Privacy and Cookie Policy

WAY Group Limited websites Data Privacy Statement

This Privacy & Cookie Policy only covers the WAY Group Limited websites and does not cover links within our sites to other websites.

We (WAY Group Limited, including WAY Investment Services Limited) receive personal information through our websites. You may, for example, be asked for personal information if you are an independent investment intermediary and want to take advantage of specific services we offer, such as subscribing to our publications or seminars, or making a product enquiry, or requesting a support service.

When you choose to provide us with your personal details, whether in writing or by telephone, facsimile, e-mail or via our websites, we only use the information to deliver the services you have requested.

The WAY Group Limited websites do not automatically capture or store personal information, other than logging your IP address and session information such as how long your visit lasted and the type of browser used. This is recognised by the web server and is only used for system administration and to provide statistics, which we use to evaluate how the sites are used. We use IP addresses to analyse trends, administer the websites and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


Data Protection

From 25th May 2018 the protection of the living individuals rights in regards to the use of their personal data are enhanced by the EU General Data Protection Regulation (GDPR). 
WAY Investment Services (WIS) are committed to best practice and ensuring GDPR compliance as a data controller and processor, registered with the Information Commissioners Office. Details of individuals rights and the obligations of Data Controllers and Processors can be found here; https://ico.org.uk/for-the-public/.


Due to the nature of our business WIS consider 3 specific area while handling individuals data.  
1. Privacy and Electronic Communications Regulation (PECR)
2. Legitimate Interest
3. Consent


1. Contacting people using corporate email addresses under PECR
The Information Commissioners Office (ICO) has a distinction between Corporate and Individual subscribers and we process data in line with this distinction.
Corporate subscriber’s covers contact details from individuals received from companies, LLPs, Scottish partnerships and government bodies.
Contact from WIS with corporate subscribers is covered by legitimate interest for data processing and is also permitted under PECR.  
A large percentage of WIS subscribers are corporate subscribers and PECR allows us to contact individuals via their business email. Special consideration is to be made for individuals where there name is part of the email address, including that individual’s right to request removal of their data from all WIS systems  and  all contact with them to cease.
In cases where an individual subscriber is a sole trader or using a non-corporate email address and a an existing subscriber to WIS before the 25th of May 2018 will be considered to be permitted under PERC but has the right to unsubscribe is readily available with each mailing.


2. Contacting people using the grounds of legitimate interest
To protect the individual from unwanted intrusion, GDPR has asked that all business’s categorise the reason processing the individuals data. WIS do this under the category of “legitimate Interest”.  Processing data under Legitimate Interest enables WIS as  continue to provide the service of providing mailings on subject of interest to members of the financial services industry. WIS, when using legitimate interest as a basis for processing data, will ensure to balance the assumed interest against the individuals protection rights. If the individual would not reasonably expect WIS to process their data in this way they have the right to request it ceases., WIS will consider if the individual has an expectation of being contacted in relation to a topic, then we may contact them accordingly.  We will ensure that we will manage individual’s expectations via our data protection  policy.
WIS relying on legitimate interest rather than consent to process personal data, we understand that we take on extra responsibility for considering and protecting people’s rights and interest and we take reasonable steps to ensure that this is adhered to.

3. Contacting people using the grounds of consent
WIS will also use the  category of “consent” for processing data and the consent will be unambiguous and involve an opt in.
WIS will not use pre ticked opt in boxes and will require a clear and affirmative action for individuals giving consent.
Consent will be separate from any other terms and conditions and will not be a pre-condition of signing up to any service.

4. Handling unsubscribe requests
All our email, whether to individual or business domain will have a clear and simple unsubscribe link. We have full reporting on our email activity and have processes in place to act on any unsubscribe request. This applies to all emails sent under any consideration.
WIS hold all data on an electronic database protected by restricted access to appropriately contracted and screened individuals. Once the request to unsubscribe is received  that individual’s data will be  permanently removed from the records. 
The individual may request WIS provide them with a copy of the data that their system hold on that individual at any time by contacting the Data Protection Office on the contract details at this end of this notice. 

5. Should you wish to make a complaint or request further information on how WAY Investment Services store and use your personal data please contact us at: 
Data Protection Office, WAY Investment Services, Cedar House, 3 Cedar Park 
Cobham Road, Wimborne, Dorset, BH21 7SB.Email: DPO@Wayfunds.com Tel: 01202 855856. 
Alternatively if you have any concerns or complaints as to how we have handled your individual data you may lodge a complaint to the Information Commissioner’s Office through their website which can be found at https://ico.org.uk/for-the-public/raising-concerns/

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the sites. Cookies collect anonymous information about how visitors use our sites, which is then used to help improve the sites. The information collected includes the number of site visitors, where visitors come to the sites from and the web pages they visited.

The following table explains the cookies we use and why:

Cookie Name Purpose
Google Analytics

_utma
_utmb
_utmc
_utmv
_utmz

 

These cookies are used to track visitor interactions. We collect information about how visitors use our sites. We use the information to compile reports and to help us improve the sites. The cookies collect information in an anonymous form, including the time of day and number of visitors to the sites, as well as what site referred the visitor to our web pages and the pages they visited during their time with us.
Session Id PHPSESSID

Issued by our servers, session cookies are essential to allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new page, form or area you visit.

 

ExpressionEngine

exp_last_visit

Sets the datetime that the user last visited the site, and is set for both guests and logged in users. If not set, is automatically set to 10 years ago. Affects guests and logged in users.
 

exp_tracker

Tracks the last 5 pages viewed by the user, and is used primarily for redirection after logging in etc. Affects guests and logged in users.
 

exp_last_activity

Every time the state is updated (the page reloaded) the last activity is set to the current datetime. Used to determine expiry. This is essential for logged in users, but not for guests - it is set for both.
 

exp_sessionid

A uniquely generated ID used when cookie and session are set as the session type. Used only for logged in members.
 

exp_uniqueid

Matches the unique_id. Randomly generated. Used only for logged in members.
 

exp_userhash

The encrypted password of the currently logged in user. Set if you choose the cookies and session ID method for sessions. Used only for logged in members.
 

exp_anon

A flag set by the user to determine if they are listed in the online users.
 

exp_expiration

Determines the length of the session for a logged in user. There are two options for this cookie: if the user has selected remember me then it is set to 1 year, and if not then it's set to the datetime that the user logged in. Used only for logged in members.

 

Cookie Consent

cc_analytics
cc_necessary
These are the cookies stored by the Silktide Cookie Consent banner.

 

General

Most current web browsers allow some control of most cookies through the browser settings. You can choose to refuse cookies or tell your browser to let you know each time that a website tries to set a cookie. However, refusing cookies may mean some sections of the site will not work properly.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org

For further details about the EU General Data Protection Regulation (GDPR), or the EU cookie law, visit the website of the: Information Commissioner's Office

Contacting the website

If you have any questions about our privacy and use of cookies statement, you are invited to contact:

The Data Controller,
WAY Investment Services Limited,
Cedar House,
3 Cedar Park,
Cobham Road,
Wimborne,
Dorset BH21 7SB,
England.


Email: Data Controller