Data Privacy Policy

WHO WE ARE

James Sharp & Co LLP (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Data Privacy Notice explains how we collect, use, share and safeguard your information when you use our services. For the purposes of the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018, James Sharp & Co LLP, whose address is at The Exchange, 5 Bank Street, Bury, Lancashire BL9 0DN, is the “controller” of personal information collected in connection with our services.

If you have any questions about how we use your personal information, please contact us using our details in the “Contact Us” section at the end of this notice.

WHO THIS PRIVACY NOTICE APPLIES TO

This privacy notice applies to you if:  

  • You or your employer enter into a contractual relationship with us as a supplier or partner 
  • You visit our website  
  • You purchase products or services from us  
  • You enquire about our products and/or services   
  • You sign up to receive newsletters and/or other promotional communications from us
  •  You or your employer enter into a contractual relationship with us as a supplier or partner  

INFORMATION WE COLLECT

We may collect and process the following categories of personal data about you:

  • Personal and contact details – this includes your name, address, nationality, email, telephone number(s).
  • Lifestyle information, education and employment details.
  • Personal data about other people (such as your family, joint account holders, people you appoint under a power of attorney (your attorney) or as trustees).  
  • Financial details – bank account information, investment details, tax identifiers, tax residency information, information about your financial aims and attitude to risk, information on your source of wealth/ source of funds or any other information on your personal financial situation.
  • Identification data – copies of passports, driving licences, or other documents used to verify your identity.
  • Criminal data – our anti-money laundering (AML) and fraud-prevention partners may provide us with details of any relevant criminal history as part of background checks we are legally required to undertake before providing services.
  • Transaction data – details of your interactions with us, including account activity and instructions.
  • Special category data – we may collect more sensitive information where it is relevant to the services we provide:
    • Biometric data – for example, facial recognition/other digital identity verification methods provided by our Anti-Money Laundering (AML) partners, CCTV at premises to monitor and collect images/voice recordings, telephone call recordings.
    • Health information – where you tell us about specific health conditions or illnesses that could be identified as a vulnerability, or where our systems identify potential indicators of vulnerability (e.g. through call analysis tools designed to highlight when extra support may be appropriate) allowing us to deliver the right level of care and protection to you as a client.
  • Minor’s data – for example, where we administer Junior ISAs or designated accounts, collected and processed with the authority of a parent, guardian or registered contact. For more information on parental/guardian rights, please contact us.
  • Technical and website data – including cookies, IP addresses, browser type, and how you interact with our website (see our separate Cookie Policy for more detail).

HOW WE USE YOUR INFORMATION

We use your personal data to:

  • Provide and administer our services to you.
  • Meet legal and regulatory obligations, including AML, fraud prevention or requests for information from third parties such as regulators, auditors or authorities.
  • Verify your identity, including through the use of AML providers who may apply biometric verification.
  • Support clients who may be vulnerable by tailoring our services appropriately.
  • Use AI-assisted tools to support compliance monitoring and client protection — see ‘Use of Artificial Intelligence’ below for full details.
  • Communicate with you regarding your accounts, investments, and services.
  • Respond to customer service queries or complaints that you may raise.
  • Provide you with access to our online client portal, if you require this.
  • Improve our services and website through analysis of usage data.
  • Carry out statistical analysis.
  • Where appropriate, inform you about products and services we believe may be of interest (subject to your marketing preferences). You can ask us to stop contacting you at any time by contacting us using the details in the Contact Us section at the end of this notice, or by clicking the “Unsubscribe” link at the bottom of any email you receive from us.

USE OF ARTIFICIAL INTELLIGENCE

We use AI-assisted tools in the following ways as part of our regulated services:

  • Call and communication analysis — recordings of telephone calls may be analysed using AI software to identify potential indicators of client vulnerability, dissatisfaction, or complaint, and to support our compliance monitoring obligations. Any flags generated are reviewed by a member of our team before any action is taken. Recordings are processed on our behalf by the third party software provider under appropriate data processing agreements.
  • Document and file construction — AI tools may assist in the preparation of client documentation including suitability assessments, investment reports and client meeting/file notes; these documents may be constructed from call recordings, face-to-face meeting recordings or any notes already made on the client file. All AI-assisted documents are reviewed and approved by a qualified member of our team before being relied upon or sent to you.

These processes involve automated analysis but not fully automated decision-making — a human reviews outputs before any decision affecting you is taken. You have the right to request human review of any decision that has a significant effect on you.

However, some of our regulatory checks and monitoring processes may use Artificial Intelligence (AI) to conduct automated decision-making and profiling, for example:

  • Automated AML and fraud screening.
  • Call analysis software to identify indicators of potential vulnerability, as above.

“Automated decision-making” is only allowed if there is a legal reason for this type of decision-making. We may make automated decisions about you in the following situations:  

  • Where automated decisions are required or authorised by law (for example, to prevent fraud).  
  • Where automated decision-making is a reasonable way of observing regulations or guidance, such as our obligations under the consumer duty to identify client vulnerabilities. 

Where these processes have a legal or similarly significant effect on you, you have the right to request that a member of our team reviews the decision.

OUR LEGAL BASIS FOR PROCESSING YOUR INFORMATION

We process your personal information on the following legal grounds:                 

TO PERFORM OUR CONTRACT WITH YOU

We need to process your data to provide our investment management and stockbroking services, including setting up and administering your accounts, executing trades, and communicating with you.

TO COMPLY WITH OUR LEGAL AND REGULATORY OBLIGATIONS

As an FCA-regulated firm, we are legally required to collect and process certain data for purposes such as:

  • Anti-Money Laundering (AML) and fraud prevention checks (including identity verification and screening).
  • Regulatory reporting and audit requirements.
  • Recordkeeping obligations, including call recording.
  • Identifying and supporting vulnerable customers, for which we may need to collect Special Category Data on your health.

FOR OUR LEGITIMATE INTERESTS

We may process your data where it is necessary for our legitimate business purposes, provided these are not overridden by your rights. These include:

  • Monitoring and improving our services.
  • Using technology (including AI tools) to help identify vulnerabilities so we can provide appropriate client support.
  • Managing risks, protecting our systems, and ensuring security.
  • Sending you relevant service information and, where permitted, details of products and services you may find useful.

WITH YOUR CONSENT

In some cases, we may ask for your consent, for example:

  • For certain types of electronic marketing communications (if not otherwise covered by legitimate interest).
  • You can withdraw your consent at any time.

TO PROTECT YOUR VITAL INTERESTS

Very rarely, we may process personal data to protect your life or the life of another person (e.g. if we became aware of an immediate and serious risk of harm).

SPECIAL CATEGORY DATA

For sensitive data (such as biometric information or health and vulnerability indicators), we rely on the following additional grounds under UK GDPR:

  • Explicit consent – where you choose to disclose health details such as filling in a wellbeing assessment or sharing this with your James Sharp & Co contact. Where you volunteer information that contains special categories of personal data, you will be regarded as giving your explicit consent to us processing it. As such, we will seek to confirm with you that this is the case.
  • To perform our contract with you – we may need to be aware of health details in order to appropriately assess suitability as part of investment management services.
  • To comply with our legal and regulatory obligations – As an FCA-regulated firm, we are required to collect and process certain data to aid us in due diligence & fraud prevention and to aid in identifying and supporting vulnerable customers under consumer duty.
  • In the public interest – In rare conditions where our monitoring of telephone calls and other communications reveals information that may indicate vulnerability — including information relating to physical or mental health, cognitive capacity, or personal or financial circumstances that may place a client at risk – we may process that information on the basis of substantial public interest under Article 9(2)(g) of the UK GDPR, as given effect by the Data Protection Act 2018.

Specifically, we may rely on:

  • Schedule 1, paragraph 6 (protecting the economic wellbeing of individuals at risk) — we process special category data where necessary to protect the economic wellbeing of clients who are at risk of financial harm due to their personal circumstances, including where those circumstances affect their ability to engage with financial services on an informed basis.
  • Schedule 1, paragraph 18 (safeguarding individuals at risk) — where processing is necessary to protect clients from financial or other harm, and where seeking consent would prejudice that purpose, we may process special category data on this basis.
  • Processing under these conditions is subject to an appropriate policy, documented as required by the Data Protection Act 2018, which sets out our procedures for handling special category data of this nature and the safeguards we apply.

DISCLOSURE OF YOUR INFORMATION

We may share your personal data with:

  • Regulators and authorities where required by law.
  • Our AML and identity verification partners, including those who use biometric technologies.
  • Professional advisers, auditors, and insurers.
  • Pension providers and pension administrators to provide you with pension services.
  • Technology and other outsourced service providers who support our business operations.
  • Other parties where you have given your consent.
  • In the event of a business sale, transfer, merger, or restructure, your data may be shared with relevant parties to the transaction. We will ensure it continues to be protected in line with this Notice.

SECURITY OF YOUR DATA

We take the security of your data seriously. Measures include encryption, secure storage and transfer, access controls, monitoring, and regular system testing. Access to your information is limited to those who need it to perform their role, and all staff receive training on their data protection responsibilities.

RETENTION OF YOUR DATA

We retain your data only for as long as necessary to meet the purposes for which it was collected, including to comply with legal, regulatory, and accounting requirements. In the context of FCA MiFID business this may be at least 5 years after the relationship has ceased, or in the context of Financial Ombudsman matters this may be 6 years after the relationship has ceased. For other legal and tax matters we may keep data for a longer period than the above timeframes. In some circumstances you have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.

INTERNATIONAL TRANSFERS

The personal information we collect about you may be transferred to, and processed by, third parties located outside the United Kingdom and the European Economic Area (EEA), including in countries (such as the United States) that may not provide the same level of data protection as the UK.

Where we transfer your information to such countries, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with applicable data protection laws. These safeguards may include:

  • entering into contracts with the recipient based on the UK’s approved Standard Contractual Clauses;
  • relying on binding corporate rules adopted by the recipient organisation; or
  • relying on other recognised transfer mechanisms permitted under data protection law.

In some circumstances, we may rely on statutory exemptions that allow transfers without safeguards (for example, where a transfer is necessary to perform a contract with you or to establish, exercise or defend legal claims).

If you would like further details about the safeguards we apply to international transfers of your personal information, please contact us using the details set out in the “Contact Us” section of this Notice.

YOUR RIGHTS

You have the following rights under data protection law:

  • To access the personal data we hold about you.
  • To request correction of inaccurate or incomplete data.
  • To request erasure of your data, where applicable.
  • To object to or restrict certain processing, including direct marketing.
  • To request transfer of your data to another provider (data portability).
  • Not to be subject to a decision based solely on automated processing where it has significant effects on you.
  • To withdraw consent, for which we will no longer process your information for the purpose(s) you originally agreed to unless we are permitted by law or obligation to do so.

To exercise any of these rights, please contact us using the details in the “Contact Us” section. 

You also have the right to complain about the use of your personal information to the supervisory authority, which in the United Kingdom is the Information Commissioner’s Office. You can contact them via phone (0303 123 1113), email (casework@ico.org.uk) or post (Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF).

COOKIES AND WEBSITE TRACKING

Our website uses cookies and similar technologies to improve site performance, understand visitor usage, and deliver relevant content. Full details are available in our Cookie Policy.

CHANGES TO THIS NOTICE

This Notice will be reviewed from time to time to take account of changes to our operations and practices. If we make changes, we provide an updated version of the Notice on our website. If the changes are significant, we may send you an email or a letter with the update. Any personal information held will be governed by our most current Notice.

CONTACT US

If you have any questions about this Privacy Notice or how we handle your personal data, please contact us via:

Phone:  0161 764 4043

e-mail: mail@jamessharp.co.uk.

Post: The Exchange, 5 Bank Street, Bury, Lancashire, BL9 0DN.

Sign In

The Exchange
5 Bank Street
Bury, Lancashire
BL9 0DN

Tel: 0161 764 4043

Fax: 0161 764 1628

Email: mail@jamessharp.co.uk

James Sharp & Co is a trading name
of James Sharp & Co LLP (0C422665)

Members of the LLP are referred to as Partners

Email Newsletter Sign-up

Consent(Required)

© Copyright 2010-2026. All rights reserved. James Sharp & Co. Authorised & Regulated by the Financial Conduct Authority
Member of the London Stock Exchange - Member of the Aquis Stock Exchange - Member of PIMFA

Website by ICG