Privacy policy

Privacy policy

"We", "our" or "us" means M&G FA Limited and its subsidiaries, affiliates and their respective parent and subsidiary companies (“M&G”)

This privacy policy explains how M&G use the personal information that we collect through this website. It was last updated May 2018 - we will make changes to this policy from time to time by updating this page.

Please contact the Data Protection Office if you have any questions regarding this policy:

M&G Data Protection Office

Address: 10 Fenchurch Avenue, London, EC3M 5AG


Other sites linking to or from this website will have their own privacy policies and we are not responsible for the privacy practices of other organisations.

What personal data we collect from you

We collect the following information about you through this website:

  • Your name and contact details:
  • email address;
  • postal address;
  • mobile and fixed-line telephone numbers.

On advisor sites:

  • Your job title and business contact details (email, postal address and telephone);
  • The charitable body, private investor, corporate entity, or other person or institution you represent for investment purposes, and/or to whom you provide financial advisory services;

For all registered users of the site:

  • Log in details and pin numbers and/or passwords as necessary to set up and administer registered user accounts;
  • Payment card details as necessary to facilitate your online purchases;
  • Direct Marketing preferences;
  • All personal information about you contained in free text boxes, including in relation to enquiries or comments submitted to us through this website;
  • The IP address of the computer or device you are using to access our website (this is a number which recognises the computer or other device used to access the Internet. A web server automatically collects IP addresses and uses them to administer a website).

How we use your personal data

We use your personal information for the following purposes:

  • To respond to your enquiries or comments submitted through this website;
  • To facilitate your online purchases and for all other administration that may be necessary;
  • To inform you about investment products and services;
  • To manage and administer our business, and for client management and business development purposes;
  • To comply with our legal and regulatory obligations;
  • To manage our risk, and ensure compliance with our internal policies and procedures;
  • To prevent, detect and investigate fraud and other financial crimes;
  • To establish, exercise and/or defend legal claims, to protect our business against fraud, theft, other financial or business crimes and/or other criminal activity;
  • To monitor and manage communications to and from us using our communications systems;
  • To protect the integrity and security of our systems;
  • Where necessary as part of any restructuring relating to:
  • M&G and its business or assets;
  • As part of a sale of M&G or, as relevant, another company in the M&G Investments group, or its/their assets.

Direct Marketing and managing your preferences

With your consent, we use your personal information for direct marketing purposes, including sending you marketing communications about investment products and related services of the M&G Investments group. Direct marketing includes communications by post, email and telephone calls and such other electronic communication as may become relevant from time to time. You can update your direct marketing preferences at any time by following the instructions in the marketing communication itself, by accessing your online account or by contacting the Data Protection Office.

Sharing your personal data

We share your personal information with:

  • Other companies within the M&G and Prudential groups for the purposes of managing our relationship with you;
  • Our service providers who support us with providing these services;
  • Our legal, tax and other professional advisors, and auditors;
  • Tax, government and/or regulatory authorities;
  • Prosecuting authorities and courts, and/or other relevant third parties connected with legal proceedings or claims;
  • Fraud prevention and/or law enforcement agencies; and
  • Third parties where we are required to do so by law.

The recipients set out above may be based in the European Economic Area (EEA) or in countries outside the EEA.

Transfers of your personal data outside the EEA

Your personal data may be transferred outside of the EEA from time to time to members or businesses within the M&G and Prudential group, trusted service providers and other third parties. These other countries have different, and sometimes lower, standards of data protection than those in the EEA.

We require third parties to keep your personal data confidential and secure. We will ensure that suitable protection is maintained at all times by ensuring that appropriate safeguards are in place. But where we are required by law to disclose, we may not always have control over the terms under which we are required to share your personal data. We will make sure that any disclosure is lawful.

Retaining your personal information

We will retain your personal information for as long as is necessary for the purposes described above.

Our general retention period is 7 years from the date that our relationship with you, or the client with which you are connected, ends. We keep personal data for as long as it is required by us to perform our contractual obligations, or where longer to meet our legal or regulatory obligations.

We may keep your data for longer where this is necessary for statistical and historical research purposes. However, where we do this we will ensure all personally identifiable information is removed where technically feasible. We will maintain the security and protection of any information we hold.

Profiling and Automated Decision Making

To help us make fair, efficient and accurate decisions, we may use automated processes. We also use profiling to enable us to personalise our service offerings and related communications. Automated processes or profiling may be used to:

  • Open accounts – checks to ensure you meet the conditions needed, this may include checking residency, nationality and/or financial details;
  • Tailor our services – We may place you in groups with similar customers. These are called customer segments. We may do this to study and learn about our customers to make decisions and tailor our services based on what we learn;
  • Help us detect and prevent fraud and other financial crimes – help to detect possible fraudulent or money-laundering activity or register an account is being used in an unusual way.

See also “Object to processing (Right to Object)” regarding your rights to object for this type of use of your personal data.

Your Data Subject Rights and how to exercise them

You also have certain rights relating to the personal information we hold about you which are outlined below, they may be subject to various exceptions and limitations. You can exercise these rights at any time by contacting us. We may need to validate your identity to fulfil your request.

You have rights to:

Request access to the information we hold about you (Data Access Request)

You may request access to a copy of the personal information we hold about you.
We can refuse to provide information where to do so may reveal another person’s personal data or would otherwise negatively impact another person's rights.
Object to processing (Right to Object) You may object to us undertaking automated processes, or fully automating decision making, using your personal data except where used to detect, prevent and investigate fraud and other financial crimes.
You may also object to us using your personal data for direct marketing purposes. This includes any profiling we perform as part of our direct marketing activities. Once we receive and have processed your objection, we will stop using your personal data for these purposes.
Request a copy of your data (Data Portability) Where you gave us the information directly or via the contract you have with us, and it was processed electronically, you can request the data we hold on you in a commonly used machine-readable format.
Request that your data is deleted (Right to be Forgotten) You can ask us to delete the personal information we hold about you when it is no longer required for a legitimate business need, legal or regulatory obligations or for the purposes it was collected for.
Amend or correct your information (Right to Rectification) If you believe that the personal information we hold about you is inaccurate, incorrect or incomplete, please contact us as soon as possible so we can update it.
Restrict the processing of your information (Right to Restrict) You may ask us to restrict our processing of your data whilst we resolve any complaints you have about the way your data is used, require it for a legal claim or if you think our processing is unlawful but you do not want us to delete your data.
Rights in relation to consent (Right to Withdraw) At any time, you may withdraw the consent you granted for your personal information to be used for direct marketing.
When you withdraw your consent, it will not affect the lawfulness of any past activities we have undertaken based on the previous consent.

Making a Data Protection complaint

If you have any concerns about the use of your personal data, or the way we handle your requests relating to your rights, you can raise a complaint directly with us using the contact details above.

If you are not satisfied with the way we handle your complaint, you are entitled to raise a complaint directly with the UK Information Commissioner’s Office via the details available on their website:

For alternate EU Data Protection Authority contacts please see further information on the following link National Data Protection Authorities.