Thank you for trusting us with some information about you.  We take that trust seriously and we want you to know how we use your information and why.

We are Financial Progression Limited, a company registered in England and Wales under company registration number 6485003. Our registered office is at 4 Henley Road, Marlow, Buckinghamshire SL7 2DA, and we were incorporated in January 2008.

If you have any queries or comments about our handling of your personal data, please contact us at

We promise respectful treatment of the personal information of everyone we have contact with. This Policy explains how we do that – when and why we collect information, how we use it, the situations when other people can see or use it, and how we keep it secure. But just to set the scene, in case you don’t want to read through all the details just now, we can be clear up front.

  • We don’t sell, rent or trade email lists with anyone else.
  • We’ve split this Policy into sections, depending on who you are.
  • Section A is for everyone and includes information about cookies on our websites.
  • Section B is for you if you are or work for a business prospect.
  • If you are a client or a client contact, Section C is for you.
  • Section D is for you if we have information about you purely because we are providing services to a client.
  • And if you’re a supplier, associate or affiliate, Section E is for you.

Whoever you are, our intention is to use your information to make things work smoothly for you in your experience of dealing with us. If that’s not how it turns out for you, please make sure to give us a shout. It’s best to put things in writing, which you can do by email to

This Privacy Policy is up to date to June 2020. We keep this Policy under regular review, and we may revise it at time goes on. Please check back here from time to time to make sure you’ve got the latest information.

Words or phrases with special meaning

In this Policy, there are words and phrases that have a specific meaning or that we are using in a special way. They are:

  1. “personal data” — any information about an identifiable living human being.
  2. “process” — we “process” your personal data when we do anything with it, which might include: collecting, recording, organising, storing, adapting, altering, retrieving, using, combining, disclosing, or deleting it.
  3. “special category data” — this is personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation, health, genetic or biometric data.

Our general approach to personal data

We’re committed to protecting your privacy, and honouring your legal rights to control how we use your personal data.

We only collect and use personal data when we need to:

  • because you have asked us to do something (for example, send you newsletters);
  • so that we can reply to queries or complaints;
  • to develop and manage our business relationships;
  • to improve our products and services;
  • for market research purposes;
  • to help grow our business and fulfil our contracts;
  • to provide services to clients;
  • to facilitate security screening or anti-money laundering functions that we may be required to perform;
  • to meet our legal obligations.

We try to make sure the information we hold is accurate and up to date, and is no more than we need to have. If we are processing information about you purely because we are providing services to others, please see Section D below.

If you have any questions or concerns about our use of your information, or how we have responded to any request about your personal data, please take it up in the first instance by emailing If we can’t sort it out, the official authority here in the UK is the Information Commissioner, and you can raise your concerns with them here.

Cookies on our website

If you are reading this you found our website somehow. We try to get you to read our web site by creating content that is useful for you.

Our service is for business. We like to figure out what works to bring people to our website, keep them there by providing useful information, and encourage visitors to sign up to receive more information.

We monitor the volume of visitors to our website, how you found us, where you came from and which pages you view when visiting our site.  At this stage, we do not know who you are, just that some people arrive from here and go there.  We do not harvest or collect email addresses from website visitors. If you don’t contact us and give us your email, we don’t have your details.

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

To review the cookies currently in use, or change your previously set cookie preferences, click here → Privacy Preferences.

None of this results in us contacting you or monitoring you in any personal or individual way – we just like to know who our typical customer is and what they like.

Links to other websites

If you click through a link on our website to a different website, then the cookie policy for that other website will then apply to your session, and we have no control over those.

To learn more about cookies, including how to disable them, view or

By using our website, you agree to our use of cookies unless you have disabled them yourself. Please note that by deleting or disabling future cookies, your user experience may be affected and you might not be able to take advantage of certain functions of our site.

Downloads, newsletters and services

If you contact us and ask us to send you information or a download, subscribe to a review or purchase a product or service, your email and the details of your enquiry will be held in our email system. We use a Google email system, and their privacy policy is here.

If you asked to be subscribed to a particular newsletter or sequence of updates (or subscribe yourself) you will be added to that list.  We operate ‘double opt-in’ lists and you will need to reconfirm your subscription before anything is sent.  Any automated email sent to you will have an unsubscribe option on it that can be triggered at any time.

We hold your information for our newsletter lists in a program called MailChimp. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp’s privacy notice here. MailChimp holds data in the USA – they comply with the EU-US Privacy Shield Framework, protecting your data.

We monitor who reads our mailing and automations, how many times, and which links you choose to use and read. We use this information to increase the content’s level of interest and help us improve what we send. You can remove your information from this monitoring by disabling cookies on your website browser before opening emails from us. From time to time, we contact individual email newsletter subscribers but it is extremely rare.

We ask our own sales and marketing people (both internal and external) to contact potential clients from time to time.  This is normally because you have requested a call, or because we are actively trying to let you know about something you may benefit from.

Our services are designed to be business to business.  We are not a hard sell or cold-calling organisation but prefer to build long-term relationships with satisfied and relaxed clients.

Social media

We have an active presence on social media, including Twitter and LinkedIn. Click the name of the platform for a link to their privacy policy.

If you ‘like’ any of our posts or ‘follow’ us, we can make ourselves aware of who you are from the information that you publish in your profile on the relevant platform. Your information is held by the platform and is subject to their data policy – we don’t control those.  You can find a link to the privacy policy for each of the social media platforms by clicking on their name above.

Your replies to us, messages you send us, and your other activity linked to our posts may be seen by members of our staff and by our associates. Our contracts with them hold them to high standards of protecting your information.

Who can see or use your data?

We do not sell or exchange your personal data with organisations who may want to sell you something or use your data for research or other purposes. If at any point we decided to exchange lists with another organisation, we would ask you to ‘opt-in’ to such a system. Our continuing silence means we are not doing so.

  • Data location and platforms

Like many businesses, we do not have any tailor-made software – we use mainstream packages for everything from our client records, to email, to accounting.

This means that much of our data is held in services in the USA (with our accounting data – held on Xero – going to New Zealand or other non-EEA jurisdictions. Xero privacy policy here). We have picked mainstream suppliers with appropriate security standards.

Special category data (about your health, orientation, beliefs etc) would only be on our systems if you had provided it to us for some reason. We do not routinely collect this data about anyone and it would not normally be of any relevance to us – unless required to ensure that we communicated with you in an accessible fashion.

  • People

As well as our own employees, we may also use outsourced support – which could include contracted consultants, virtual assistants, web designers, IT support, sales and marketing, accounting and more. Those support services have limited access to your data – only where the service they provide to us means they need it.

Our outsourced team use our software to access any data they need. We do not permit copying or sharing by the team and actively monitor for any potential breaches.

Your information  is held in the strictest confidence. Our team are all contracted to strict confidentiality clauses and we monitor and restrict their data usage. We only use mainstream software and we use the most secure login options available to us.

We restrict who can export or download data that is held to a limited number of individuals who are authorised to back up data.

If you want to know who is on our team, please email and ask us.

How long do we keep your data for?

If you unsubscribe from our newsletter list, your unsubscribe is recorded so that we do not continue to send newsletters to your email address.

  • Prospects

We find that people come back to us a long time after our initial contact, and sometimes after things have been quiet between us for a very long time. However, we do like to be able to respond appropriately and intelligently to old connections, so we generally keep your information for at least 3 years from our last point of contact.

If you have contacted us and signed up to a mailing list but never purchased from us, you will remain on the list you joined until you unsubscribe from that list.  We clean our lists from time to time and unsubscribe people who not ever read anything from us. But in order to avoid adding you again by mistake, unsubscribes are kept on an unsubscribe list.

  • Clients and suppliers

We have a long-term and discreet relationship with most of our clients. Our services mean that we are auditing financial information and records, and for that reason, we retain information for 10 years from the last point of contact. This allows us to have financial records going back far enough to satisfy HMRC, to respond to client historical queries, and to satisfy our insurers.

Want to see what we hold on you?

If you want to know what information we have about you (if any) email and give us your name, email address(es). We will happily do a search and send you screenshots of what we have.

If you are not happy with being on any of our lists you can simply unsubscribe. If you want to be removed from our customer records, please let us know.

What are your rights?

You have the right to know what information we have about you, and to amend it if it is inaccurate.

If you feel for some reason we have information we should not be keeping, or it is out of date or otherwise wrong, please let us know and we will take appropriate action.

Your rights with respect to your personal data are, in summary, to be informed what processing is taking place, to have access to your data, rectification, erasure, restriction, portability, objection, and relating to automated decisions. These rights are detailed here.

Our basis of processing: Signing onto our newsletter list is by your consent – and when you withdraw your consent we stop that processing of your data.

Apart from that, the information we hold is based on our needing the information to run our business and provide our products and services – either so we can perform our contract with you or your employer, or because we have a legitimate business interest in processing your data.

In a few situations we are processing personal data because we are under a legal obligation to do so. This principally relates to our business, accounting and tax records.

You have a “right to be forgotten” – but that does have some legal limits to it. If you want us to remove information about you, let us know. If you have been a client contact, we may not be able to remove all data as we will have to ensure that we can continue to comply with legal, accounting, taxation and our insurer’s requirements.

If you want to know what information we have about you (if any), email us at the email address set out above and give us your name and email address(es).

Most of the information we process comes from you. We process it so we can reply to you, and when you contact us again we know what you asked before, what you were sent, and what you told us.

Typically, we are collecting name, contact details, job title, employer, location, how we came across you, and background information from you or published by you on social media or freely accessible on the internet, on why you might be interested in our products or services or a relevant contact for our business. See also the general notes above, about what happens if you sign up to our newsletter, or engage with us on social media.

We may be aware that you have a LinkedIn profile or Facebook page or Twitter account. If we are in contact via those mediums, we may add that to our records so we remember to check in those places for messages from you. If your account details are private we will not see them.

If we email you individually using our own email system, or respond to an email sent to us at any of our business email addresses, a copy of that email will also be stored. We use Google gmail, and our emails are held on their servers. [Their data privacy policy is here. Google holds data in the USA – they comply with the EU-U.S. Privacy Shield Framework, protecting your data.]

We currently keep individual emails from and to you indefinitely, so we have a record of our interactions, queries, and how we resolved them.

We do not routinely keep special category data. If we have any, it was supplied or made publicly available by you.

Our basis of processing: Our lawful basis of processing your data is, depending on the circumstances, that (a) you have given your consent to that processing of your personal data; or (b) our processing is necessary for the purposes of our legitimate business interests (namely establishing and maintaining a business relationship with your employer), and that our processing will not override your interests or your fundamental rights or freedoms.

Once you or your employer become a client, we will collect further information from you.

This will include the information we collect from Prospects (above). We collect your email address, phone number and postal address so we can provide what we have contracted to, invoice you and keep proper records of our business relationship.

We process your data to support the delivery of the goods and services your employer has bought. We keep records of the goods/services provided to you, and information you give us, so we can support you when needed and advise you of any additional products or services you may need or may be appropriate for you.

Third party data: As well as your own personal data, we understand that you may need to provide us with personal data relating to third parties – depending on the services we are providing to you. We hold all such information under strict confidentiality obligations, as set out in our terms of business.

We maintain high levels of security and confidentiality with respect to data you supply to us.

Financial and credit details: We do not routinely keep credit scores nor use credit reference agencies.

When you pay us by BACS or direct transfer, we receive limited information about your organisation from our bank, usually the name of the entity who paid us and how much and the reference number. Only in the case of a client that is a partnership would this involve any processing of personal data.

Our basis of processing: Our lawful basis of processing your data is that our processing is necessary for the purposes of our legitimate business interests (namely establishing and maintaining the business relationship with your employer), and that our processing will not override your interests or your fundamental rights or freedoms.

Normally our services involve reviewing and auditing aggregated data, but it is possible that during our audit processes we come across identifiable personal data elements. Merely having access to such data elements is included in the definition of “processing” personal data, and accordingly is covered by this policy.

When we are processing data about you because it is necessary for us to do so to provide services to a client, depending on the circumstances we may be acting as ‘data processor’ (and operating under the banner of our client’s data privacy policy), or we may be ‘data controller’ (and operating under our own privacy policy).

If our client is the data controller, we will act as directed by them.

If we are the data controller, we will act in accordance with your statutory rights, subject to the exclusions and exemptions that may apply in the circumstances of our processing of your data because we will be giving advice and providing auditing services to our client.

However, please be reassured that we operate under strict confidentiality obligations, and maintain strict security protocols with respect to all data that we hold.

Our basis of processing: Our lawful basis of processing your data is that our processing is necessary for the purposes of our legitimate business interests and that our processing will not override your interests or your fundamental rights or freedoms.

We collect information on potential and actual suppliers and associates.  This is mostly provided by you, but we do add to it the same kind of data we use for Prospects (see above).

If you become a supplier or associate we keep a copy of the contract between us and your bank details so we can pay you. We also keep a record of invoices/payments for accounting purposes.

We may disclose information about you and your experience in proposals to clients if we intend to use your services in support of a client project.

We keep a record of the work you undertook for us along with any comments, reviews or suggestions about that work including complaints (if any) and their resolution.

This information is all needed to manage the contract between us, support our client relationships, and manage our supply chain.

Our basis of processing: Our lawful basis of processing your data is, depending on the circumstances, that (a) it is necessary for performance of a contract with you, or in order to take steps at your request prior to entering into a contract with you, or (b) you have given your consent to that processing of your personal data.