St. James’s Place Privacy policy

St. James’s Place International plc (“SJPI”) is an Irish registered life insurance company authorised by the Central Bank of Ireland. SJPI manufactures gross roll-up investment products including the International Investment Bond and Fund Administration Bond. SJPI is contracted with the St. James’s Place ("SJP") Partnership to distribute its products through SJP controlled distributor companies currently established in the UK, Singapore and China.

Depending on the product you take out with us, your data controller will either be SJPI or another entity within the St. James’s Place group of companies. If you are unsure about who the data controller of your personal information is, you can contact us at any time using the contact details in section 7 below.

For the purposes of this section and section 4,"we" and "our" shall refer to the relevant data controller as above according to the product that you have and "product" shall refer to the relevant product you hold.

We will collect and use different personal information about you for different reasons, depending on our relationship with you and the product held.

Sometimes we will receive “special categories of personal information” (which is information relating to your health, genetic or biometric data, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, and trade union membership).

We may also collect criminal convictions data for fraud prevention purposes.

We also use details of any unspent criminal convictions provided for fraud prevention purposes. However, we will only do so where we have your explicit consent or where such processing is necessary for us to enter into and perform our contract with you.

Where you provide personal information to us about other individuals (for example, members of your family or other dependents) we will also be data controller of their personal information and we are responsible for protecting their personal information and using it appropriately. This notice will therefore apply to those individuals and you should refer them to this notice.

In order to make this notice as user friendly as possible, we have split it into different sections. Please click on the section below that best describes your relationship with us and the service you receive from us.

All financial institutions operating in Ireland, including SJPI, are required under legislation incorporating into Irish law the US Foreign Account Tax Compliance Act (FATCA) and the Common Reporting Standards to report the following information to the Irish Revenue Commissioners f or all non-resident clients. This information may be transferred by Revenue to the authorities of another jurisdiction under an inter-governmental agreement.

Reportable Individual Account Holders – name, address, country of tax residence, Tax Identification Number, date of birth, place of birth, client account number, account balance or value at year end and payments made with respect to the account during the calendar year.

Reportable Entity Account Holders – name, address, country of residence, Tax Identification Number, account number, account balance or value at year end and payments made with respect to the account during the calendar year.

Reportable Controlling Persons of passive Non-Financial Entities (PNFE's) - name, address, country of tax residence , Tax Identification Number and the name, address and country of residence, Tax Identification Number and date of birth of each controlling person, the account number, account balance or value at year end and payments made with respect to the account during the calendar year.

All transfers of personal information to any third party including Revenue will always be completed securely.

Further information on this reporting requirement may be found on Revenue’s website by clicking here.

There are a small number of instances where your personal information may be transferred to countries outside of the European Economic Area ("EEA") such as when we transfer information to our other companies in the SJP group or to third party suppliers who are based outside the EEA or when third parties who act on our behalf transfer your personal information to countries outside the EEA. Where such a transfer takes place, we will take the appropriate safeguarding measures to ensure that your personal information is adequately protected. We will do so in a number of ways including:

entering into data transfer contracts and using specific contractual provisions that have been approved by European data protection authorities otherwise known as the "standard contractual clauses" You can find out more about standard contractual clauses at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en;

We will only transfer personal information to companies in non-EEA countries who have been deemed by European data protection authorities to have adequate levels of data protection f or the protection of personal information. You can find out more about this https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

We are also entitled under European data protection laws to transfer your personal information to countries outside the EEA where it is necessary for the performance of the contract we have with you.

Depending on our relationship and your particular circumstances, we might transfer personal information anywhere in the world. An example of our regular data transfers outside the EEA is set out below:

If you would like further information regarding our data transfers and the steps we take to safeguard your personal information, please contact us using the details set out in section 10.

What is automated decision making?

Automated decision making refers to a situation where a decision is taken using personal information that is processed solely by automatic means (i.e. using an algorithm or other computer software) rather than a decision that is made with some form of human involvement. We may decide to use or procure the use of automated decision making in our business processes, for example only, where to do so creates efficiencies or provides better client outcomes. 

What is profiling?

Profiling is any form of automated processing of personal information which evaluates certain personal aspects and we use profiling tools to assist in risk assessment and marketing activities.

We will use profiling in a number of circumstances including the following:

• where you are a prospective client we will use your postcode to determine which SJP Partner is closest to you;
• for existing clients –where there are any investment fund switches, we will use systems to monitor irregular activity; and
• using a financial strategy segment profiling tool which uses information such as date of birth, occupation and financial information to determine appropriate investment wealth bands.

We may use and/or procure the use of artificial intelligence (AI) tools in to support our business processes, for example only, to create efficiencies or assist in improving our services so that we may deliver better client outcomes.  Without limiting the scope of use, we may use AI tools to analyse data, generate insights, suggestions, recommendations and/or actions to enhance user experience.   To the extent that any AI is used by us, inputs into any decision-making process and/or decision, we shall always ensure that a human being can oversee it and/or be involved.

Use of Artificial Intelligence (AI) by Third Parties 

We may engage third-party service providers who use artificial intelligence (AI) technologies to support the delivery and improvement of our services. These AI tools may assist with, for example only: data analysis, content recommendations, customer support, and operational efficiency. Such third-party AI systems shall strictly only be used where and to the extent  approved by us in writing.  We shall always ensure that a human being shall be able to have oversight of and/or be involved in any such use of an AI tool by any third party when processing your data, including but not limited to, for the purposes of checking any decisions made by the third party AI tool.

We continuously seek to ensure that any processing by any autonomous or semi-autonomous system or AI does not prevent the fulfilment of individual subject access rights, for example only, to erase or rectify personal data. 

You have several rights which you can exercise at any time relating to the personal information that we hold about you and use in the ways set out in this notice. Please contact us at any time using the details set out in section 10 if you wish to exercise these rights; we will not usually charge you.

We respect your rights and will always consider and assess them but please be aware that there may be some instances where we cannot comply with a request that you make as the consequence might be that:

• in doing so we could not comply with our own legal or regulatory requirements for example we are under obligations to hold records of our dealings with you f or certain periods of time; or
• in doing so we could not provide services to you and would have to cancel your client agreement, f or example we could not enter into investments on your behalf if we had deleted your personal information.

We will of course inform you if any of the above situations arise and if we are unable to comply with your request.

If you would like any further information about any of the matters in this notice or if you have any other questions about how we collect, store or use your personal information, you may contact the SJP Data Protection Officer at St. James's Place plc, St. James's Place House, 1 Tetbury Road, Cirencester, Gloucestershire, GL7 1FP, United Kingdom, [email protected], telephone number 01285718453.

You can also contact your Partner at the contact details set out in their Privacy Policy (as provided to you on their headed paper)if you would like any further information about how they collect, store or use your personal information.

The St. James's Place website uses cookies -small text files that are stored on your computer or in your browser -to help us to monitor how visitors use our site and allow us to maintain the optimum experience for website users. The website does not store or capture personal information about you when you visit it, it merely records traffic information. This means information about all of our visitors collectively, for example the number of visits the website receives. In order to respect our visitors' rights of privacy, this information is anonymous and no individual visitor can be identified from it.

You can disable and delete cookies by changing the appropriate setting within your browser's 'Help', 'Tools' or 'Settings' menu. Please note that by disabling cookies you may not benefit from some of the features of our site. You can find out more about deleting or controlling cookies by visiting About Cookies.

We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.

You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

Please view our full Cookie policy here.

At St. James’s Place, we take our responsibility to look after your personal information and privacy seriously. In today’s world, we have all seen a growing trend in cybercrime and security breaches. We have a number of security measures in place to help prevent fraud and cybercrime.

If we become aware that a personal data breach has occurred and is likely to result in a high risk to the rights and freedoms of our clients, Partners or employees, we will inform them without undue delay.

We have a dedicated group, the ‘Information Security Oversight Committee’, that provides oversight and guidance to our information security and privacy programme.

The executive body responsible f or privacy and data security is the Information Security Oversight Committee (ISOC) -chaired by the Data Protection Officer. ISOC has a reporting line that enables effective escalation of issues up to the Board where appropriate.

We educate and train our employees, Partners and contractors on their information security, fraud prevention and privacy obligations annually.

Our employees, Partners and contractors take part in an annual Information Security training and awareness program and must agree to adhere to the Data Protection Act and our own Information Security Policy that are designed to keep your information safe. These are refreshed each year to reflect the current trends that are being observed across the information security landscape. Information Security awareness also forms part of our new employee induction program.

We also educate our employees in identifying potential financial crime and internal fraud; any suspicious activity is reported to our Financial Crime Prevention team.

When you login, or send us information on the internet we protect the security of this information while it is being transmitted by encrypting it using Secure Sockets Layer (SSL).

When you use your web browser to login, view or share information with us, all electronic information exchanged is encrypted using 2048 bit SSL (Secure Sockets Layer) certificate. You can identify this by looking for the HTTPS:// and the padlock in the address bar at the top of your browser:

We will always interact with you in a safe, secure and consistent manner

To keep your information secure and to protect our clients from fraud, St. James’s Place will only interact with you in the following ways. If in doubt, call your St. James’s Place Partner directly or alternatively email the St. James’s Place Data Protection Office at [email protected].

When interacting with you, we will:

Only send funds that you have requested to be withdrawn to a verified bank account in your name.

Verify who you are when speaking to you on the phone, by asking you security questions.

We will not:

Ask you for your password over the phone.

Send you an unsolicited email with a link to our login page asking you to enter your Online Wealth Account credentials.

Ask you for payment or credit card details by email or telephone.

Call you to notify you of a problem, and then request you call us back immediately to discuss the problem further.

We continually review our physical and logical security controls in place across the business.

Physical controls –As well as protecting your digital information, St. James’s Place also protects their premises and physical locations where personal data may be used and stored. These measures include security guards, security entrances, secure disposal of confidential waste and hardware, CCTV, personal card access and locks on doors and file storage cabinets, with a ‘clear desk’ policy to ensure all information is locked away and protected.

Logical controls –St. James’s Place uses technical security measures to make sure our systems where we store and use personal information are protected from unauthorised access. Tools such as authentication controls, antivirus, firewalls, malware detection and back-up procedures are used across the business.

All employee emails and devices are encrypted to enable secure transfer and storage of personal information.

We conduct security testing of our applications and services in a controlled testing environment before they are made available for our clients to use on an ongoing basis.

We perform security risk assessments for each of our sites to identify and control risks.

External technical assessments are conducted by an independent external 3rd party.

Security audits and vendor due diligence are conducted on a continual basis.

We have a business resiliency plan with disaster recovery and business continuity testing.

The purpose of Business Continuity Management and the St. James’s Place Business Continuity Plan, is to provide an effective, predefined and documented framework to respond to an incident affecting the Group’s activities. The key drivers in developing the business recovery plans are;

To mitigate the risks that could lead to the significant disruption of our products and services to our clients.

To provide a recovery plan that supports a timely and full restoration of our products and services for our clients.

However, whilst we take appropriate technical and organisational measures to safeguard your Personal Information, please note that we cannot guarantee the security of any data that you transfer over the internet to us.

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies (text files placed on your computer) to help the website operators analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information f or the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.

In addition, we use Google's remarketing technology to advertise online. In doing so, Google will place or read a unique ad-serving cookie on your computer and will use non-personal information about your browser and your activity on our sites to serve ads on their content network. Please click here for more information about remarketing or to opt-out of the Google remarketing cookie.

We will only collect personal information about you if you send us an e-mail enquiry via the 'contact us' facility or you register to receive your Unit Trust Manager's Reports by email. In order for this to happen, you will need to fill out the online 'contact us' form or complete the registration details. The type of information being collected f or an enquiry will be apparent f rom the layout of the 'contact us' form, which also tells you how this information will be used. The type of information collected to register to receive the Unit Trust Manager's Reports by email will be apparent from the details requested when you register. The information collected when you register will only be used to email your Unit Trust Manager's Reports and for no other reason.

We take all reasonable precautions to protect our visitors' information, both on and off line. If your personal information changes, please let us know and we will correct, update or remove any information that we hold about you on our active databases. We may however need to retain archive copies of that personal information for legal or audit purposes. If you have any queries regarding the way in which St. James's Place handles data collected f rom you on this website, please visit the contact us page.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out in the above four paragraphs.

Please note that if you communicate with us electronically, including by e-mail, telephone or fax, this communication may be randomly monitored and/or recorded to protect the interests of our business and our customers. This includes for the purposes of maintaining customer/service quality standards, detection of and/or prevention of crime and to ensure that St. James's Place employees comply with legal obligations and St. James's Place policies and procedures (including our customer relations practices).

We may provide hyperlinks from this web site ('the Site') to web sites of other organisations including websites of associated companies. Please note that this Privacy Policy applies only to this Site and that St. James's Place will not liable for the contents of linked web sites or any transactions carried out with organisations operating those web sites.

From time to time we may need to make changes to this notice, for example, as the result of changes to law, technologies, other developments or new products and services being offered.

We will provide you with the most up-to-date notice and you can check our website periodically to view it or you can request a copy from your St. James’s Place Partner.

This notice was last updated on 05/12/2025.