Privacy, Data Protection and GDPR Policy


We recognise our responsibility to treat your personal information with care and to comply with all relevant legislation, in particular the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR) which we refer to as the “legislation” in this document.  This notice covers our requirement to provide you with information on how and why we use your personal data and of your rights under the legislation.


Data Controller

We provided you with advice and guidance to secure mortgage and other credit finance to acquire land and property. We also provide you with advice regarding your wider protection needs.  Consequently we are classed as the “data controller” which means we process your data. The contact details are shown at the foot of this notice. Your personal data which is limited to the details provided on our data gathering forms, outputs from lenders and insurers in accordance with the products that you purchase through this business. The data is passed to these organisations who may be data controllers and their own right and may issue you with their own Data Protection Privacy Notices.


Personal Information

We will use personal information about you mainly to: –

– Provide advice and recommendations on mortgage finance and protection needs.

– Arrange mortgage and insurance products

– Inform you about our products and services;

– Ensure appropriate preventative Money Laundering processes are implemented.
– Statistical analysis and management information aimed at improving our services to you.

Some of the personal information we ask you to provide may be regarded as being sensitive as defined in the legislation, e.g. medical data, health data, and about your occupation. This information is required to support applications made to secure the products of your choice, without which the application cannot be completed.

If you give us information about another person, in doing so you confirm that they have given you permission to provide it to us and that we may use their personal data in the same way as your own as set out in this notice.


Legal Basis for processing your Personal Information

We are required to have a lawful basis (as defined in the legislation) to process your personal data and the relevant bases which we use are show in the table below.

Purpose of processing Lawful Basis
Providing advice to meet protection needs, Necessary for the performance of an insurance contract.
Providing advice on mortgage financing. Contract – to process the contract with an individual (s) trustees or corporate body
Providing advice on equity release products to meet client needs Contract – to process the contract with an individual
Provision of information on products and services (Marketing). Our legitimate interests or your explicit consent.
To notify you of changes in our service. Our Legal and Regulatory obligations.
To prevent and detect fraud, money laundering and other financial crimes. Our Legal and Regulatory obligations.
To meet general legal or regulatory obligations. Our Legal and Regulatory obligations.
Statistical analysis. Our legitimate interests – to refine and enhance the products and pricing which we can offer.



We may contact you by email, text, telephone, mail or other agreed means to keep you up to date about our products and services.  The legislation allows us to do this in our own commercial interests for certain communications with previous customers. In other circumstances we can only do so with your explicit consent. In all cases you can opt out from receiving such communications at any time.


Disclosure of your Personal Information

As a necessary part of providing you with the services described above we may need to disclose your personal data to other third parties. These include mortgage finance providers, general insurance providers and life companies. We will, on request also provide your data to Regulatory authorities and the Police or other law enforcement bodies that assist with fraud prevention and detection. We may share information with other third party providers that assist this firm with the internal roles including our accountants, compliance support and IT specialists. These are the only circumstances where we share data we do not provide your personal data to third party for marketing procedures and take reasonable steps to prevent data loss. Our third party suppliers confirm shared data will ne be used for marketing purposes.


Retention Period

Your data will not be retained for longer than is necessary and will be managed in accordance with our data retention policy. In most cases the period will be for a maximum of 7 years following the advice or cessation of your insurance policy. We may be required to retain the data for a longer period due to business, legal or regulatory requirements.


International transfers of data

We do not presently transfer your personal data to destinations outside the European Economic Area (EEA). Should this become necessary in the future we will ensure that it is treated securely and in accordance with the legislation.


Your Rights

Under the legislation you have the following rights in relation to our processing of your personal data: –


  1. The right to be informed about how we use your personal data (This Privacy Notice);
  2. The right to see a copy of the personal information we hold about you. (In most cases this will be free of charge);
  3. The right to have personal information rectified if inaccurate or incomplete;
  4. The right of erasure of your personal information where there is no compelling reason for its continued processing;
  5. The right to restrict processing in certain circumstances, e.g. if its accuracy is being contested;
  6. The right to data portability which, subject to certain conditions, allows you to obtain and reuse your personal data across different services;
  7. The right to object to certain processing including for the purposes of direct marketing;
  8. Rights to information in relation to automated decision making and profiling.


Complaints/Contact us

If you have a complaint about how we use your personal information, please contact us at the address below. You also have the right to lodge a complaint with the Information Commissioner’s office at any time.

For further information on this Privacy Notice, to access your personal information or to exercise any of your other rights, please contact The Data Protection Officer, Marlowe Innovation Centre, Marlowe, Way, Ramsgate, Kent, CT12 6FA at email address at telephone number 0800 5677 7198.