Privacy Policy

Last updated on 16 May 2018

Mulberry Bow LLP are committed to protecting your personal information.  It is important that you read this Privacy Notice before providing us with any personal information.

This document provides you with important information about the personal details we collect (your ‘personal data’), what we do with that information, who we share it with and why.  It also explains your rights in respect of the personal information you have given.

Who are Mulberry Bow

Mulberry Bow LLP (our Firm), is a Company Registered in England and Wales as a Limited Liability Partnership.  Our Registration Number is 0C397691 and our Registered Address is First Floor, Thavies Inn House, 3-4 Holborn Circus, London, EC1N 2HA.

Mulberry Bow LLP, provides initial and ongoing advice on Financial Planning, including investments, pensions and protection.  To carry out these activities, we must be authorised by the Financial Conduct Authority (FCA) and are subject to FCA regulation.  Our FCA number is 679587.

We are registered as a ‘data controller’ by the Information Commissioner’s Office (ICO).  This means we make decisions about what ‘personal data’ is required, how it is obtained and how it is processed.  Our ICO registration number is ZA123726.

How to Contact Us

If you have any questions about our Privacy Notice, or the personal information we collect or use, please contact;

Address: Mulberry Bow LLP The Cursitor 38 Chancery Lane, London, WC2A 1EN


Tel: 020 7832 0422

You should also contact us as soon as possible if you become aware of any unauthorised disclosure of your ‘Personal Data’, so that we may investigate and fulfil our own regulatory obligations.

What Information we collect

‘Personal Data’ is any information about a person which can, directly or indirectly, identify that person.  Your ‘Personal Data’ includes:

  • Information about who you are
  • Information connected to your service from us
  • Information about your contact with us, including records of correspondence

Your ‘Personal Data’ may also include data which is defined as being more sensitive such as your physical or mental health, racial or ethnic group or sexual orientation.  This is called ‘Special Category Data’ and we will request your explicit consent before processing this data.

The arrangement of certain types of insurance may also involve disclosure by you to us of information relating to historic or current criminal convictions or offences (together “Criminal Disclosures”).

In the context of providing you with our services, ‘Personal Data’ may include your:

  • Title, full name, date of birth, gender, permanent residential address and previous address (if you lived there for less than three years), nationality, civil/marital status, contact details (including telephone number and email address)
  • Supporting documents that are necessary to verify your identity for example Passport details, driving licence and utility bills, the outcome of these searches or other anti-money laundering due diligence
  • Employment and remuneration information, (including employment status, occupation, employer name and address, job title, salary/bonus schemes, overtime, benefit entitlements, National Insurance number), and your employment history
  • Bank account details, tax and residency information, loans and credit commitments, personal credit history, sources and levels of income and expenditure, sources of wealth, family circumstances and details of dependents
  • Details of your financial objectives for example expected retirement age
  • Health status and history, details of treatment and prognosis, medical reports
  • Any pre-existing pension, investment, mortgage, finance and/or insurance products and the terms and conditions relating to these
  • All communications we have with you (to or from you), including telephone calls, email, post or otherwise

In the course of providing our service to you, you may provide us with the personal data of other individuals for example your spouse, civil partner, children/dependents or parents.  To ensure we provide you with suitable advice, it is important we fully understand your personal and financial circumstances which may include personal data (including Special Category Data) from individuals who are financially dependent/financially interdependent, or your eligibility for future financial benefits such as an inheritance.

If you provide this to us, you are responsible for ensuring that you are entitled to provide this information and have informed those individuals of who we are, how we collect, use and process personal data as detailed in this Privacy Notice.  Information provided by you in respect of other individuals will only be used for the reason you have given it.

How Mulberry Bow uses your Personal Data

We will only collect and use your ‘Personal Data’ where it is necessary, fair and lawful to do so.  We must have a valid lawful basis to process personal data as shown below.

We will only collect and use your information:

  • To Comply with Legal Obligations – It is necessary to meet our common law/statutory (including regulatory) obligations.

For example, for the detection and prevention of crime, where we are required to do so by our regulators including the FCA (such as obtaining relevant data on your personal and financial circumstances to enable us to provide suitable and informed advice) and the ICO or HMRC or for wider compliance with any legal or regulatory obligation to which we might be subject

  • To Fulfil Contractual Obligations – It is necessary to meet our contractual obligations to you of if you ask us to do something before entering into a contract.   Our contract with you does not have to be a formal, signed document.  When we speak with you about your requirements, we do so on the basis that both parties are entering into a contract for the supply of services.

For example, providing you with financial advice, arranging products or services, obtaining existing policy information and meeting our ongoing servicing commitments to you.

  • To Meet Legitimate Interests – It is necessary to meet our legitimate interests (or those of third parties), in ways you would expect your data to be used, and your interests do not override those legitimate interests.

For example, to ensure network and information security, to detect, investigate and prevent crime, to provide management information for corporate governance and risk management purposes, for accounting, auditing or professional insurance purposes, to receive professional advice, to defend or exercise our legal rights, to respond to requests or complaints or to assist with debt recovery

  • For Insurance Purposes (in the substantial public interest) – It may be necessary to process sensitive data or criminal disclosures for advising on or arranging insurance contracts (a contract of general insurance or long-term insurance) and for fraud management purposes.    Insurance contracts are very important to provide you (and your family) with the protection you may require.

For example, if we are providing our advice on the establishment of life cover, it will be necessary for us to obtain health information from you and share this with the insurance providers.  Your health will have an impact on your ability to arrange and obtain cover, the premiums you pay or the most appropriate contract for you.

  • Or Where we have your Consent – You have given us explicit consent to process your data

We will obtain your consent before processing Special Category Data (other than detailed above) or details about criminal offences.  We will also obtain consent before providing marketing/promotional communications.

You can withdraw/change the basis of any consent you may have provided

How Mulberry Bow collects your Personal Data

We will usually collect your ‘Personal Data’ directly from you, from a variety of sources including:

  • Meetings with an employee/Partner of Mulberry Bow
  • Telephone, email, letter or other correspondence
  • Application Forms for a product or service

We may also obtain some information from third parties, for example:

  • Electronic Identification checks
  • Searches of information in the public domain such as the voters roll or Companies House
  • Existing policy information (only where you have signed a letter of authority for them to share this information with us)
  • Other professional advisers you have appointed and authorised to provide us with information e.g. accountants/solicitors
  • Your employer, on your behalf
  • Police, HMRC of other government agencies who contact us.

What Mulberry Bow does with your Personal Data

In the course of handling your ‘Personal Data’, we will:

  • Record and store Your Personal Data in our paper files, mobile devices and on our computer systems (websites, email, hard drives, and cloud facilities). This information can only be accessed by employees and consultants within our Firm and only when it is necessary to provide our service to you and to perform any administration or compliance tasks associated with or incidental to that service
  • Comply with our legal or regulatory requirements
  • Undertake checks such as identity verification to enable us to comply with your anti money laundering obligations and for the purposes of crime and fraud prevention and in protection of our legal rights.
  • Submit Your Personal Data to Product Providers (pension, investment, protection providers as well as mortgage and commercial lenders) both in paper form and on-line via a secure portal. The provision of this information to a third party is essential in allowing us to progress any enquiry or application made on your behalf and to deal with any additional questions or administrative issues that providers and mortgage lenders may raise
  • Use Your Personal Data for the purposes of responding to any queries you may have in relation to any product you may take out, or to inform you of any developments in relation to those products and/or polices or comply with our obligations arising from any contracts entered into between you and us (including notification of changes to our services)

Sharing your Personal Data

We may share your ‘Personal Data’ with third parties for the purposes set out in this privacy notice.  We share information to ensure we can adequately fulfil our responsibilities to you, and otherwise as detailed in this Privacy Notice, and require your ‘Personal Data’ is it kept confidential.

Sharing of your ‘Personal Data’ does not entitle such third parties to send you marketing or promotional messages.

These third parties include:

  • Pension & Investment Providers, Fund Managers, Mortgage lenders, Finance lenders and, Product providers, insurance providers to enable us to obtain a quote or illustrations for you or provide you with related services
  • Third parties we have chosen to support us with your enquiry, application or delivery of the service we offer to you e.g. research, consultancy, product specialists, compliance services, insurers and underwriters, professional advisers, estate agents, providers of legal services or technology companies;
  • Our regulators and Supervisory Authority e.g. the Financial Conduct Authority (FCA) and the Information Commissioner’s Office for the UK (the ICO)
  • Law enforcement, credit and identity check agencies for the prevention and detection of crime
  • Third parties selected by you and for whom you have given prior consent for us to share information

We will never sell your details to someone else. Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.

Transfers outside of the European Economic Area

We do not envisage that providing you with our professional services will result in us transferring your Personal Data outside the European Economic Area (EEA).

Service provider or other third parties we share your data with, may process data outside the EEA.  We take steps to ensure that that in the event your information is transferred outside the EEA, appropriate measures and controls are in place to protect that information in accordance with applicable data protection laws and regulations in the UK.

Protection of your Personal Data

Your privacy is important to us and we will keep Your Personal Data secure in accordance with our data protection obligations.

We will take reasonable steps to safeguard Your Personal Data against it being accessed unlawfully or maliciously by a third party. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied.

We also expect you (or the agents you have authorised to share data) to take reasonable steps to safeguard your privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.

Retention of your Personal Data

Your ‘Personal Data’ will be retained by us either electronically or in paper format for a minimum of six years, or if longer than six years, the duration of this Firm’s relationship with you or, where required, to meet our legal and regulatory obligations which may for an indefinite period.

Where we retain your Personal Data, it will be safeguarded and used only for the purposes detailed in this Privacy Notice.

Use of Google Fonts Web API

Our website utilises Google Fonts API to provide a unified and visually pleasing textual experience for our users. Google Fonts is a service offered by Google LLC (“Google”) that allows websites to utilise high-quality fonts.

By using Google Fonts, some information may be transferred to Google servers, which may be located in other countries. This section outlines how Google collects and uses data in relation to the Google Fonts Web API.

Data Collection by Google

When you visit a page on our website that uses Google Fonts, your web browser automatically sends a request to Google’s servers. This request may include the following information:

  • IP Address
  • Browser type and version
  • Operating System
  • Referrer URL
  • The time of the request

This data is primarily used by Google to serve the font files to your browser and to improve the overall service quality.

Google may also use this data for the purposes of analytics and to enhance user experience. The data is processed in accordance with Google’s Privacy Policy, which you can review for further details: Google’s Privacy Policy.

If you are concerned about the data collection practices associated with Google Fonts, you may choose to disable the Google Fonts service through browser settings or use browser extensions designed to block such features. However, doing so may affect the appearance and functionality of our website.

Updates to this Section

We reserve the right to update or amend this section at any time to reflect changes in our practices or amendments to Google’s terms of service or privacy policy. We recommend reviewing this section periodically for the latest information on our use of Google Fonts.

Your rights

You have a number of rights in relation your personal data:

  • The right to be informed – including to receive clear and easy to understand information on the personal information we collect, why we collect it, what we do with it and who we share it with.  This is the purpose of this Privacy Notice.  If you require additional explanation, please contact us.
  • The right of access – you can request copies of your ‘Personal Data’ under our control, via a Data Subject Access Request
  • The right to rectification, erasure or restrict processing – you can ask us to correct, delete or require us to restrict or stop using your ‘Personal Data’ (the extent to which we can do this will be provided at the time of any such request)
  • The right to data portability – you can ask us to send an electronic copy of the ‘Personal Data’ you have provided to us to another organisation
  • The right to object – you can contact us directly if you have a concern or complaint as detailed under ‘how to contact us’
  • Where processing is based on consent, the right to withdraw your consent at any time

You also have rights in relation to any automated decision and profiling systems which do not involve human intervention. Mulberry Bow LLP does not use any automated decision or profiling systems.

If you choose to exercise any of your rights as detailed in our Privacy Notice, we will let you know if we cannot deal with your request or will action it in different way.

Please contact us if you wish to exercise any of these rights.  There will not ordinarily be a fee for this. 

How to make a complaint

If you do not believe we have handled any concerns or complaint in respect of your Personal Data as detailed in this Privacy Notice, you may lodge a complaint with the UK’s data protection regulator, the Information Commissioner’s Office (ICO):

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.