Privacy Policy

Lloyds Independent Financial Services (LloydsIFS) is the data controller and is responsible for your personal data and this website.

We are authorised and regulated by the Financial Conduct Authority (FCA) under Firm Reference Number (FRN) 628264. We are registered with the Information Commissioner's Office (ICO) under registration number Z3416952.

Our office address is: 19 The Old Orchard, Farnham, Surrey, GU9 8UR, UK.

This document was last updated in June 2026. Previous archived versions can be requested by contacting our compliance officer.

To provide bespoke, professional mortgage and protection advice tailored directly to your life, we must process a variety of personal data. This enables us to cross-reference multiple lending criteria to deliver accurate recommendations.

We collect, use, store and transfer different kinds of personal data about you which are grouped as follows:

Note on Minors: We do not offer products directly to children. However, we collect children’s names and dates of birth when they are dependents affecting mortgage affordability or named on protection policies, as required by lenders.

We collect data using several transparent methods, including:

• Direct Interactions: You provide Identity, Contact, and Financial details by filling in application forms, typing messages to MIA on our homepage, uploading documents, or communicating with us by phone, email, video consultation, or post.
• Automated Technologies: As you navigate our website, we automatically collect Technical Data via cookies, server logs, and similar technologies. Please refer to our Cookie Policy for detailed settings.
• Joint Applicants: If you apply for a mortgage with a spouse or partner, we receive information about you from the main applicant. By doing so, you confirm you have authorized the submission of your data.
• Third Parties & Public Channels: We may gather identity, financial, or technical data from credit reference bureaus (e.g. Experian, Equifax, TransUnion), anti-money laundering portals, Companies House, the Electoral Register, or estate agents/new-build developers with whom you have consented to interact.

We will only process your personal data when permitted by law. Our primary legal bases are:

• Performance of a Contract: To arrange and progress mortgage or protection applications.
• Legitimate Interest: To optimize our advisory processes, manage your enquiries, prevent financial fraud, and maintain outstanding customer support.
• Compliance with Legal & Regulatory Obligations: To adhere to the strict rules enforced by the Financial Conduct Authority (FCA).
• Explicit Consent: Required to process special category medical history files for life protection, or to send out marketing updates.

Your rights regarding Consent: Where we process data based purely on your consent, you are free to withdraw that consent at any time. Simply write to us at info@lloydsifs.co.uk.

To complete your transactions and meet regulatory demands, we may share your data with the following classes of recipients:

• Mortgage Lenders & Protection Providers: To submit, underwrite, and secure agreement on your loan or protection contracts. (Note: These institutions act as independent data controllers and have their own privacy notices which you should review).
• Solicitors and Conveyancers: To coordinate key progress updates regarding your purchase, source of deposit checks, and identity validation files.
• Regulators & Legal Authorities: Specifically, the Financial Conduct Authority (FCA), the Information Commissioner's Office (ICO), and law enforcement bodies to fulfill our statutory reporting and compliance duties.
• Specialist System & Technical Contractors: We use specialized software providers (including credit reference checking software, secure email systems, CRM software, and calendar systems) to facilitate our daily operations.

We do not sell data: We do not allow any third-party service provider to use your personal information for their own independent marketing purposes. They are strictly bound to process your personal data on our behalf and in direct accordance with our written instructions.

We are based in the United Kingdom and store our core CRM data locally. However, some of the cloud technical services or software systems we utilize may be hosted in databases located outside the UK or the European Economic Area (EEA).

Whenever we transfer personal data out of the UK or EEA, we ensure a similar degree of security is provided by implementing at least one of the following protective safeguards:

• We only transfer data to countries that have been officially deemed to provide an adequate level of data protection by the UK government.
• We utilize specific Standard Contractual Clauses (SCCs) and International Data Transfer Agreements (IDTAs) approved for use in the UK, guaranteeing your personal data receives the exact same high standards of protection it has in the UK.

We have established strict security measures to protect your personal and financial information from accidental loss, disclosure, or unauthorized access. Access to your personal data is limited strictly to qualified brokers and administrative staff who have an absolute business need-to-know, and who are bound by confidentiality clauses.

We retain personal data only for as long as is necessary to fulfill the purposes for which it was originally collected, including the satisfaction of financial compliance audit rules.

Under UK GDPR and the Data Protection Act 2018, you have several powerful statutory rights:

• Request Access (Subject Access Request): You have the right to request a complete copy of all the personal information we hold about you.
• Request Rectification: You can request immediate correction of any incomplete, outdated, or inaccurate information we hold about you.
• Request Erasure ("Right to be Forgotten"): You can ask us to delete your personal data. However, please note that we may not always be legally permitted to erase all data due to overriding FCA compliance rules. We will notify you if this is the case.
• Object to Processing: You have the right to object to us processing your data when we rely on a legitimate interest, or if we use your data for direct marketing purposes.
• Request Restriction: You can ask us to temporarily suspend processing your personal data (e.g., while establishing its accuracy).
• Request Data Portability: We can provide your personal data to you or a named third party in a structured, machine-readable format.

There is **no fee** to access your personal data or to exercise your rights. We aim to process and reply to all verified requests within **one calendar month**.

If you have any questions about this Privacy Policy, wish to exercise any of your legal rights, or have a concern regarding how your data is handled, please contact us directly:

If you remain dissatisfied with our handling of your data, you have the absolute right to register a formal complaint with the Information Commissioner's Office (ICO), the UK's statutory regulatory body for data protection: