NHS Financial Planner
Privacy & Data Protection

Privacy Policy

Your privacy and data security are our top priorities. Learn how we protect and handle your information.

Last updated: February 2025

Privacy at a Glance

Secure by Design

End-to-end encryption protects all your data

Full Transparency

Clear information about data collection and use

Your Control

Manage your privacy settings and data access

Introduction

William Roberts Coaching and Advisory Ltd ("we", "us", or "our"), a company incorporated in England (company number 15629688), operates NHS Financial Planner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

We take your privacy seriously and have implemented robust measures to protect your personal information while providing you with a valuable service for managing your NHS pension and financial documentation.

Jurisdiction and Governing Law

This Privacy Policy is governed by English law. Any disputes arising from or related to this policy will be subject to the exclusive jurisdiction of the courts of England and Wales. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Information We Collect

Personal Information

  • Name and contact information
  • NHS employment details
  • Email address
  • Password (encrypted)
  • Payment information (processed securely by Stripe)
  • Professional registration numbers (where applicable)
  • Employment history and workplace details

Usage Information

  • Log data and device information
  • Usage patterns and preferences
  • Uploaded documents and analysis results
  • Communication preferences
  • IP addresses and browser information
  • Session duration and interaction data

Cookies and Tracking

We use cookies and similar tracking technologies to provide and improve our service. You have full control over non-essential cookies through our cookie consent banner and settings.

Essential Cookies (Always Active)

These cookies are strictly necessary for the operation of our website. They enable core functionality such as security, network management, and accessibility.

  • Authentication: Session tokens, login status, CSRF protection
  • Security: Secure connection management, fraud prevention
  • Functionality: Language preferences, accessibility settings
  • Cookie Consent: Your cookie preference choices

Legal Basis: Legitimate interest - These cookies are essential for the website to function properly.

Functional Cookies

These cookies allow the website to remember choices you make and provide enhanced, more personal features.

  • Remembering your calculator preferences and settings
  • Storing your display preferences (dark mode, layout)
  • Personalizing content based on your professional role

Legal Basis: Consent - You can enable or disable these cookies through our cookie settings.

Analytics Cookies

These cookies help us understand how visitors interact with our website, helping us improve our service.

  • Sentry: Error tracking and performance monitoring
  • Page views, session duration, and user journeys
  • Feature usage and engagement metrics
  • Performance and load time measurements

Legal Basis: Consent - These cookies are only active if you accept analytics cookies.
Retention: Analytics data is anonymized and retained for up to 90 days.

Marketing Cookies

These cookies track your online activity to help deliver more relevant advertising or to limit how many times you see an ad.

Currently, we do not use marketing cookies. If we introduce them in the future, we will update this policy and require your explicit consent.

Managing Your Cookie Preferences

You have several options to control or limit how we and our partners use cookies:

  • Cookie Banner: When you first visit our site, you can choose to accept all, reject all, or customize your preferences
  • Cookie Settings Button: Click the cookie icon in the bottom-right corner of any page to update your preferences at any time
  • Browser Settings: Most browsers allow you to refuse or delete cookies through their settings
  • Do Not Track: We respect browser "Do Not Track" signals where applicable

Note: Blocking all cookies may affect your ability to use certain features of our website.

Third-Party Cookies

We use the following trusted third-party services that may set cookies:

  • Stripe (Payment Processing): Essential for secure payment processing and fraud prevention
  • Sentry (Error Tracking): Analytics cookie for monitoring application performance and errors

These services have their own privacy policies and may collect information as described in their respective policies.

How We Use Your Information

We use your information to:

  • Provide and maintain our services
  • Process your payments and subscriptions
  • Send you important updates and notifications
  • Improve our services and user experience
  • Analyse document contents for pension and financial insights
  • Respond to your inquiries and support requests
  • Comply with legal obligations
  • Prevent fraud and abuse
  • Enforce our terms of service

Data Security

We implement robust security measures to protect your personal information, including:

  • End-to-end encryption for sensitive data
  • Secure socket layer (SSL) technology
  • Regular security audits and updates
  • Strict access controls and authentication
  • Secure data storage with Supabase
  • Regular penetration testing
  • Employee security training
  • Incident response procedures

Data Retention and Deletion

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. You can request deletion of your account and associated data at any time. Upon deletion request:

  • Your account will be deactivated immediately
  • Personal data will be deleted within 30 days
  • Backup data will be removed within 90 days
  • Anonymized analytics data may be retained

Your Rights Under GDPR

Under the UK GDPR, you have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your information
  • Object to processing of your information
  • Receive a copy of your information
  • Withdraw consent at any time
  • Lodge a complaint with the ICO
  • Request restriction of processing
  • Data portability

To exercise any of these rights, please contact our Data Protection Officer using the contact information below. We will respond to your request within 30 days.

Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of our service after such changes constitutes your consent to the updated policy.

Questions About Privacy?

If you have any questions about this privacy policy or how we handle your data, please contact us.

Contact SupportView Terms of Service