Privacy Policy


This notice provides you with information concerning our collection and use of personal data. If you have any queries regarding this statement, please do not hesitate to contact us.

Legal basis

We collect, control and process your personal information because this is necessary to provide you with information, answer any queries you may have and for the provision of our services to you. Contractual necessity is therefore the lawful basis for collecting, controlling and processing your personal details and those of your employees and service providers other than sensitive personal data for which we require individual consent. We do not normally request or process any sensitive personal data.

We may need to consider health information as it is essential for insurance underwriting purposes, which includes all insurance-based products. In this case, we are allowed to process special category data based on the basis of necessity to contract.

Special Category personal data:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data
  • Data concerning health
  • Data concerning sex life or sexual orientation

We would discuss with you the need for the provision of sensitive data before you provide this information. Outline information about your health is often relevant to the advice we give and may be an underwriting factor, for example, where we advise on insurance protection. The subsequent provision of such personal data will be taken as consent to this processing.

It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.

What data we collect & what do we do with it

In order to provide financial advisory services we will obtain personal information from you concerning your finances, your circumstances, objectives and other relevant details. We will collect, store and process this information. Other than the ways specified in our privacy policy, we will not share your personal information with other companies without your express authority except if the firm is sold or where we are required to do so by law.

Completing our initial enquiry form.

If you contact us via the web form on our website your data will be protected by a secure socket layer. This site is hosted at, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help to improve it. For more information about how WordPress processes data, please see Automattic’s privacy notice. If you enter details into our webform these will be transmitted to us via email and stored on a Microsoft Hosted Exchange. The site is secured by Let’s Encrypt.

What we will do with your enquiry

We will retain your contact details & use cloud services to share them across our devices to facilitate further communication.

Working with us

We collect and use information about you, which will include personal data in order for us to advise you and make arrangements for you. In order to communicate with you about our services we will require your contact details including personal email addresses. Your name and email and information relating to the work we undertake for you will be processed and stored.

Sharing your data

In order to fulfil our obligations under any contract for services we will need to share your data with third party Data Controllers and Data Processors. We will only use data controllers and processors registered with a supervisory authority in a satisfactory jurisdiction (as indicated by the UK Information Commissioner’s Office) and on terms which comply with Data Protection law in the UK before we share any of your data.

Data Controllers

This will include

  • Product & service providers in relation to investments, insurance plans and pensions.
  • Our compliance monitoring services.
  • The Financial Conduct Authority.
  • The Financial Ombudsman Service.
  • Any other regulators where so required.
  • Para-planning (investment research) services.
  • Outsourced accounting, document management & PA services.

We also use external Data Processors that will hold information for the following purposes:

  • Research
  • Secure file sharing
  • Data backup
  • Communications
  • Accounts
  • Forecasting
  • Record keeping
  • Regulatory compliance

All external processors are only permitted to process your data in line with our instructions.

Data processors privacy

Below is a list of the processors used and the types of information processed. Please note that the Privacy & Security policies of the processors are aimed at the controllers who use them and may be updated.

Processor Type of processing & data
Apple We use Apple’s iCloud to synchronise calendar & contact details with smart phones to facilitate efficient communications. The information shared comprises contact information: name, phone numbers, email, address, meeting dates.
Genovo We use Genovo software to generate reports and your personal data pertaining to our advice is entered during this process and stored.
Distribution Technology We use Distribution Technology for research and enter minimal personal information – name only – to identify which client the research relates to.
Intelliflo This is the provider of our back office systems where we store your personal data along with details of plans and investments.
CashCalc Your name, age and financial information is processed in order to provide cash flow forecasting & modeling.
Microsoft Document processing and email hosting – Microsoft products will be used to process all the personal data we handle.
O&M Your name, age and pension information is processed in order to research the best pension solutions for your needs.
Thirks Document scanning service used to organize and store correspondence and files electronically. All the personal data we collect about our clients will be processed.
Xero Accounting software for invoicing, names and addresses are processed to facilitate invoicing.
WordPress Web site hosting, IP addresses are processed.
Let’sEncrypt Web site secure socket layer provision.
Mailchimp Email software for sending communications. Only names, email addresses and addresses are shared to send communications. For more information about how MailChimp processes data, please visit

In all cases we seek to minimize the amount of personal data shared and in some cases anonomise this. It is essential, however, that we can identify you quickly and easily so information shared may be identifiable as your personal data.

We will not share your personal information in any other circumstances than those necessary for the provision of service to you or where we are required to do so by law.

Where we store your Personal Data

All the data that we collect is stored on our encrypted server or encrypted back-up drives back up drives in the UK or with our listed processors under contract.


The information we collect about you is used solely for the purposes for which it was provided. We will never use your data or share it for marketing purposes.

Your rights

Under data protection law you have the right to ask us for a copy of the information we hold about you, and to have any inaccuracies corrected or removed. You may also ask us to delete or cease processing all personal data held by us or any processor with which we have shared your data. We may not always be able to comply with a request for deletion, but you can ask us to cease processing your data.

In addition you have the right to be informed about the data we collect, where is located and with whom it is shared and the processing we undertake and to question any automated decision making processes

To do this, or if you require more information please either contact us in writing, by telephone or email.


We will keep your personal data throughout our business relationship. At the end of any contractual relationship we are required to continue to hold personal data under current legislation for varying periods and in some circumstances indefinitely. We may also consider it necessary to keep data beyond these timescales in order to defend any future legal action. Where we no long need regular access to your data we will transfer your data to a secure archive in order to avoid any unnecessary processing.


We are registered as a Data Controller in the UK with the Information Commissioner’s Office. Refer to for further information.


For any queries about data protection please contact:

Contact name Catherine Casey
Address Rockwood Financial Solutions, Kingswood House, 80 Richardshaw Lane, Pudsey, Leeds, West Yorkshire, LS28 6BN
Telephone 0330 332 2679


IP Addresses and Cookies

Our website uses cookies purely to enhance your experience.

(A cookie is a piece of information that is stored on your computer’s hard drive which records how you have used a website. This means that when you go back to that website, it can give you tailored options based on the information it has stored about your last visit.)

Vital cookies!

Ones that are essential to the operation of the website. These cookies enable a site to remember text entered in a page within the same session or to remember whether a user is logged in or not, the site cannot function without them.

Performance cookies

Performance cookies, which collect information about website usage to enhance the web experience. Examples of these include website analytics (i.e. Google Analytics) and ad-response rates (where data is collected exclusively for calculating click-through rates). They don’t collect information that can identify a particular visitor. These cookies are usually persistent and have fairly long expiry rates.

Functionality cookies

These remember the choices that users make within a web page, such as usernames, language or region to provide an enhanced, more personalised web experience. They cannot track your activity on other websites and are anonymous.

Advertising cookies

Targeting or advertising cookies collect information about your browsing habits to tailor third-party advertising to meet your interests. They are usually placed by advertisers with website operators’ permission. We do not use this type of cookie.

Any changes we may make to our privacy policy in the future will be posted on our websites where appropriate or may be notified to you by post or e-mail.

Updated Oct 2023