Privacy Policy

Privacy Policy

 

Privacy Policy

Last Updated: 23rd March 2026

At Grovely Financial Limited, we take your privacy as seriously as your financial planning requirements. This policy explains how we collect, use, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Grovely Financial Limited is the "Data Controller" of your personal information. This means we decide how and why your data is processed.

  • Address: Windover House, St Ann Street, Salisbury, SP1 2DR

  • Email: office@grovelyfinancial.co.uk

  • Phone: (01722) 680515

2. The Data We Collect

To provide expert financial advice, we need to know more than just your name. We collect:

  • Identity Data: Name, date of birth, gender, and marital status.

  • Contact Data: Address, email, and phone numbers.

  • Financial Data: Income, expenditure, assets, liabilities, bank details, and credit history.

  • Special Category Data: Health information.

  • Technical Data: IP addresses and cookies when you visit our website.

3. Why We Use Your Data (Legal Basis)

We only process your data when we have a legal "hook" to do so.

Purpose Legal Basis

Providing Advice Performance of a Contract.

Compliance/Anti-Money Laundering. Legal Obligation.

Marketing Similar Services Legitimate Interest.

Processing Health Data Explicit Consent.

4. Marketing & Legitimate Interest

We may use your Identity and Contact Data to form a view on what products or services we think you may want or need.

Our Legitimate Interest: We believe it is in our interest as a business to keep people who have enquired about our services, our clients and professional contacts informed about financial market updates, legislative changes (like Pension/Tax shifts), and services that complement the advice we have already provided.

How this affects you:

  • We only send marketing to people who have enquired about our services, existing clients or professional contacts.

  • We have conducted a Legitimate Interest Assessment (LIA) to ensure our marketing doesn't override your fundamental rights.

  • The "Opt-Out": You have an absolute right to object to direct marketing at any time. Every email we send will have an "Unsubscribe" link, or you can contact us directly.

5. Who We Share Your Data With

We don’t sell your data to third parties. However, we do share it with:

  • Product Providers: Pension companies, investment platforms, and insurers.

  • Regulators: The Financial Conduct Authority (FCA) and HMRC.

  • Compliance Consultants: To ensure we are giving you the best (and legal) advice.

  • Service Providers: Our IT support and secure cloud storage partners.

6. Data Retention

We don’t keep your data forever, but because the FCA requires us to defend our advice indefinitely in some cases (e.g., pension transfers), we typically retain client files for a minimum of 6 years after our relationship ends, and often longer if required by regulatory necessity.

7. Your Rights

Under GDPR, you are in the driver's seat. You have the right to:

  1. Access your data (The "Subject Access Request").

  2. Correct inaccurate data.

  3. Erasure (The "Right to be Forgotten"), subject to regulatory retention rules.

  4. Object to processing based on Legitimate Interest.

  5. Withdraw Consent at any time (where consent was the basis).

8. How to Complain

If you’re unhappy with how we’ve handled your data, please talk to us first. If we can’t fix it, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.