Last updated: August 13, 2025

CW Mortgages (operating as Ian Smith, Mortgage and Protection Advisor) is part of Clarity Wealth Management LLP.

We are committed to protecting your privacy and ensuring your personal information is handled securely and in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and Financial Conduct Authority (FCA) requirements.

This Privacy Policy explains how we collect, use, share, and protect your personal data, as well as your rights under data protection laws.

1. Who We Are and Our Relationship with Clarity Wealth Management LLP

CW Mortgages is a trading style of Clarity Wealth Management LLP, authorised and regulated by the Financial Conduct Authority (FCA).

Clarity Wealth Management LLP is the data controller for most processing activities. CW Mortgages acts as an appointed representative and processes data on behalf of Clarity Wealth Management LLP for the purposes of mortgage and protection advice.

Contact details for data protection enquiries:

Ian S

mith
CW Mortgages / Clarity Wealth Management LLP
Registered in England and Wales No: OC371189
Tel: 01708 535 946
Email: iansmith@claritywm.co.uk

If you have concerns about our data handling, you may also contact the Information Commissioner’s Office (ICO) at www.ico.org.uk or call 0303 123 1113.

2. What Data We Collect

• Personal Identification Data – Full name, address, date of birth, contact details.
• Financial and Employment Information – Income, expenditure, credit history, employment details, mortgage details, insurance needs.
• Special Category Data – Health information relevant to protection policies (processed only with your explicit consent).
• Technical Data – IP address, browser type, and other website usage information via cookies.
• Communication Records – Notes from calls, meetings, and correspondence with you.

3. How We Use Your Data

We process your personal data to:

• Provide regulated mortgage and protection advice.
• Arrange and manage mortgage or insurance applications.
• Conduct credit checks and risk assessments (including using lender decision systems).
• Comply with legal, regulatory, and FCA requirements.
• Communicate with you about your application, policy, or enquiry.
• Send you relevant marketing communications (only with your consent).
• Improve our services, website, and customer experience.

4. Lawful Bases for Processing

We rely on the following lawful bases under UK GDPR:

• Consent – For marketing communications and processing special category data.
• Contract – To provide the services you have requested.
• Legal Obligation – To comply with FCA and other regulatory requirements.
• Legitimate Interests – To improve our services and respond to your enquiries.

5. Automated Decision-Making and Profiling

Some mortgage lenders and insurers use automated decision-making tools (such as credit scoring systems) to assess your application.

Where such automated decisions have a legal or significant effect, you have the right to request human review, express your point of view, and contest the decision.

6. Data Retention

We retain your personal data for as long as necessary to:

• Fulfil the purposes outlined above.
• Comply with FCA rules and legal obligations (typically a minimum of 6 years after the end of our relationship, but in some cases longer where required by regulation or for ongoing legal matters).

7. Sharing Your Data

We may share your personal data with:

• Mortgage lenders and insurance providers.
• Third-party service providers who assist in delivering our services (for example, compliance consultants, IT support, or document storage providers).
• Regulatory bodies such as the FCA.
• Legal or professional advisers.
• Clarity Wealth Management LLP group companies for compliance and service delivery.

We will never sell your personal data to third parties.

8. International Data Transfers

Where we use service providers based outside the UK (for example, secure cloud storage or email marketing systems), we ensure appropriate safeguards are in place, such as:

• Adequacy regulations recognised by the UK
• Standard Contractual Clauses (SCCs) approved by the ICO 

9. Your Rights Under UK GDPR

You have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data (where legally possible).
• Restrict or object to certain types of processing.
• Withdraw consent for marketing at any time.
• Request your data in a portable, machine-readable format.

10. Marketing Preferences

We will only send marketing communications if you have given us your consent. You can opt out at any time by:

• Clicking the unsubscribe link in our emails.
• Contacting us using the details above.

11. Data Security and Breach Notification

We have implemented appropriate technical and organisational measures to protect your data from loss, misuse, unauthorised access, or disclosure.

In the event of a personal data breach that poses a high risk to your rights, we will notify you and the ICO in accordance with legal requirements.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated to you, and the latest version will always be available on our website.