Last updated: June 2026 | PRL-017 | Version 2.0
This privacy notice explains how we collect and use your personal data when you visit equityreleaseadvice.co.uk, submit an enquiry, or contact us. It also tells you about your rights and how the law protects you.
equityreleaseadvice.co.uk is operated by Lead Technologies (Europe) Limited (referred to in this notice as Lead Tech, we, us or our). We are a lead generation business. We are not authorised to give financial advice. Our role is to take your enquiry and connect you with a suitable FCA-regulated financial adviser or equity release specialist.
When we connect you with an adviser or specialist, they will contact you directly. At that point they become an independent data controller for any information you share with them directly, and their own privacy notice will apply. We encourage you to request and read it.
This website is not intended for anyone under the age of 18 and we do not knowingly collect personal data from children.
Please read this notice carefully. You can use the section headings below to navigate to the areas most relevant to you. A Glossary at the end explains key terms used throughout.
1. Who We Are
Full legal name: Lead Technologies (Europe) Limited
Trading name: Equity Release Advice
Registered address: Pool Business Park, Pool Road, Pool in Wharfedale, Otley, LS21 1FD
Data Protection Officer (DPO): [email protected]
FCA registration number: 947409
If you have any questions about this notice or how we handle your data, please contact our Data Protection Officer (DPO) using the details above.
You also have the right to complain to the Information Commissioner’s Office (ICO) at any time. We would appreciate the chance to address your concerns first, so please contact us before approaching the ICO. You can reach the ICO at www.ico.org.uk or on 0303 123 1113.
2. The Data We Collect About You
Personal data means any information from which a living individual can be identified. We collect different types of data depending on the nature of your enquiry.
Data you provide to us
Contact and identity data: full name, date of birth, email address, telephone number, and full home address. This is collected from all users who submit an enquiry.
Property data: information about your property relevant to your equity release enquiry. This may include the approximate value of your home, the type of property you live in, whether you have an outstanding mortgage, and if so, the approximate balance remaining.
Data we collect automatically
Technical data: IP address, browser type and version, time zone, operating system, and device information, collected automatically when you use our website.
Usage data: information about how you interact with our website, including pages visited and time spent.
Data from third parties and advertising platforms
We receive data from third-party platforms we use to run and measure our advertising campaigns. This includes:
• Google Analytics and Google Ads: we use Google Analytics to understand how visitors use our site and Google Ads to run advertising campaigns. As part of this, we use Google’s Enhanced Conversions for Leads (EC4L) feature, which allows us to share hashed (encrypted) contact information such as email address and phone number with Google to measure whether our advertising activity leads to enquiry submissions. This data is transmitted securely server-to-server and is used solely for conversion measurement on our behalf.
• Meta (Facebook and Instagram) Ads: we use Meta’s advertising platform to run campaigns. Through Meta’s Conversions API (CAPI), we share hashed contact information with Meta server-to-server to measure the effectiveness of our advertising. This is used solely for attribution and campaign measurement.
• Analytics and optimisation tools: we use tools including Google Analytics, Microsoft Clarity and VWO to analyse how users interact with our website and improve user experience.
In all cases where contact data is shared with advertising platforms, it is hashed before transmission. Hashing is a one-way process that converts data into a protected code. While hashed data cannot be directly read, it can be matched by a recipient who holds the original data for verification purposes, such as confirming whether an advertising campaign led to an enquiry submission. Hashed data remains personal data and is handled accordingly.
Aggregated data
We may collect, use, and share anonymised or aggregated data (for example, to understand what percentage of visitors request a certain type of advice). This is not personal data. If we ever combine aggregated data with your personal data in a way that could identify you, we will treat it as personal data under this notice.
3. How We Use Your Data
We only use your personal data where the law permits. The table below sets out each purpose, the data used, and the lawful basis we rely on.
|
Purpose / Activity |
Type of data |
Lawful basis |
|
To process your enquiry and connect you with a suitable FCA-regulated financial adviser |
Personal Data Property data |
Performance of contract (Article 6 UK GDPR), Legitimate interests (to ensure enquiries are directed to the most suitable adviser for the user's needs) |
|
To contact you by phone or email to qualify your enquiry and ensure you are connected with the most appropriate adviser for your needs |
Personal Data Property data |
Performance of contract, Legitimate interests (to verify enquiry details and improve the quality and accuracy of adviser matching) |
|
To manage our relationship with you, including notifying you of changes to our terms or this notice, and requesting reviews or survey responses |
Personal Data Profile Data |
Performance of contract, Legal obligation, Legitimate interests (to maintain an accurate and up to date relationship with you and improve our services) |
|
To record and retain calls for compliance, quality assurance, dispute resolution and training purposes |
Personal Data Call recordings |
Legal obligation, Legitimate interests (to maintain service quality, resolve disputes, and fulfil our obligations as an FCA appointed representative) |
|
To deliver relevant website content and advertising, and to measure the effectiveness of our advertising campaigns, including through EC4L and CAPI (see Section 2 for further details) |
Personal Data (hashed) Technical Data |
Legitimate interests (to measure and improve the effectiveness of our advertising campaigns and grow our business), Consent (PECR-compliant consent is required for non-essential advertising cookies prior to any such data being collected) |
|
To analyse how visitors use our website and improve user experience, including through analytics tools |
Technical Data Usage Data |
Legitimate interests (to understand how our website is used and to improve its performance and user experience), Consent (PECR-compliant consent is required for non-essential analytics cookies prior to any such data being collected) |
|
To use data analytics and AI-assisted tools to improve our website, services, and adviser matching |
Technical Data Usage Data Profile Data |
Legitimate interests (to improve our website performance, service quality, and the relevance of adviser matching) |
|
To administer and protect our business and website, including security monitoring, troubleshooting, and system maintenance |
Personal Data Technical Data |
Legitimate interests (to keep our systems secure, ensure business continuity, and protect against unauthorised access or misuse), Legal obligation |
|
To process sensitive personal information voluntarily disclosed by a user in connection with a vulnerability or accessibility need, in order to provide appropriate support and direct them to the most suitable adviser. |
Special category data (as voluntarily disclosed) |
Explicit consent (Article 9 UK GDPR) |
When your enquiry is passed to an adviser or specialist, they may contact you about their own products and services. Any such communications are the responsibility of the adviser or specialist. They will obtain any consents required directly from you and will handle your data in accordance with their own privacy notice.
Use of artificial intelligence
We use AI-assisted tools within our business to support operational and service delivery activities, including enquiry handling, internal quality review, and improving the relevance of adviser matching. All use of AI tools is subject to our internal governance framework and data protection controls. We do not make fully automated decisions about you without human oversight, and we do not share your personal data with AI tools operated by unauthorised third parties.
Before introducing any new AI tool or automated system that processes personal data, we conduct a Data Protection Impact Assessment (DPIA) to identify and mitigate any privacy risks. We also maintain supporting documentation for each AI tool in use, including records of its purpose, data flows, and the controls in place. Where a new tool involves high-risk processing, we will rely on an appropriate lawful basis and update this notice accordingly. If you have any questions about our use of AI, please contact our DPO at [email protected].
Automated decision-making and profiling
We use automated processes to match your enquiry with a adviser or specialist, based on criteria including postcode, the type of advice required, and relevant financial information you have provided. This is a core part of the service we offer.
We may also use profiling to understand the types of enquiries we receive, in order to improve our matching and service quality. Where possible, we use anonymised data for this purpose.
Where we make solely automated decisions that produce legal or similarly significant effects on you, you have the right to request human involvement, express your point of view, and contest the decision.
Change of purpose
We will only use your personal data for the purposes for which it was collected. If we need to use it for a different reason, we will notify you and explain the legal basis that allows us to do so.
4. Who We Share Your Data With
We share your personal data only where necessary and with appropriate safeguards in place.
FCA-regulated financial advisers
The primary purpose of our service is to connect you with a suitable FCA-regulated financial adviser or equity release specialist. Once your enquiry has been submitted, it will be matched to a suitable adviser or specialist based on criteria including your postcode and the details of your property. Depending on the nature of your enquiry, you may be contacted directly by the adviser or specialist, or a member of our internal Lead Engagement team may reach out first by phone or email to verify your details and ensure you are connected with the most appropriate adviser for your needs. All Lead Engagement team members handle your data in accordance with this notice and our internal data protection policies.
Each adviser or specialist is an independent data controller and will handle your data under their own privacy notice, which we encourage you to request and read when they make contact.
Technology and service providers
We use trusted third-party technology and service providers who process data on our behalf, including providers of CRM, telephony, website analytics, and advertising measurement services. Where any of these providers are based outside the UK or process data on servers outside the UK, we ensure appropriate safeguards are in place, including UK International Data Transfer Agreements (IDTA) or equivalent mechanisms. A full list of our data processors is available on request by contacting [email protected].
Professional advisers and regulators
We may share data with our lawyers, auditors, and insurers where necessary, and with the FCA, ICO, HMRC, or other public bodies where required by law.
5. International Transfers
Some of our service providers operate outside the UK. Where your personal data is transferred internationally, we ensure appropriate safeguards are in place to maintain a level of protection equivalent to UK law. The mechanisms we rely on include:
• The UK Extension to the EU-US Data Privacy Framework, where a provider is certified under that framework.
• The EU Standard Contractual Clauses with the UK Addendum to the EU SCCs, which bind the recipient to protect your data to UK standards.
• The UK International Data Transfer Agreement (IDTA), where applicable.
You can request further information about the safeguards in place for any specific transfer by contacting us at [email protected].
6. Data Security
We have appropriate technical and organisational security measures in place to protect your personal data against loss, unauthorised access, alteration, or disclosure. These include encryption of data in transit and at rest, access controls, multi-factor authentication, and regular security reviews.
Access to your personal data is restricted to those with a legitimate need. All staff and processors handling your data are subject to confidentiality obligations and act only on our instructions.
We have procedures in place to respond to any suspected data breach and will notify you and the ICO where we are legally required to do so.
7. Data Retention
We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, and reporting requirements.
The primary retention period for enquiry data collected through this website is five years from the date of enquiry submission, in line with FCA guidelines for firms operating within the financial services sector.
Call recordings are retained for up to seven years. This reflects best practice for firms operating within the financial services sector and ensures we are able to respond to any complaints or disputes that may arise in connection with an introduction we have made.
We also retain data where there is an ongoing complaint, dispute, or legal proceedings.
Where data is no longer required for any of these purposes, we securely delete or anonymise it.
8. Vulnerable Customers
We recognise that some customers may be in vulnerable circumstances. Several of the products available through our sites, including equity release, debt management, and pension transfers, are particularly likely to be sought by people in sensitive situations.
Any information you share about your circumstances is used solely to support your enquiry, shared only where necessary, and handled with additional care. We will ensure you are directed to an adviser best placed to support your needs.
Any sensitive information you share with us in this context, such as details about a health condition or accessibility needs, will be treated as special category data under UK GDPR, processed solely to support your enquiry, and handled with the utmost care.
You may withdraw your consent to us processing any sensitive personal information you have shared at any time by contacting us at [email protected]. If you withdraw consent, we will stop processing that information immediately. Please be aware that if the information is relevant to your enquiry, withdrawal may affect how we are able to support you. We will continue to assist you using the information we hold.
If your circumstances require additional consideration, please contact our compliance team at [email protected] and we will ensure you are supported appropriately.
9. Your Rights
Under UK data protection law, you have the following rights. You will not normally be charged to exercise them, although we reserve the right to charge a reasonable fee or refuse a request where it is manifestly unfounded or excessive. We will respond within one month of receiving a valid request, and may extend this by a further two months for complex or multiple requests, notifying you if this is the case.
We may need to verify your identity before acting on a request. Any verification we ask for will be proportionate and not onerous.
Right of access (Subject Access Request)
You have the right to request a copy of the personal data we hold about you and to check it is being processed lawfully. To submit a request (DSAR), please contact us at [email protected], including your full name, contact details, and a description of the information you are seeking. We will acknowledge your request promptly and aim to provide our full response within one calendar month of receipt, in line with our obligations under UK GDPR.
Right to rectification
You have the right to ask us to correct inaccurate or incomplete personal data we hold about you.
Right to erasure
You have the right to ask us to delete your personal data where there is no legitimate reason for us to continue processing it. Note that certain legal and regulatory obligations, such as FCA guidelines on retention, may mean we are unable to comply in full.
Right to object
You have the right to object to processing based on legitimate interests, where you feel it impacts your fundamental rights and freedoms. You also have the absolute right to object to processing for direct marketing purposes at any time.
Right to restriction
You have the right to ask us to pause processing of your personal data in certain circumstances, for example where you contest its accuracy or have raised an objection.
Right to portability
Where processing is based on consent or contract, you have the right to receive your personal data in a structured, commonly used, machine-readable format, and to request its transfer to another organisation.
Right to withdraw consent
Where we rely on consent, you may withdraw it at any time by contacting us at [email protected]. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
Right to human review
Where we make solely automated decisions that produce legal or similarly significant effects on you, you have the right to request human involvement, express your point of view, and contest the decision.
10. Complaints
If you have concerns about how we handle your personal data, please contact our Data Protection Officer (DPO) in the first instance. We will acknowledge your complaint promptly and aim to resolve it within one month.
- Email: [email protected]
- Post: Data Protection Officer (DPO), Lead Technologies (Europe) Limited, Pool Business Park, Pool Road, Pool in Wharfedale, Otley, LS21 1FD
If you are not satisfied with our response, or believe your data is being processed unlawfully, you have the right to escalate your complaint to the Information Commissioner’s Office (ICO):
- Website: www.ico.org.uk
- Telephone: 0303 123 1113
- Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
11. Glossary
Lawful bases for processing
Performance of contract: processing necessary to take steps at your request before entering into a contract, or to fulfil a contract.
Legitimate interests: our interest in conducting and growing our business in a way that delivers the best service and experience, where that interest is not overridden by your rights and freedoms. We carry out a legitimate interests assessment before relying on this basis.
Legal obligation: processing required to comply with a law or regulation we are subject to.
Consent: processing based on your clear, specific, and informed agreement. For electronic marketing (email and SMS) we require PECR-compliant consent.
Key terms
Data controller: the organisation that decides why and how personal data is processed. Lead Technologies (Europe) Limited is the data controller for data collected through this website.
Data processor: a third party that processes personal data on behalf of a controller, under the controller’s instructions.
Hashing: a one-way process that converts personal data into a protected code. While hashed data cannot be directly read, it can be matched by a recipient who holds the original data for verification purposes, such as confirming whether an advertising campaign led to an enquiry submission. Hashed data remains personal data and is handled accordingly.
ICO: the Information Commissioner’s Office, the independent body responsible for upholding data protection rights in the UK.
FCA: the Financial Conduct Authority, the UK regulator for financial services.