Skip to main content
Login
  1. Home

Privacy Notice

Icon

Overview

Aberdeen Group plc is committed to protecting your personal information.

This Privacy Notice explains what personal information will be collected and used by Standard Life Savings Limited (SLSL), Elevate Portfolio Services Limited (EPSL), and Aberdeen Portfolio Solutions Limited (aPSL) (together “we” or “Aberdeen”) where you or the firm you work for (or are associated with) have agreed to:

  • Aberdeen’s Platform Adviser Terms of Business and / or;
  • Elevate Adviser Terms of Business and / or;
  • The Investment Hub Terms of Business and / or;
  • The MPS Adviser Terms of Business and / or;
  • The Model Manager Terms of Business.

Each of SLSL, EPSL and aPSL are part of the Aberdeen group. For the purposes of this privacy notice, reference to ‘we’, ‘us’, ‘our’ means SLSL, EPSL and aPSL.
This Privacy Notice contains important information about what personal information we collect; what we do with that information; who we may share it with and why; and your choices and rights.
Our Cookie Policy forms part of our Privacy Notice. When you browse our websites, we use cookies to store information about how you use these websites in order to improve the quality of service provided to you. To understand what type of cookies we use and how these work when you use our websites, as well as how to update your preferences, read our Cookie Policy.
We keep our Privacy Notice under regular review.  This version was last updated on 2 April 2025.  We may need to make changes to this Privacy Notice so please check our website for updates from time to time. If there are material changes such as changes to where your personal information will be processed, we will let you know.
For more information on how Aberdeen processes the personal information of your clients’ (or your firm’s clients’), please read our Customer Privacy Notice.

How to contact us

If you have any questions about our Privacy Notice or the personal information we collect or use, please contact;
FAO Data Protection Officer
Aberdeen Group plc
1 George Street
Edinburgh
EH2 2LL
EmailDPOffice@aberdeenplc.com

Information we collect and use

Information that we collect, and use includes:

  • Information about who you are in order to verify your identity and comply with anti-money laundering regulations e.g., your name, date of birth, national insurance number, contact details
  • Information connected to your service with us e.g. your bank account details
  • Information about your contact with us e.g. meetings, phone calls, emails / letters
  • Information that is automatically collected via cookies when you visit one of our websites e.g. activity on our website linked to IP address or device ID (some information will only be collected where you have turned on the relevant cookies in our preference centre).
  • Information to allow you to access our online services e.g., username and email address.
  • Information if you visit one of our offices e.g., visual images collected via closed circuit television (CCTV).
  • Information classified as special categories of data (‘sensitive’ personal information) e.g., relating to your health. Where we collect and use sensitive personal information, as defined by data protection laws, this information will only be collected and used where it’s needed to provide the service you have requested or to comply with our legal obligations. We may need to obtain your explicit consent to process such information.

Where we collect your information

We may collect your personal information directly from you, or from a variety of sources, including but not limited to:

  • When you agree (or your firm agrees) to our Platform Adviser Terms of Business, Elevate Adviser Terms of Business, Investment Hub Terms of Business; the MPS Adviser Terms of Business; or the Model Manager Terms of Business (as applicable).
  • When you interact with us e.g. phone conversations, email, letters and meetings.
  • Registering for one of our events e.g., adviser roadshows, webinars
  • Participating in research surveys to help us understand your needs as an adviser better and how we can improve our products and services for you and your clients
  • Our online services such as websites, and through our social media (if you engage with our marketing campaigns),  and webforms e.g. for CPD certification
  • We may also collect your personal information from places such as business directories and other commercially or publicly available sources e.g.  the FCA register, to:
    • check or improve the information we hold about you, such as your FCA regulated activity permissions; or
    • obtain updated contact information if we have been unable to contact you directly

If you give us personal information about other people (such as Beneficial Owners or Shareholders of the company you work for), you confirm that you have their authorisation to do so, and have advised them how to view this notice so they understand how we will use their personal information, e.g. for the purposes of AML/KYC checks. 

Where your clients are invested in a model portfolio solution, some platforms may provide us with limited personal data relating to those clients i.e. names, portfolio numbers, wrapper type and value of investments. aPSL may further process some of this data for internal reporting purposes.

Why we collect and use your information

We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair, and lawful to do so. We will collect and use your information only if are able to satisfy one of the lawful processing conditions set out in the data protection laws.

This will be the case where:
  • It's necessary to manage our relationship with you and to provide the product or service you have requested e.g. to give you access to our platforms so that you are able to provide a service to your clients. As part of this we will send you communications with important information relevant to the services agreed with us. These are defined as “servicing communications” and are separate to any promotional or marketing communications we may send.
  • It's necessary for us to meet our legal or regulatory obligations e.g. to check source of wealth and do appropriate money laundering checks, for the detection and prevention of fraud, and identity verification.
  • We require your permission (consent) to use your information, e.g. to send you email communications promoting other products and services offered by members of the Aberdeen group (“marketing communications"). You can withdraw your consent at any time via the unsubscribe link in these emails or by contacting DPOffice@aberdeenplc.com.
  • It's in our legitimate interests to process your information to better understand your needs as an adviser so we can:
    • Send you postal communications to make you aware of other relevant products and services available from us and to help you support your clients with their financial planning
    • Show you targeted ads for our products and services through social media channels
    • Use your information to analyse your interactions with us and how you use our platforms. This allows us to better understand which of our products and services may be suitable for your business and clients, and to ensure we deliver the service you expect from us.

Where the processing is in our legitimate interests, we will always conduct an assessment to ensure that this use of your personal information is not excessive or unnecessary or otherwise more intrusive than it needs to be. If you wish to object to this processing, please contact us (see Contact Us section).

Who we may share your information with

We may share your information with third parties for the reasons outlined in 'Why we collect and use your information'.

We may share your information with:

  • Other members of the Aberdeen group who support us in the provision of the services agreed with you
  • Credit and identity check agencies for ID verification, to verify information that we hold about you or to undertake regulatory and legal checks.
  • Various technology companies; software suppliers; or companies who can help us in our contact with you, for example an internet service provider or the companies who support email/platform access authentication (Okta and Origo).
  • Our partner for the Aberdeen Wrap and Elevate platforms – FNZ.
  • Companies we have chosen to support us in the delivery of the products and services we offer to you e.g. research, consultancy or technology companies.
  • Providers of products and investments we make available on our platforms, for example product providers and fund managers;
  • Our regulators and government bodies; including the Financial Conduct Authority (FCA) and the Information Commissioner's Office for the UK (the ICO).
  • Law enforcement and other appointed agencies who support us (or where they request the information) in the prevention and detection of crime. e.g. where there appears to be suspicious activity relating to your clients’ investments.
  • Social media companies to display messages to you and others about our products and services. This involves securely sharing your information (e.g. your email address) to match it against information they may already hold about you; if you do not want us to share your information with social media companies for this purpose, you can tell us not to.
  • Third parties in the negotiations of a sale, restructure or re-organisation of all or part of Aberdeen Group plc e.g. professional advisers, prospective purchasers.
  • Third parties, where relevant, for the purposes of responding to complaints, including the payment of any compensation.

Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.

Where your information is processed

The majority of your information is processed in the UK or European Economic Area (EEA).

However, some of your information may be processed by us or the third parties we work with in countries outside of the UK or the EEA, including countries such as the United States.

Where your information is being processed outside of the UK or the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK or EEA data protection Laws e.g. we will put in place legal agreements with third parties and Aberdeen affiliates with ongoing oversight to ensure they meet these obligations.

How we protect your information

We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded, or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.

Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions.  Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.

Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this.

Internal and external audits are carried out on a regular basis and specialist third party consultants conduct regular, independent assurance and benchmarking exercises across our business to ascertain the effectiveness of our security control environment and our security strategy.

How long we keep your information

To provide you with the agreed services and meet our legal and regulatory obligations, we keep your personal information and copies of records we create (e.g. calls with us) while you have a relationship with us.
Even when you no longer have a relationship with us, we are required to keep information for different legal and regulatory reasons. The length of time will vary, and we regularly review our retention periods to make sure they comply with all laws and regulations.

Your rights

You have a number of rights under Data protection laws which may be exercised in certain circumstances. These are:
Right to be informed about how and why we are processing your personal information
You have a right to receive clear and easy to understand information on what personal information we have, why and who we share it with - we do this in our Privacy Notice or other privacy notices contained within application forms, terms and conditions and other documents.
Right of access to personal information relating to you
 You have the right of access to your personal information. If you wish to receive a copy of the personal information, we hold on you, you may make a data subject access request (DSAR) by contacting Platform-DSAR@aberdeenplc.com or in writing/email to the Data Protection Officer (see How to Contact Us section).
Right to request rectification of inaccurate or incomplete personal information
If your personal information is inaccurate or incomplete, you can request that it is corrected.
Right to request erasure of your personal information
You can ask for your information to be deleted or removed if there is not a compelling reason for Aberdeen to continue to have it.
Right to restrict processing of your personal information
You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information - but only to ensure we don't use it in the future for those reasons you have restricted.
Right to data portability
In certain circumstances, you can obtain a copy of your personal information for your own purposes (or to provide to a third party chosen by you) in a commonly used electronic format.
Right to object to processing of your personal information
You can object to Aberdeen processing your personal information where we process the information for (i) legitimate interests (including profiling); (ii)direct marketing aims (including profiling); and (iii)  for the purpose of scientific/historical research and statistics.
Right to not be subject to automated decision making including profiling
You have the right to ask us to:

  • give you information about its processing of your personal information
  • request human intervention or challenge a decision where processing is done solely by automated processes
  • carry out regular checks to make sure that our automated decision making and profiling processes are working as they should.
More information can be found on your rights here https://ico.org.uk/for-the-public/

If you require any more information on your rights and how to exercise them, you can contact the Data Protection Office by email (DPOffice@aberdeenplc.com) or by post (see Contact Us section).

How to make a complaint

We will always strive to collect, use and safeguard your personal information in line with data protection laws. If you do not believe we have handled your information as set out in our Privacy Notice, please let us know immediately and we will do our utmost to make things right. Contact us at:
FAO Data Protection Officer
Aberdeen,
1 George Street,
Edinburgh,
EH2 2LL
Email: DPOffice@aberdeenplc.com
While we hope that we can resolve any complaints for you, you do have the option to complain to the ICO (whether or not you have exhausted our complaints procedure). Their contact details are as follows:
Website: https://ico.org.uk/
Postal address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number