This notice provides you with information concerning our collection and use of personal data. If you have any queries regarding this statement, please do not hesitate to contact us.
We collect, control and process your personal information because this is necessary to provide you with information, answer any queries you may have and for the provision of our services to you. Contractual necessity is therefore the lawful basis for collecting, controlling and processing your personal details and those of your employees and service providers other than sensitive personal data for which we require individual consent. We do not normally request or process any sensitive personal data.
Sensitive personal data:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data
- Biometric data
- Data concerning health
- Data concerning sex life or sexual orientation
We would discuss with you the need for the provision of sensitive data before you provide this information. Outline information about your health is often relevant to the advice we give and may be an underwriting factor, for example, where we advise on insurance protection. The subsequent provision of sensitive personal data will be taken as consent to this processing.
It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.
We do not use your personal data for marketing purposes nor will we share your data with any other organisation for marketing purposes.
What data we collect & what do we do with it
Completing our initial enquiry form.
If you contact us via the web form on our website your data will be protected by a secure socket layer. This site is hosted at WordPress.com, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help to improve it. For more information about how WordPress processes data, please see Automattic’s privacy notice. If you enter details into our webform these will be transmitted to us via email and stored on a Microsoft Hosted Exchange. The site is secured by Let’s Encrypt.
What we will do with your enquiry
We will retain your contact details & use cloud services to share them across our devices to facilitate further communication.
Working with us
We collect and use information about you, which will include personal data in order for us to advise you and make arrangements for you. In order to communicate with you about our services we will require your contact details including personal email addresses. Your name and email and information relating to the work we undertake for you will be processed and stored.
Sharing your data
In order to fulfil our obligations under any contract for services we will need to share your data with third party Data Controllers and Data Processors.
This will include
- Product & service providers in relation to investments, insurance plans and pensions.
- Our compliance monitoring services.
- The Financial Conduct Authority.
- The Financial Ombudsman Service.
- Any other regulators where so required.
- Para-planning (investment research) services.
- Outsourced accounting, document management & PA services.
We also use external Data Processors that will hold information for the following purposes:
- Secure file sharing
- Data backup
- Record keeping
- Regulatory compliance
All external processors are only permitted to process your data in line with our instructions.
Data processors privacy
Below is a list of the processors used and the types of information processed. Please note that the Privacy & Security policies of the processors are aimed at the controllers who use them and may be updated.
|Processor||Type of processing & data|
|Apple||We use Apple’s iCloud to synchronise calendar & contact details with smart phones to facilitate efficient communications. The information shared comprises contact information: name, phone numbers, email, address, meeting dates.|
|Dropbox||We use Dropbox to securely share files and documents that contain or may contain personal data pertinent to the work we undertake for clients and for our staff.|
|Genovo||We use Genovo software to generate reports and your personal data pertaining to our advice is entered during this process and stored.|
|Distribution Technology||We use Distribution Technology for research and enter minimal personal information – name only – to identify which client the research relates to.|
|Intelliflo||This is the provider of our back office systems where we store your personal data along with details of plans and investments.|
|CashCalc||Your name, age and financial information is processed in order to provide cash flow forecasting & modeling.|
|Microsoft||Document processing and email hosting – Microsoft products will be used to process all the personal data we handle.|
|Rochester & Associates||These are out IT support and remote back up service providers.|
|O&M||Your name, age and pension information is processed in order to research the best pension solutions for your needs.|
|Thirks||Document scanning service used to organize and store correspondence and files electronically. All the personal data we collect about our clients will be processed.|
|Xero||Accounting software for invoicing, names and addresses are processed to facilitate invoicing.|
|WordPress||Web site hosting, IP addresses are processed.|
|Let’sEncrypt||Web site secure socket layer provision.|
|Mailchimp||Email software for sending communications. Only names, email addresses and addresses are shared to send communications. For more information about how MailChimp processes data, please visit https://mailchimp.com/legal/privacy/|
In all cases we seek to minimize the amount of personal data shared and in some cases anonomise this. It is essential, however, that we can identify you quickly and easily so information shared may be identifiable as your personal data.
We will not share your personal information in any other circumstances than those necessary for the provision of service to you or where we are required to do so by law.
Where we store your Personal Data
All the data that we collect is stored on our encrypted server or encrypted back-up drives back up drives in the UK or with our listed processors under contract.
The information we collect about you is used solely for the purposes for which it was provided. We will never use your data or share it for marketing purposes.
Under data protection law you have the right to ask us for a copy of the information we hold about you, and to have any inaccuracies corrected or removed. You may also ask us to delete or cease processing all personal data held by us or any processor with which we have shared your data. We may not always be able to comply with a request for deletion, but you can ask us to cease processing your data.
In addition you have the right to be informed about the data we collect, where is located and with whom it is shared and the processing we undertake and to question any automated decision making processes
To do this, or if you require more information please either contact us in writing, by telephone or email.
We are registered as a Data Controller in the UK with the Information Commissioner’s Office. Refer to ico.org.uk for further information.
For any queries about data protection please contact:
|Contact name||Catherine Casey|
|Address||Rockwood Financial Solutions, Kingswood House, 80 Richardshaw Lane, Pudsey, Leeds, West Yorkshire, LS28 6BN|
|Telephone||0330 332 2679|
IP Addresses and Cookies
(A cookie is a piece of information that is stored on your computer’s hard drive which records how you have used a website. This means that when you go back to that website, it can give you tailored options based on the information it has stored about your last visit.)
Ones that are essential to the operation of the website. These cookies enable a site to remember text entered in a page within the same session or to remember whether a user is logged in or not, the site cannot function without them.
Performance cookies, which collect information about website usage to enhance the web experience. Examples of these include website analytics (i.e. Google Analytics) and ad-response rates (where data is collected exclusively for calculating click-through rates). They don’t collect information that can identify a particular visitor. These cookies are usually persistent and have fairly long expiry rates.
These remember the choices that users make within a web page, such as usernames, language or region to provide an enhanced, more personalised web experience. They cannot track your activity on other websites and are anonymous.
Targeting or advertising cookies collect information about your browsing habits to tailor third-party advertising to meet your interests. They are usually placed by advertisers with website operators’ permission. We do not use this type of cookie.