1.0 Our core beliefs regarding user privacy and data protection
User privacy and data protection are human rights
We are anti-spam
We will never sell, rent or otherwise distribute or make public your personal information
2.0 Relevant legislation
Along with our business and internal computer systems, our website’s are designed to comply with the following national and international legislations with regards to data protection and user privacy:
UK Data Protection Act 1988 (DPA)
EU Data Protection Directive 1995 (DPD)
EU General Data Protection Regulation 2018 (GDPR)
Australian Privacy Act 1988 (APA)
This site’s compliance with the above legislation means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
3.0 Personal information that this website collects and why we collect it
This website collects and uses personal information for the following reasons:
3.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
3.2 Contact forms and email links
Should you choose to contact us using an email link, none of the data that you supply will be passed to / be processed by any of the third party data processors defined. The data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted before being sent across the internet. The email content is then decrypted by our local computers and devices.
4.0 How we store your personal information
If you have emailed us directly your contact details will be kept within our encrypted email account & on file if you become a client of Woodford Finance.
5.0 About this website’s server
This website is hosted on servers run within a seven state-of-the-art data centers, which are located in Europe and the USA.
Some of the more notable security features are as follows:
The Green Grid industry body, comply with the European Code of Conduct for Datacentre Operators best practice guidelines
Externally audited and certified to ISO 9001 (Quality Management), ISO 14001 (Environmental Management) and ISO 27001 (Information Security) standards
24×7 security and NOC staff being present, high security perimeter fencing.
A state-of-the-art IP CCTV system and access control system form part of the comprehensive security arrangements, including man-traps, interlocked doors, and biometric iris scanners.
High-end fire suppression systems are fitted throughout the entire facility.
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
2 level firewalls protect our server against attacks and unauthorised access.
Full details of our providers data centre please contact our providers: email@example.com
6.0 Our third party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation.
7.0 Data Breaches
We will report any unlawful data breach of this website’s files and of any of our third party data processors to any and all relevant persons and authorities of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
During the course of dealing with us, we will ask you to provide us with detailed personal information relating to your existing circumstances, your financial situation and, in some cases, your health and family health history (Your Personal Data). This document is important as it allows us to explain to you what we will need to do with Your Personal Data, and the various rights you have in relation to Your Personal Data.
Your Personal Data means any information that describes or relates to your personal circumstances. Your Personal Data may identify you directly, for example your name, address, date of birth, national insurance number. Your Personal Data may also identify you indirectly, for example, your employment situation, your physical and mental health history, or any other information that could be associated with your cultural or social identity.
In the context of providing you with assistance in relation to your Mortgage and/or Insurance requirements Your Personal Data may include:
When we speak with you about your mortgage and/or insurance requirements we do so on the basis that both parties are entering a contract for the supply of services.
In order to perform that contract, and to arrange the products you require, we have the right to use Your Personal Data for the purposes detailed below.
Alternatively, either in the course of initial discussions with you or when the contract between us has come to an end for whatever reason, we have the right to use Your Personal Data provided it is in our legitimate business interest to do so and your rights are not affected. For example, we may need to respond to requests from mortgage lenders, insurance providers and our Compliance Service Provider relating to the advice we have given to you, or to make contact with you to seek feedback on the service you received.
On occasion, we will use Your Personal Data for contractual responsibilities we may owe our regulator, The Financial Conduct Authority, or for wider compliance with any legal or regulatory obligation to which we might be subject. In such circumstances, we would be processing Your Personal Data in order to meet a legal, compliance or other regulatory obligation to which we are subject.
Where you ask us to assist you with for example your insurance, in particular life insurance and insurance that may assist you in the event of an accident or illness, we will ask you information about your ethnic origin, your health and medical history (Your Special Data). We will record and use Your Special Data in order to make enquiries of insurance providers in relation to insurance products that may meet your needs and to provide you with advice regarding the suitability of any product that may be available to you.
If you have parental responsibility for children under the age of 13, it is also very likely that we will record information on our systems that relates to those children and potentially, to their Special Data.
The arrangement of certain types of insurance may involve disclosure by you to us of information relating to historic or current criminal convictions or offences (together “Criminal Disclosures”). This is relevant to insurance related activities such as underwriting, claims and fraud management.
We will use Special Data and any Criminal Disclosures in the same way as Your Personal Data generally, as set out in this Privacy Notice.
Information on Special Category Data and Criminal Disclosures must be capable of being exchanged freely between insurance intermediaries such as our Firm, and insurance providers, to enable customers to secure the important insurance protection that their needs require.
We will collect and record Your Personal Data from a variety of sources, but mainly directly from you. You will usually provide information during the course of our initial meetings or conversations with you to establish your circumstances and needs and preferences in relation to mortgages and insurance. You will provide information to us verbally and in writing, including email.
We may also obtain some information from third parties, for example, credit checks, information from your employer and searches of information in the public domain such as the voters roll. If we use technology solutions to assist in the collection of Your Personal Data, for example software that is able to verify your credit status, we will only do so if we have consent from you, for us, or our nominated processor to access your information in this manner. With regards to electronic ID checks we would not require your consent but will inform you of how such software operates and the purpose for which it is used.
In the course of handling Your Personal Data, we will:
From time to time Your Personal Data will be shared with:
In each case, Your Personal Data will only be shared for the purposes set out in this Customer Privacy Notice, i.e. to progress your mortgage and/or insurance enquiry and to provide you with our professional services.
Please note that this sharing of Your Personal Data does not entitle such third parties to send you marketing or promotional messages, it is shared to ensure we can adequately fulfil our responsibilities to you, and as otherwise set out in this Customer Privacy Notice.
We do not envisage that the performance by us of our service will involve Your Personal Data being transferred outside of the European Economic Area.
If data is transferred outside the EEA whether the transfer is made on the basis of an adequacy decision by the European Commission under Article 45 of the UK GDPR. If the transfer is not made on the basis of an adequacy decision, give people brief information on the safeguards put in place in accordance with Article 46, 47 or 49 of the UK GDPR.
Your privacy is important to us and we will keep Your Personal Data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard Your Personal Data against it being accessed unlawfully or maliciously by a third party.
We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.
Your Personal Data will be retained by us either electronically or in paper form for a minimum period of 6 years following the advice/service you receive from us, although your data could be held for a longer period where this may be needed to meet the requirements of our regulatory bodies.
If you have any questions or comments about this document, or wish to make contact in order to exercise any of your rights set out within it please contact:
If we feel we have a legal right not to deal with your request, or to action it in a different way to how you have requested, we will inform you of this at the time.
You should also make contact with us as soon as possible on you becoming aware of any unauthorised disclosure of Your Personal Data, so that we may investigate and fulfil our own regulatory obligations.
If you have any concerns or complaints as to how we have handled Your Personal Data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us/ or by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Click the link above to continue or CANCEL