Privacy Statement

Effective from: May 25, 2018
Last Updated: February 10, 2022

We take your privacy seriously. This Privacy Statement explains what personal information we collect and how we use it. We know there’s probably other things you’d rather be doing; but we recommend you read this through carefully and get in touch with us if you have any questions about it.

Prosperity Solutions Company Limited (PSCL) is a UK mortgage broker, insurance broker and consultancy firm. PSCL takes your privacy seriously and takes every reasonable precaution to safeguard the personal information you supply to it.

1. About Prosperity Solutions Co Ltd (PSCL) and how you can contact us
This Document includes important information about how we use your personal data. If you want to talk to us more about it, you can get in touch using the details below.
Prosperity Solutions Co. Ltd (PSCL) is a Company limited by shares. Our registered address is 11 Portmeadow Walk, London, SE2 9UL. You can find out more about us on our website

To help ensure we meet all our obligations we have appointed a Data Protection Officer (DPO). If you have any questions or concerns about how your personal information is being used, you can contact the DPO.

Tel: 020 7112 8162


Writing to:

The Data Protection Officer
Prosperity Solutions Co. Ltd.
11 Portmeadow Walk

You can also obtain information and advice from the Information Commissioner who is the independent regulator appointed by Parliament to oversee compliance with data protection and information rights:

PSCL is registered with the Information Commissioner (registration number Z9629780)

2. What information we collect and how we use it

We want to give all our customers the best standard of service we can and are serious about protecting your personal information. Please read on to find out what information we’ll need from you, how we use your personal information to make our products and services as effective as possible and how we look after it, including our Cookies policy.

Information we collect directly
Mortgage Customers

One of our core businesses is acting as a mortgage broker. This involves searching against the lenders we deal with to find the mortgage that best suits your circumstances. We do this when you call us by asking you about your identity and contact details; your product preferences; your property and tenancy history and types and number of occupants and their relationship to you; your lifestyle; nationality and residence status; employment, income and expenditure and other financial circumstances. How you answer these questions will determine what other questions we ask you because different lenders serve different parts of the market and have different eligibility criteria. We will always explain the process to you and answer any questions you may have about why certain types of information may be needed.

When you apply for a mortgage through us we will collect your direct debit details to pass on to your lender. If the products you select involve a cost, such as a valuation fee, we will ask for your payment information.

Mortgage lenders are data controllers in their own right and have their own privacy notices. However, because lenders may automatically profile your information against their lending criteria and against Credit Reference Agencies as soon as your information is forwarded to them and this may affect your credit score, we will always bring this to your attention as part of the process so that you are forewarned. We will also make you aware in advance when lenders are likely to debit any funds from your accounts.

Insurance Customers

Our other core business is general insurances.  These will include property, shops, income, health and life related insurance etc. Where customers express an interest in general insurances we will also collect information about the property, personal health etc. as this is necessary so that the insurers we deal with can determine cover and premiums.

Business Consultancy Customers

Our service includes consultancy. In order to provide this service, we may need to collect information about the business situation. The information required will vary subject to individual circumstances.

Vulnerable Customers

Apart from the information customers provide us directly we may also record information about potential vulnerabilities where we think this is appropriate to meet the obligations placed on us by the Financial Conduct Authority (FCA) with regard to vulnerable customers. You can find our more about our obligations to potentially vulnerable customers here:

Updating Your Details

If you are a pre-existing customer we may use the information we have on you to pre-fill forms when you apply for a new product, but we will always check that these details are accurate and up to date.

However, if you’ve opened any account or policy with another organisation that we introduced you to, you will need to contact them separately to update your information.

Marketing and Market Research

We may use your information to contact you about other products that match your profile and may be of interest to you. Where we seek consent to do this we make sure we are clear about what methods we can use to contact you. We make sure you are able to opt out of marketing communications at any time in a way that is convenient to you, including the method you used to contact us. Where we use online advertising platforms the data you supply to us will be matched by them to any profile they have of you.

We may contact you to conduct market research. We occasionally run promotions, competitions and prize draws but if we ask you for your contact details we will ensure these are not used for marketing unless you are happy to consent to that separately.

Money Laundering and preventing and detecting unlawful acts

We are required by law to submit a Suspicious Activity Report to the National Crime Agency whenever we detect a risk of money laundering or fraudulent activity. The law also permits us to report suspected crime to the appropriate authorities.

We are also required to disclose personal data where required to do so by law or by the order of a court.

We have discretion to disclose personal data where this is necessary for protecting the public against dishonesty.

Cookies on our website and analytics

 We collect data on how you use our website so that we better understand your interests and can match products to your needs.

We use personal data for analytical purposes to understand trends and how the business works but the reports we produce do not identify individuals.

Our Cookies policy found here explains what cookies we use:

Social Media

As a business we monitor what the public are saying about us on social media such as Facebook and Twitter, so that we can build these comments into improving our products and the ways we interact with customers.

Information that we collect indirectly

When any of our customers apply for a product, the law requires us to check their identity. This makes it harder for criminals to use financial systems, or to use false names and addresses to steal the identities of innocent people. Checking everyone’s identity is an important way of fighting money laundering and other criminal activities.

To confirm that you are who you say you are, we’ll try to verify your name and address by checking your details against databases held by credit reference agencies and the electoral roll. If we can’t verify your name and address in this way, we may ask you to provide us with other documents to confirm these details. This does not affect you credit history or status.

If you are a joint mortgage applicant we will record any information you give us about any other persons who are joined to the application.

If you are referred to us by an Estate Agent our data collection form includes a free form data field that some Estate Agents use to add comments about potential purchases.


We use the information we have about you to provide all the aspects of our service you would expect such as contacting you to prompt you with reminders about renewals and to help resolve any complaints or investigations.

We may also disclose information where permitted by law in connection with the resolution and pursuit of legal rights and disputes or complaints.

Automated Decision Making

We do not make fully automated decisions. Our service is to provide the information to lenders and insures so they can make a decision about the product you have selected.


If you give us a good review we may contact you to ask you if you would like to publicise your review.

3. What are the legal grounds for handling personal information?

We understand that personal information is just that – personal. So when we process your personal data, we make sure we satisfy the conditions prescribed by data protection laws to do so. This section covers what those conditions are.

The law says we must have a legal basis for processing personal data. There are six standard data processing grounds or conditions for processing personal data Where we process what is called ‘special category data’ (information about health, genetic or biometric data etc.) we must additionally have a special category condition or ground for processing your personal data.

We rely on the following conditions for the activities indicated.

Legitimate Interests

In most cases, you’ll provide the information covered in section 2 because you want to use our services. Ordinarily for a business this would mean that the condition for processing is contractual. However, this condition only applies where a legal contract exists between the parties concerned. Because we act as an intermediary this condition is not available. We therefore rely on what is called the ‘legitimate interests’ ground for processing. The law provides we can use your information under this condition where our interest in using it is not outweighed by your privacy rights or interests. This means that we can use your personal data only in ways you would reasonably expect and which have a minimal impact on your privacy, or where there is a compelling justification for the processing.

We rely on this condition for the uses we identify in section 2, except where we indicate below that another condition is more relevant.

In the case of mortgage and insurance applicants the legitimate interest condition applies because you have requested the service in question and can withdraw at any time. We also rely on this condition to process any details joint mortgage applicants give us about the other applicants. When we write to the first applicant we draw to their attention what they need to say to joint applicants. Applicants should be aware that lenders will not proceed with any mortgage without the written consent of any occupant of the current property who is aged over 17.

Increasingly we base our marketing and market research on consent but where we rely on legitimate interests we think this is fair because we only contact existing customers or people who have contacted us directly.  Should you wish to opt-out, just send us an email stating your request to no longer be contacted to We think it is fair to use social media in the way we describe in section 2 because this is publicly available information and we do not use the data to profile or make decisions about individuals. Our interest is in what is said about us not who is saying it.


In order to use your personal data on this basis your consent must be freely given, specific, informed and unambiguous. We rely on this condition for the following purposes:

  • Where we need information to provide you with additional services or features
  • Direct Marketing – To let you know about products, services and offers from PSCL. (We also market to customers who have enquired to use our services under the legitimate interests condition) or
  • Market research – Where we invite you to participate in market research. Any feedback you provide is used only with your consent.
  • Administering prize draws, competitions, surveys and other promotional activities.
Explicit Consent

We need what is called explicit consent where we rely on consent to process what is called sensitive or special category personal data.

  • Health data in connection with life policies
Complying with a legal obligation
  • Money Laundering reports
Public Interests & Substantial Public Interest Tasks
  • Processing health data in connection with vulnerable customers
  • Reporting fraud and other suspected crimes to the appropriate authorities.
  • Suspicion of terrorist financing or money laundering
  • Protecting the public against dishonesty
  • Insurance and data concerning the health of relatives of an insured person
  • Processing personal data in connection with contracts that we hold with contractors and suppliers.
4. Who we share your personal information with
 To provide our services to you, we’ll sometimes need to share your personal information with relevant organisations – such as lenders, insurers and fraud prevention agencies.

To fulfil our contractual obligations, we’ll also share your personal data with the following third parties:

  • Mortgage lenders, mortgage networks, mortgage sourcing providers
  • Life insurers, insurance networks, insurance sourcing providers, insurance administrators
  • Estate agents (if you were introduced to us by one of our estate agent partners)
  • Solicitors, Accountants, SurveyorsIf you no longer wish us to share your data with any of these organisations, you may withdraw your consent at any time.

Both the above sets of organisation are each data controllers in their own right and will have their own Privacy Notices that will tell you about how your personal data will be used by them.

We may disclose information to either the Financial Service Ombudsman or the Financial Conduct Authority where they request this to resolve complaints, or our auditors in connection with their duties.


5. Where in the world do we send information?

As a UK based company, all the personal information we process is protected by European data protection standards. And, if we ever have to send data overseas, we take care that it’s covered by the same high standards.


6. Your Information Rights

It’s really important that you understand your legal rights in relation to your personal information – as well as how you can contact us if you have any questions or concerns. This section covers just that.

The following is a list of the rights you have under Data Protection legislation. Not all these rights apply in all circumstances but we will be happy to explain this to you at the time you ask. Independent advice about your rights can be obtained from the Information Commissioner (see Section 1.)

All these rights can usually be exercised free of charge and generally speaking we must respond within one month. If we need longer to respond we will explain why this is necessary within the one month period and tell you more about any rules that affect how you can exercise your rights.


You have the right to be informed in a concise, transparent, intelligible and easily accessible way about how we use your personal information. We will explain why we need information (in particular any uses that are not obvious) at the time we collect information from you and make sure that all our data collection forms and letters point you to this Privacy Notice.


You can make what is called a subject access request for a copy of the information we hold about you.

We must also tell you why we have the information, what types of information we collect; who we share it with and whether, in particular, any of those recipients are outside the European Economic Area; how long we will keep your information for; where the information came from, if we didn’t collect it from you directly; the details of any automatic decision taking and about your rights of complaint to the Information Commissioner.


You have the right in some circumstances to have the data you have provided to us sent to you or provided to another person or business in an electronic machine readable format. Where this applies we will download the information and send it as a CSV file.


You have the right to have inaccurate information corrected and incomplete information completed. If the information we need to deliver our services to you changes please tell us about this as soon as possible.


You will normally have the right to object to how we intend to use your information based on your individual circumstances.

You have an absolute right to object to us using your personal information for the purpose of direct marketing at any time.


If you have objected or complained about how we have used your information or its accuracy you may not want it to be deleted until your complaint has been resolved. In certain circumstances you can ask for your data to be restricted or not used until these issues are resolved.


You have a right to have some or all of the information we hold about you erased in some circumstances. This is known as the right to be forgotten.


This right only applies where a decision which has a legal or similar effect is DECISION MAKING taken about a person by automated means without any human intervention.

Where such decisions are made individuals have a right to ask for the decision to be reviewed and the data controller must make sure appropriate safeguards are in place. However, PSCL does not make automated decisions about any of its clients.


If we are processing your personal information on the basis of your consent you have the right to withdraw that consent at any time.


You have a right of complaint to the Information Commissioner (the Supervisory Authority) if you consider any aspect of PSCL’s use of your personal information infringes the law. Section 1 provides the contact details.

However, PSCL will want to put matters right wherever we can and we would hope that you will contact us in the first instance. You can exercise your data protection rights or complain about how we are processing your personal information by contacting the Data Protection Officer as set out in Section 1.

If your complaint is about the administration, or terms and conditions of a product sold by us but provided by a lender/insurer, you may need to contact them about it. If needed, we’ll forward details of your complaint to the insurer concerned, as well as giving you their contact details.

To help make sure you always speak to the right person about your complaint, if it looks like another company will be better able to handle your case, we’ll let you know how to contact them. We’ll also send details of your complaint to them, to get them up to speed.


7. How we keep your personal information secure

We’re committed to keeping your personal information safe and sound. In this section, you’ll read about the security measures we take to protect our customers’ data.

At PSCL, we understand how important it is to keep your personal information secure. We use a variety of technologies and procedures to protect your personal information from accidental or unlawful breaches of security. These include physical, organisational, and technological measures.

All information we process is encrypted in transit so that your personal and financial information is secure. For example, where you share information with us online or we forward this to other organisations online we use HTTPS.

As covered in section 4, we have to share your information with third parties to carry out some of our services, including lenders and insurers amongst others. We require every third party that we share information with to apply appropriate security safeguards and comply with all the required laws and standards for protecting personal information.

8. How long do we keep your personal information for

We only keep your personal information for as long as we need to. This section explains how long the different types of records will be kept.

To ensure that we are able to meet our legal, regulatory and customer obligations, PSCL will retain client information for the following time periods:

  • If you become a client of a lender/insurer as a result of the advice we provide to you, we will keep a full record of your interactions with us for your lifetime plus a reasonable period to enable us to meet our regulatory obligations to evidence we gave suitable advice and to enable us to answer any complaints that may arise as a result of our advice. In practice this means that we will keep your records for no longer than 100 years after you last transact with us
  • If, as a result of our advice, you make an application to a lender/insurer but do not ultimately become a client of that institution, we will keep a full record of your interactions with us for 6-years to meet our obligations under UK Money Laundering regulations.
  • If we provide you with advice on a financial product, but you do not engage our services to make an application to a lender/insurer, we will keep a full record of your interactions with us for 3-years, to enable us to meet our regulatory record keeping obligations regarding evidencing suitability of our advice.
  • If we collect personal information from you, but are unable to provide you with suitable advice, then we will keep a full record of your interactions with us for 1-year to facilitate an easier interaction between us if you re-engage our services within this period.
  • If you request we contact you in relation to our service by providing us with your name and a contact method (e.g. phone, email) through an enquiry form (either on our own, or a 3rd party website) we will use our best endeavours to contact you as soon as possible. If we are unable to make contact with you, we will retain this information for a period of 90-days from the time we de-activate your lead in our database, to ensure we can fulfil our contractual obligations to our lead partners.

Delivering Professional Services You Can Trust

Scroll to top