Privacy Policy

1. Introduction

Airy Trail Financial Planning ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our financial planning services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Contact information (name, email address, phone number, postal address)
• Financial information (income, assets, liabilities, investment objectives)
• Identification information (date of birth, national insurance number)
• Employment information (occupation, employer details)
• Family information (marital status, dependents)

2.2 Technical Information

When you visit our website, we may automatically collect:

• IP address and device information
• Browser type and version
• Pages visited and time spent on our website
• Referring website and search terms used

3. How We Use Your Information

We use your personal information for the following purposes:

• Providing financial planning advice and services
• Assessing your financial needs and objectives
• Recommending suitable financial products
• Maintaining client records and regulatory compliance
• Communicating with you about our services
• Improving our website and services
• Meeting legal and regulatory obligations

4. Legal Basis for Processing

Under UK GDPR, we process your personal information on the following legal bases:

• Contract: To provide financial planning services you have requested
• Legal obligation: To comply with FCA regulations and other legal requirements
• Legitimate interests: To improve our services and prevent fraud
• Consent: For marketing communications (where applicable)

5. Information Sharing and Disclosure

We may share your information with:

• Financial product providers (to facilitate recommendations)
• Regulatory authorities (FCA, HMRC) when required by law
• Professional service providers (solicitors, accountants)
• Third-party service providers (IT support, document storage)
• Law enforcement agencies when legally required

We do not sell or rent your personal information to third parties for marketing purposes.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data
• Secure file storage systems
• Access controls and authentication
• Regular security assessments
• Staff training on data protection

7. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Generally, we retain client records for at least 6 years after the end of our business relationship, in line with FCA requirements.

8. Your Rights

Under UK data protection law, you have the following rights:

• Access: Request a copy of your personal information
• Rectification: Correct inaccurate or incomplete information
• Erasure: Request deletion of your information (subject to legal obligations)
• Restriction: Limit how we process your information
• Portability: Receive your information in a machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent

To exercise these rights, please contact us using the details below.

9. Cookies

Our website uses cookies to improve your browsing experience. For detailed information about our use of cookies, please see our Cookie Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been breached.