Is Advicefront registered with the ICO as a Data Controller and if so what is their ICO registration number.
Yes we are.
ICO Number: ZA228530
Advicefront state that they act as a Data Controller and a Data Processor, what activities do they undertake that fall under each category?
As per the definition, Advicefront aggregates/collects and stores the data from our customers and our customer's clients. We're joint Data Controllers with you (as Adviser) because you determine which information is stored on the platform.
We also process this data, in order to support Advisers and make them more efficient. We are therefore Data Processors.
Are Advicefront servers based in the UK/EEA?
Yes, AWS are in Ireland
Do Advicefront pass our clients data to a 3rd party based outside of the EEA, a country recognized by the EU as having adequate protection or if in the USA outside of the Privacy Shield Framework?
Client information is only passed to MailChimp - to process and send emails (the notifications) and Google Analytics is anonymised, for a better understanding on how users use the platform.
Every other third party is controlled by you as Adviser (major brands such as GoCardless, Voyant, CashCalc), most of them in Europe and all of them fully compliant with GDPR or they would not be able to transact)
Do those third parties fully comply with the GDPR?
Mailchimp and Google are fully compliant with GDPR
Do Advicefront have a data security policy
Can I see a copy of the proposed contract?
https://advicefront.com/terms however, you can simply sign up with a monthly subscription