Privacy Notice

Effective Date: 01 October 2025
Last Updated: 01 October 2025

Wilsons is the trading name of Harold Wilson Financial Services Ltd and Harold Wilson (Insurances) Ltd (together referred to as “Wilsons”, “we”, “us”, or “our”). We are committed to protecting and respecting your privacy and ensuring that your personal data is handled fairly, lawfully and securely.

This Privacy Notice explains how we collect, use, share and retain your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant Financial Conduct Authority (FCA) and Information Commissioner’s Office (ICO) guidance.

If you have any questions or concerns about this notice or how your data is handled, please contact our GDPR Administrator at [email protected].

Who we are

Wilsons provides insurance broking and financial services. We are registered with the Information Commissioner’s Office (ICO) as a data controller under registration numbers:

  • Harold Wilson Financial Services Ltd: Z6028603

  • Harold Wilson (Insurances) Ltd: Z5711021

What data we collect and why

We collect personal information necessary to provide you with our services. This may include:

  • Name, address, contact details

  • Date of birth, gender, marital status

  • Employment and financial details

  • Identification documents

  • Details of existing policies or financial arrangements

  • Health or medical information (where required for certain policies or services)

We may also collect feedback, survey responses or information you provide via our website.

Special category data

In some cases, we may collect special category data, such as health information, to assess insurance needs or determine product suitability. We will always obtain your explicit consent before processing this type of data unless another lawful basis applies.

Our lawful basis for processing your data

We will only process your personal data where we have a lawful basis to do so. These include:

  • Performance of a contract: To provide you with the services you request

  • Legal obligation: To comply with applicable laws and FCA regulations

  • Legitimate interests: Where necessary for our business interests and where your rights do not override those interests

  • Consent: For marketing and special category data, where required

How we use your information

We use your information to:

  • Arrange and manage insurance or financial products on your behalf

  • Communicate with you about your policies or services

  • Ensure compliance with legal, regulatory and financial obligations

  • Monitor service standards and improve our offering

  • Conduct identity checks and prevent fraud or money laundering

  • Send relevant marketing communications (where you have opted in)

Who we share your data with

We may share your data with:

  • Insurers, underwriters, product providers and financial institutions

  • Professional service providers (e.g. compliance, paraplanning, legal or accountancy firms)

  • Third-party IT and software providers supporting our operations

  • Regulators, law enforcement, or courts where legally required

All third parties are contractually required to keep your data secure and process it only in accordance with our instructions.

International transfers

We do not routinely transfer personal data outside the UK or EEA. If we ever do, we will ensure adequate safeguards are in place, such as Standard Contractual Clauses or an adequacy decision by the UK government.

Data security

We take the security of your personal data seriously. We use appropriate physical, technical and organisational measures to protect your data from unauthorised access, loss, misuse or disclosure. These include data encryption, access controls, and staff training.

How long we keep your data

We will retain your data only as long as necessary to:

  • Fulfil our contractual and legal obligations

  • Comply with FCA or HMRC record-keeping requirements

  • Defend legal claims

This may require holding your data for up to 25 years, or beyond your death in specific cases. We review retention periods regularly and a copy of our Data Retention Policy is available from our GDPR Administrator.

Your rights under UK data protection law

You have the right to:

  • Access the personal data we hold about you

  • Correct inaccurate or incomplete data

  • Request deletion of your data (subject to legal constraints)

  • Object to or restrict certain types of processing

  • Request portability of your data to another provider

  • Withdraw your consent at any time (where applicable)

  • Lodge a complaint with the ICO if you believe your rights have been violated

Marketing preferences

We will only send you marketing communications about our services or other companies in our group where you have given us permission.

You can update your preferences or opt out at any time by contacting [email protected] or using the unsubscribe link in our emails.

We do not share your information with third-party marketing companies.

Cookies and website usage

Our website uses cookies to improve your experience and gather usage statistics. You can manage or disable cookies via your browser settings. More information is available at www.allaboutcookies.org.

Links to other websites are provided for your convenience. We are not responsible for the privacy practices of other sites.

Complaints and contact

If you are unhappy with how we have handled your personal data, please contact our GDPR Administrator at:

Email: [email protected]
Post: Wilsons, Wilson House, 1-3 Waverley Street, Nottingham NG7 4HG
Tel: 0115 942 0111

If you are not satisfied with our response, you have the right to lodge a complaint with:

Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: www.ico.org.uk

Changes to this Privacy Notice

We keep our Privacy Notice under regular review. Any updates will be published on our website at www.wearewilsons.com/privacy.