Effective Date: 10/23/2020
We are committed to protecting and respecting your privacy. This Privacy Notice sets out the basis on which we will process any personal data we collect from you, or that you provide to us, either directly or through our trusted partners. Please read this Privacy Notice carefully to understand our treatment and use of personal data.
In this Privacy Notice, references to “you” means the person about whom we collect, use and process personal information.
We will use personal data about you only for the purposes and in the manner set forth below, which describes the steps we take to ensure the processing of personal data is in compliance with applicable U.S. laws and regulations, as well as with, to the extent applicable, European data protection legislation, including Regulation (EU) 2016/679, known as the General Data Protection Regulation or GDPR and any subsequent amendments (collectively referred to as “Data Protection Legislation”).
For the purposes of the Data Protection Legislation M Financial Group is a “controller” for personal information collected through this website or for the purposes of setting up and maintaining your account with us. M Financial Group can be reached via email at firstname.lastname@example.org or by telephone at 503-232-6960.
We may also collect personal information about you on behalf of other companies. For example, to assist you in applying for or purchasing financial products, such as life insurance. Where we collect personal information on behalf of other companies, those respective companies are the “controller” for the purposes of the Data Protection Legislation.
This Privacy Notice applies to personal information that we collect, use, and otherwise process about you on our own behalf through this website, in person, by phone, or through email or other electronic messaging services. When we collect and process information about you on behalf of other financial product and services companies, we will let you know and refer you to those companies’ privacy policies.
The personal data we collect about you helps us to provide you with high-quality financial planning services and advice. We also collect the data necessary to comply with our legal and regulatory obligations. We will also collect data that is necessary for the conduct of our
business, such as improving the performance of our electronic services, including our website. The personal data we collect, the basis of processing and the purposes of processing are detailed below. Sometimes, these activities are carried out by third parties (see “Sharing of personal data” section below).
Most of the personal data we process is obtained from you when we establish a relationship with you and as we work with you to provide our services. We may also obtain personal data about you from insurance companies and other financial services companies that provide you with products or services, such as account balances, where you have authorized us to have access to that information.
In some circumstances, we may request your explicit consent to process specific types of personal data. For example, in certain circumstances if you request marketing material. In these circumstances, you are able to withdraw your consent at any time by following the instructions provided when you gave consent or at the contact details below. If you do decide to withdraw your consent we will stop processing your personal data for that purpose, unless there is another lawful basis we need to rely on – in which case, we will let you know. Your withdrawal of your consent will not impact any of our processing up to that point.
While you are on-line, your computer saves so-called “cookies.” These are small files that control how our website is displayed and operates. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our website more user-friendly, effective and secure.
We therefore save them and analyze their data – although they do not identify you personally. This improves the usefulness of our website. We perform anonymous statistical analyses of our internet presence, and do not identify you personally.
You can change your browser settings so that you are notified when cookies are being used, and you can allow them only once, or refuse them in certain cases or completely. You may also activate the automatic deletion of cookies when you close your browser. Deactivating cookies may restrict website functionality.
We also use Google Analytics, a web analytics service provided by Google Inc. Google Analytics sets cookies in order to evaluate your use of our website and compile reports for us on activity on it.
Google stores the information collected by the cookies on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using our website and accepting cookies from it, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
We do not support the “Do Not Track” browser option.
Your individual cookie status and cookie overview can be found on the Individual Report Page.
We use third-party service providers who provide services to us or on our behalf, including IT services, such as website maintenance, computer support, and systems operations.
We will check any third party that we use to ensure that they can provide sufficient control over the confidentiality and security of personal data about you that they may process or maintain for us. We will endeavor to ensure that all non-governmental third parties to which we transfer your personal data agree, as part of their contract with us, to treat your personal data in accordance with the Policy.
In certain circumstances, we share or are obliged to share your personal data with third parties for the purposes described above and in accordance with Data Protection Legislation.
These third parties include:
We do not disclose your personal data to third parties for those third parties’ direct marketing purposes, nor do we sell your personal data. If you would like information about opting out of other discretionary sharing of your personal information with third parties please contact us (see “Contact us” section below).
Your personal information will be stored and processed in the United States, and may be transferred to or stored or processed in other jurisdictions outside of the European Economic Area (“EEA”). If you are a European data subject, for any follow-on transfers of personal data about you to a jurisdiction outside of the EEA, we take additional steps in line with Data Protection Legislation. We have put in place adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights; e.g., we establish an adequate level of data protection through contractual clauses based on the standard contractual clauses for the transfer of personal data approved by the European Commission in accordance with Data Protection Legislation.
If you would like to see a copy of any relevant provisions, please contact us (see “Contact us” section below).
We operate and use appropriate technical and physical security measures to protect your personal data.
We have, in particular, taken appropriate security measures to protect personal data about you from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access, in connection with the customer relationship. Access is only granted on a need-to-know basis to those people whose roles require them to process personal data about you. In addition, our service providers are also selected carefully and are required to use appropriate protective measures.
We will keep personal data about you for as long as it is necessary to fulfil the purposes for which it was collected as described above and in accordance with our legal and regulatory obligations. This may mean that some information is held for longer than other information. The criteria we use to determine data retention periods for personal data includes the following:
If you would like further information about our data retention practices, please contact us to ask for details (see “Contact us” information, below).
Depending upon where you live, or depending on your jurisdiction, you may have various rights under data protection legislation in that country or state.
These may include (as relevant) that you may access the personal data about you that we store. You may also review or make certain corrections to the personal data we store about you. You may also request the deletion of personal data about you or object to its processing. In limited circumstances, you may have data portability rights in relation to certain personal data we hold about you. These rights are not unlimited and the exercise of these rights, and the limits upon them, are summarized below:
Please note, you may not have access to all of these rights depending on the country you live and/or work in, and only those relevant in your jurisdiction will apply.
In addition, California law entitles California residents who have used our services for personal, household, or family purposes, to request information concerning whether we have disclosed certain information about you within the past year to any third parties for the third parties’ direct marketing purposes. California users who wish to request further information in
compliance with this law or have questions or concerns about our privacy practices and policies may contact us as specified in the "Contact us" section below.
As stated above, we do not sell your personal information to third parties for their direct marketing purposes.
Our services are not intended for individuals under 17 years of age. No one under 17 years of age should submit or post personal information through our website. We do not knowingly collect personal information from persons under the age of 17. If we become aware or suspect that you are under the age of 17, any information you submit will not be used or retained by us. We urge parents and legal guardians to spend time online with their children and to participate in and monitor the online activities of their children.
Without prejudice to any other administrative or judicial remedy you might have, you may have the right under data protection legislation in your country (where applicable) to lodge a complaint with the relevant data protection supervisory authority in your country if you consider that we have infringed applicable data protection legislation when processing personal data about you. This means the country where you are habitually resident, where you work, or where the alleged infringement took place.
We reserve the right to change this Privacy Notice at any time in our sole discretion. If we make changes, we will post the revised policy to our website, https://mfin.com/privacy-policy, so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our services after notice is provided, you accept and agree to this Privacy Notice as modified.