Browser Add-on.
Social media features
Our websites may include social media features, such as sharing or following buttons. These features may collect your IP address, which page you are visiting on our sites, and may set a cookie to enable the feature to function properly.
Social media features are either hosted by a third party or hosted directly on our websites. This Policy does not apply to these features. Your interactions with these features are governed by the privacy practices and other policies of the companies providing them.
We think it is very important to hear what you have to say about our privacy practices. If you have any feedback about this Policy, please e-mail us at email@example.com.
Last Updated 29.07.2022
A party that determines the purposes and means of data processing.
Data Protection and Privacy Laws
The UK General Data Protection Regulation, as per section 3 (10) (and as supplemented by section 205 (4)) of the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Data Protection Authority
The relevant supervisory authority with responsibility for privacy or data protection matters.
European Economic Area (EEA)
The EEA includes all European Union member states and Iceland, Liechtenstein and Norway.
Information which relates to an identified or identifiable individual (for example, data about employees, contractors, applicants, employees, suppliers, contractors, business contacts, customers/clients using our products and services and individuals who use our websites or service centres). It includes names, addresses, email addresses, job applications, user account information, and correspondence. Personal Data can also include web browsing information (for example, data associated with a particular cookie) and IP addresses, when such information can be linked to an individual.
Doing anything with Personal Data; this includes collecting it, storing it, accessing it, combining it with other data, sharing it with a third party, or deleting it.