Privacy Policy

Website: chilterncowealth.com

Last updated: 24 March 2026

────────────────────────────────────────

  1. WHO WE ARE

Chiltern Corporation Wealth Limited (“we”, “us”, “our”) is a company

registered in England and Wales.

 Registered office:

Halbarne House

1 Cambridge Road

Beaconsfield

Buckinghamshire

HP9 1HW

 Email:    info@ChilternCoWealth.com

Website:  chilterncowealth.com

 We are authorised and regulated by the Financial Conduct Authority

(FCA), Firm Reference Number 1035953. You can verify this on the FCA

Register at https://register.fca.org.uk.

We are registered with the Information Commissioner’s Office (ICO)

as a data controller. Our ICO Registration Number is:

00013396711

────────────────────────────────────────

  1. OUR DATA PROTECTION OFFICER

Our Data Protection Officer (DPO) is contactable on the following email:

Email:    Info@ChilternCoWealth.com

Address:  Halbarne House, 1 Cambridge Road, Beaconsfield HP9 1HW

If you have any questions about how we use your personal data, or wish

to exercise your data protection rights, please contact the address or email above.

────────────────────────────────────────

  1. WHAT PERSONAL DATA WE COLLECT

Depending on how you interact with us, we may collect and process the

following categories of personal

Identity data

– Full name, title, date of birth, gender, nationality

– Copies of identity documents (passport, driving licence)

Contact data

– Home address, email address, telephone numbers

Financial data

– Bank account details, income, assets, liabilities

– Investment history, pension details, tax information

Suitability and fact-find data

– Employment status, investment objectives, risk appetite

– Financial circumstances, knowledge and experience

Compliance and regulatory data

– Source of funds, source of wealth

– Politically exposed person (PEP) status

– Sanctions screening results

Technical and usage data

– IP address, browser type and version, device information

– Pages visited, time and date of visits

– Cookie identifiers and consent records (see our Cookie Policy)

Communications data

– Correspondence by email, phone, letter or online form

– Records of meetings, calls and advice given

────────────────────────────────────────

  1. HOW WE COLLECT YOUR PERSONAL DATA

We collect personal data in the following ways:

Directly from you:

– When you complete a contact form on our website

– When you correspond with us by email, telephone or post

– When you engage us for financial planning or advice services

– When you complete fact-find or onboarding documentation

Automatically:

– When you visit our website (via cookies and technical data)

– See our Cookie Policy for full details

From third parties:

– Credit reference and identity verification agencies

– Companies House and other public registers

– The FCA Register and sanctions screening services

– Introducers or professional connections with your knowledge

────────────────────────────────────────

  1. WHY WE PROCESS YOUR PERSONAL DATA

We process your personal data for the following purposes and rely on

the following legal bases under UK GDPR Article 6 (and Article 9

where applicable):

PURPOSE: Providing financial advice and planning services

LEGAL BASIS: Performance of a contract / pre-contractual steps

             (Article 6(1)(b))

PURPOSE: Complying with Anti-Money Laundering (AML) and Know Your

         Customer (KYC) requirements under the Money Laundering,

         Terrorist Financing and Transfer of Funds Regulations 2017

LEGAL BASIS: Legal obligation (Article 6(1)(c))

PURPOSE: Complying with FCA regulatory requirements, including

         suitability assessments, record-keeping under SYSC, and

         regulatory reporting

LEGAL BASIS: Legal obligation (Article 6(1)(c))

PURPOSE: Complying with HMRC tax reporting obligations

LEGAL BASIS: Legal obligation (Article 6(1)(c))

PURPOSE: Responding to enquiries submitted via our website or

         contact channels

LEGAL BASIS: Legitimate interests (Article 6(1)(f)) — we have a

             legitimate interest in responding to enquiries from

             prospective clients

PURPOSE: Operating and improving our website, including cookie

         consent management and security

LEGAL BASIS: Consent (Article 6(1)(a)) for non-essential cookies;

             Legitimate interests for essential security processing

PURPOSE: Sending you information about our services where you have

         consented or where we have a legitimate basis to do so

LEGAL BASIS: Consent (Article 6(1)(a)) or Legitimate interests

             (Article 6(1)(f))

We will never process your personal data for a purpose incompatible

with the purpose for which it was originally collected without first

informing you and, where required, obtaining your consent.

────────────────────────────────────────

  1. WHO WE SHARE YOUR PERSONAL DATA WITH

We may share your personal data with:

Regulatory bodies and authorities

– The Financial Conduct Authority (FCA)

– HM Revenue & Customs (HMRC)

– The National Crime Agency (NCA) — where required under AML law

– The Information Commissioner’s Office (ICO)

Technology and service providers (data processors)

We use the following third-party processors who act under our

instruction and are bound by data processing agreements:

– GoDaddy (website hosting) — UK/EEA data centres

– Complianz (cookie consent management) — processes consent records

– TrustedSite (website security certification) — processes visit data

– Cloudflare (website security and performance) — processes

  technical/IP data

Professional advisers

– Solicitors, accountants or compliance consultants where necessary

  for the provision of services

Product and platform providers

– Investment platforms, pension providers and insurance companies

  where you have instructed us to arrange a product or service

We will not sell, rent or trade your personal data to third parties

for their own marketing purposes.

────────────────────────────────────────

  1. INTERNATIONAL TRANSFERS

We do not transfer your personal data outside the United Kingdom.

All data processors we use store and process data within the UK or

under UK-adequate data protection frameworks. If this changes, we

will update this Privacy Policy and implement appropriate safeguards

before any transfer takes place.

────────────────────────────────────────

  1. HOW LONG WE KEEP YOUR PERSONAL DATA

We retain personal data only for as long as necessary for the purposes

for which it was collected, or as required by law or regulation.

Our standard retention periods are:

Client records (advice, suitability, fact-find)

– Minimum 5 years from the date of the transaction or end of

  the client relationship, in line with FCA SYSC requirements

– Pension transfer records: minimum 6 years

AML / KYC records

– 5 years from the end of the business relationship, as required

  by the Money Laundering Regulations 2017

Website enquiry and contact form data

– 2 years from receipt, unless the enquiry leads to a client

  relationship (in which case client retention periods apply)

Cookie consent records

– 1 year from the date of consent, as required by PECR

Complaints records

– 3 years from the date the complaint was closed

After the relevant retention period, personal data is securely

deleted or anonymised.

────────────────────────────────────────

  1. YOUR RIGHTS UNDER UK GDPR

You have the following rights in relation to your personal

Right of access

You can request a copy of the personal data we hold about you

(a Subject Access Request). We will respond within one calendar month.

Right to rectification

You can ask us to correct personal data that is inaccurate or

incomplete.

Right to erasure (“right to be forgotten”)

You can ask us to delete your personal data in certain circumstances,

for example if we no longer need it for the purpose it was collected.

Note: this right does not apply where we are required to retain data

by law or regulation (e.g. AML or FCA record-keeping requirements).

Right to restriction of processing

You can ask us to restrict how we process your data in certain

circumstances, for example while a dispute about accuracy is resolved.

Right to data portability

Where we process your data by automated means on the basis of your

consent or a contract, you can ask us to provide it to you (or to

another organisation) in a machine-readable format.

Right to object

You can object to processing based on legitimate interests. We will

cease processing unless we can demonstrate compelling legitimate

grounds that override your rights.

Rights related to automated decision-making

We do not use solely automated decision-making (including profiling)

that produces legal or significant effects on you. If this changes,

we will update this policy and notify you accordingly.

Right to withdraw consent

Where processing is based on your consent, you can withdraw it at any

time. Withdrawal will not affect the lawfulness of processing carried

out before withdrawal.

How to exercise your rights

To exercise any of the above rights, please contact our DPO:

Andrew Twells

Email:    Andrew@ChilternCoWealth.com

Address:  Halbarne House, 1 Cambridge Road, Beaconsfield HP9 1HW

We will respond within one calendar month. We will not charge a fee

for reasonable requests, but we may charge a reasonable fee or refuse

to act on requests that are manifestly unfounded or excessive.

────────────────────────────────────────

  1. COOKIES

Our website uses cookies. For full details of the cookies we use,

why we use them and how to manage your preferences, please see our

Cookie Policy at chilterncowealth.com/cookie-policy.

────────────────────────────────────────

  1. HOW TO COMPLAIN

If you are unhappy with how we have handled your personal data, we

ask that you contact our DPO in the first instance so we can try to

resolve the matter.

If you remain dissatisfied, you have the right to lodge a complaint

with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF

Website:   www.ico.org.uk

Telephone: 0303 123 1113

────────────────────────────────────────

  1. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes

in law, regulation or our data processing practices. The “Last updated”

date at the top of this page will show when it was last revised.

We will notify you of significant changes by posting a notice on our

website or, where appropriate, by contacting you directly.

────────────────────────────────────────

An Icon of Elena Blair, an employee at Chiltern Corporation

Elena Blair

Elena holds the MCIPD qualification and has a wealth of HR, governance and compliance experience within blue chip multinational organisations. Committed to good practice, she strives to provide pragmatic and balanced advice and has great awareness of Corporate Social Responsibility. Elena has been acting as Vince’s personal PA and ran the Board Secretariat in his previous business.

An Icon of Lucy Tiddy, an employee at Chiltern Corporation

Lucy Tiddy

Lucy graduated from Manchester University and has spent most of her career in Financial Services. Her introduction to the industry was as a SIPP administrator at Legal & General, before progressing to SIPP manager responsible for implementing regulatory and tax changes. She then worked for a wealth management firm, before moving to Chalfont where she supports the Partners providing financial planning services to its clients.

An Icon of Andrew Twells, A partner in Chiltern Corporation

Andrew Twells

Andrew has 28 years of industry experience. After graduating from Cambridge University, Andrew trained as an actuary at Barnett Waddingham LLP where he became a partner and advised pension scheme trustees on funding and investment strategy. In 2011, he became Chief Executive Officer of its wealth management subsidiary, Barnett Waddingham Investments LLP which was acquired by Whitefoord LLP  in 2014. Andrew successfully integrated the business and was responsible for managing the Whitefoord SIPP. He subsequently served as Deputy CEO.  Andrew was closely involved in the Whitefoord’s compliance, governance and acquisition strategy.

An Icon of Vince Whitefoord, A partner in Chiltern Corporation

Vince Whitefoord

Vince qualified as an actuary in 1979 after graduating from Liverpool University and working for Duncan C Fraser, Consulting Actuaries and Crown Life Insurance Company. He set up an actuarial firm Whitefoord & Foden which provided pension trustee, actuarial and administration services. The firm was acquired by Abbey National Bank in 1995 and Vince continued working there for 3 years as Director of Actuarial and Consultancy and after he left as an employee, remained as Chair of their Pension Trustee Company for 15 years. In 2000, he formed Whitefoord Wealth Management, a private client investment and advice firm, where he worked as Chief Executive Officer until 2023.