Speak to an expert - Arrange a no obligation consultation

Get in touch
Tel: 020 4534 2750
or email: [email protected]

Privacy Policy

About us and the purpose of this notice

The Ludlow Group comprises five trading companies, each of which is a separate Data Controller.

These are:

  • Charter Tax Consulting Limited (company number 06889438)
  • Ludlow Trust Company Limited (company number 12492064)
  • Ludlow Trust Company (London) Limited (company number 15274780)
  • Ludlow Trust Company (Southampton) Limited (company number 00106294)
  • Ludlow Trust Company (ETL) Limited (company number 00362578)

All are registered in England and Wales, and all have their registered office at:

 8th Floor, 1 Southampton Street, London WC2R 0LR.

This privacy policy is issued on behalf of the Ludlow Group. When we use “Ludlow Group”, “Ludlow”, “we”, “us”, or “our” in this privacy policy, we are referring to the relevant company in the Ludlow Group responsible for processing your data.

This Privacy Notice sets out how we process your personal data when you visit any of our websites (“Sites”), namely www.charter-tax.com or www.ludlowtrust.com or when you register with a Ludlow Group company in connection with the provision of accountancy and tax advisory services,  trusteeship, trust administration, estate administration, will writing or other related services (the “Services”).

This notice applies to our customers, suppliers and other third parties that we interact with during the provision of our services.

 

 1. Purpose of this privacy notice

This Privacy Notice explains our approach to any personal data that we collect from you or have obtained about you from a third party and the purposes for which we process this data. This Privacy Notice also sets out your rights in respect of our processing of your personal data.

When we refer to “personal data”, we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance.

This Privacy Notice informs you of the nature of your personal data that is processed by us and how you can request that we delete it, update it, transfer it and/or provide you with access to it.

This Privacy Notice is intended to assist you in making informed decisions when using the Sites and our Services. Please take a moment to read and understand it. It should be read in conjunction with the Charter Tax Terms of Use and Cookie Policies for each website (Charter Tax Cookie Policy or Ludlow Cookie Policy)

In this notice “Data Protection Legislation” means the Data Protection Act 2018 (as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 which merge the previous requirements of the Data Protection Act with the requirements of the General Data Protection Regulation ((EU) 2016/679)) and any other laws and regulations in the UK applicable to the processing of personal data.

 

 2. About us

For the purpose of the Data Protection Legislation and this notice, each Ludlow Group entity is a ‘data controller’. This means that they are responsible for deciding how to hold and use personal data about you and are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.

Each has appointed a Data Protection Officer who is responsible for assisting with enquiries in relation to this privacy notice or our treatment of your personal data. Should you wish to contact our Data Protection point of contact you can do so using the contact details noted at paragraph 3 (How to contact us), below.

 

3. How to contact us

If you have any questions regarding this Privacy Notice or if you would like to contact us about the way we process your personal data, please email our Data Protection point of contact as follows:

Data Protection Officer

8th Floor, 1 Southampton Street

London WC2R 0LP

Please state to which company your enquiry relates on the envelope.

 

Alternatively, you can email us as follows:

 

4. Information we hold about you

The information we hold about you may include the following:

    • Your personal details such as your name and/or address
    • Details of contact we have had with you in relation to the provision, or the proposed provision, of our services
    • Details of any services you have received from us
    • Our correspondence and communications with you/third parties
    • Information about any complaints and enquiries you make to us
    • Information from research, surveys, and marketing activities
    • Financial information that we need to perform services
    • Details such as National Insurance Number, UTR that we may need to perform our services
    • Information about your employment, bank details and salary details.

 

5. How we may collect your personal data

We collect personal information about you and related parties to the Services as required to provide the Services.

All the personal data we use to deliver the Services is obtained either directly from you or other persons connected with the Service in question. This may be at the outset of the Service or during our on-going delivery of the Services and from any further correspondence between us. It may also be obtained when you use our website.

We collect personal information from you when you request a proposal in respect of the Services we provide, or when you contact us by email, telephone, post or social media (for example when you have a query about our Services).

There is also some personal data that we may obtain indirectly. This includes personal data from your employer, or our client when it engages us to provide services and also during the provision of those services, as well as from third parties and / or publicly available resources (for example, from your employer or from Companies House).

We may collect some of the following personal information about you to provide our Services:

Types of personal data Details
Individual details Name, address (including proof of address), other contact details (e.g., email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you
Identification details Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number
Financial information Income, expenditure, assets and liabilities, sources of wealth and your bank account details. Details about your tax affairs and information relating to your financial situation.
Information about your goals and objectives in connection to your wealth along with your investment knowledge and experience.
Background information Information about your employment, education, family, personal circumstances, and interests along with information regarding your personal or family circumstances, including future requirements and possible needs.
Compliance information Information to assess whether you may represent a money laundering or terrorist financing risk, including whether you are a politically exposed person, or have had previous criminal convictions or regulatory sanctions imposed
Computer access data Computer access or log data (i.e., IP Address, browser type, browser version, the pages of our website you visit, the time and date of your visit, the time spent on those pages or the App, and other usage statistics).
Special categories of personal data Certain categories of personal data which have additional protection under the GDPR. The categories are health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation.
Special category personal data may be gathered in the process of setting up and delivering our Services and where we process special category personal data we rely on the legal basis of consent. Your consent must be freely given and can be withdrawn at any time but when it is withdrawn the Services may no longer be available to you

 

People who contact us via social media

We may use a third-party provider to manage our social media interactions. If you send us a private or direct message via social media the message will be stored by us for three months. It will not be shared with any other organisations.

People who email us

Any email sent to us, including any attachments, may be monitored for security reasons and for compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

 

6. How we use your information

We may only process your personal data in certain circumstances. These are:

    • when we have a legitimate interest in processing
    • when you have given your consent
    • to fulfil a contract to which you are a party, or
    • to comply with a legal obligation to which we are subject

If we do not process personal data, we cannot discharge our obligations. When providing our Services, we will process your personal data on the basis that it is in our legitimate interests to do so and these interests are not over-ridden by your interests or fundamental rights and freedoms as a data subject, as there is a clear benefit to you in the processing, and the collection, processing and disclosure of personal data is necessary or desirable to provide the Services. Such personal data will be processed for a number of purposes, including but not limited to:

    • Preparing preliminary information or a proposal for you regarding our Services
    • To provide you with the Services as set out in our engagement letter, the Law, any other documentation such as a trust instrument or administration agreement or as otherwise agreed from time to time
    • To correspond with you and provide you with information on us i.e., changes in personnel
    • To fulfil our regulatory and other legal obligations
    • To deal with any complaints or feedback that you may have
    • For any other purpose for which you provide us with your personal data
    • To develop and improve our services
    • To comply with a legal obligation to which we are subject. The entities within the Ludlow Group are regulated and must comply with legal, compliance and regulatory obligations such as those required to comply with anti-money laundering, drug trafficking, or countering terrorist financing laws and with tax and beneficial ownership reporting requirements
    • To manage our business in an efficient and proper way including monitoring corporate governance and audit

The nature of the Services may require us to have a knowledge and understanding of our clients’ circumstances, needs and requirements. For example, when acting as trustees, we are legally obliged to consider the interests and requirements of beneficiaries before exercising our powers, such as when making distributions and investing trust assets.

Special Category Data

We may process special category data in certain circumstances, for example:

    • Collecting, storing and using special category data to help us comply with the wishes of our client and to enable us to identify and protect your rights as a beneficiary or other related party.
    • We may also process criminal conviction data, when necessary for reasons of substantial public interest for the purposes of the prevention or detection of an unlawful act and / or the protection of the public against dishonesty.

Change of purpose

Where we need to use your personal data for a reason, other than the purpose for which we originally collected it, we will only use your personal data where that reason is compatible with the original purpose.  If we need to use your data for a new purpose, we will notify you and communicate our legal basis for this new usage.

 

7. Sharing your personal information

When processing on the basis that it is in our legitimate interests do so, we may collect and share your personal data with:

    • Other companies in the Ludlow Group.
    • Your solicitors, accountants, advisers, agents or employees of firms with which you are associated.
    • Third parties who require the personal data in order to provide a service to us in connection with the provision of the Services, such as directors, officers, consultants, agents or contractors and delegates or sub-delegates, internet service providers and data storage providers, in respect of which Services are provided, or which provide services to us, and/or in respect of which you are connected or have an interest; or to a new service provider who will be providing the services and the directors and/or employees of such third parties.
    • Our advisers who provide us with advice or assistance.
    • Third parties and service providers such as banks, bankers, intermediaries, insurance companies, fund managers, investment advisers and managers, property managers, tax advisers, lawyers, and any other entity which provide services to us in respect of the Services and/or in respect of which you are connected or have an interest.
    • Government bodies, quasi government bodies, regulators and other authorities in any jurisdiction.
    • Any third party who requires personal data as a result of any assignment, transfer or novation of our rights and obligations or any merger, restructure, sale or acquisition of the Ludlow Group or any part thereof or to any party to whom we may transfer our rights and/or obligations.

You may object at any time to our processing of any or all of your personal data on this ground by contacting the relevant Data Protection Officer (using the details set out in How to contact us) and the processing of personal data may be restricted while those legitimate interests are considered, and, if it is decided that we do not have a legitimate interest to process that personal data, can be erased.

We will only process any Special Category Data with your explicit consent. Special Category Data will be processed for the same purposes and shared with the same entities as personal data processed in our legitimate interests. You will be asked to complete a consent form to evidence that your explicit consent has been given to the processing of Special Category Data. This consent can be withdrawn at any time by contacting the appropriate Data Protection Officer who will advise you of the procedure to be followed to withdraw your consent to the processing of Special Category Data The withdrawal of your consent will not affect the lawfulness of any processing up to that point. However, if your consent is withdrawn, the nature of the Services may mean that we can no longer provide some or all the Services to you.

When processing data to comply with a legal obligation, we may collect and share your personal data from and with third parties, including:

    • Our advisers where it is necessary for us to obtain their advice or assistance.
    • Our accountants and auditors where it is necessary as part of their functions.
    • Third parties who assist us in conducting background checks about you, such as checking to see if you are on sanctions lists.
    • Fraud prevention agencies who will use it to prevent money laundering, to verify your identity and to prevent fraud.
    • Courts, regulatory authorities, tax authorities, ombudsmen, law enforcement agencies, credit reference agencies or similar bodies in any jurisdiction whether or not such requirements have the force of law or whether or not such disclosure may be enforced on us.
    • Any party to which we may wish to sell, transfer or merge all or part of our business.

 

8. Transferring Personal Data outside of the UK or European Economic Area (“EEA”)

We will only transfer personal data outside the UK or EEA if one of the following applies:

    • The UK Information Commission or European Commission has issued a decision confirming that the country to which we transfer the personal data ensures an adequate level of protection for the data subjects’ rights and freedoms.
    • Appropriate safeguards are in place such as binding corporate rules, standard contractual clauses approved by the UK Information Commission or European Commission, an approved code of conduct or a certification mechanism.
    • You have provided explicit consent to the proposed transfer after being informed of any potential risks.
    • The transfer is necessary for one of the other reasons set out in the UK GDPR including the performance of a contract between us, reasons of public interest, to establish, exercise or defend legal claims or to protect your vital interests where you are physically or legally incapable of giving consent and, in some limited cases, for our legitimate interest.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK or EEA.

 

9. How long we retain your personal data

We will retain your personal information only for as long as it is necessary to fulfil the purposes for which it is collected.

When assessing what retention period is appropriate for your personal data, we consider the following:

    • The requirements of our business and the services provided;
    • Any statutory or legal obligations;
    • The purposes for which we originally collected the personal data;
    • The lawful grounds on which we based our processing; and
    • The types of personal data we have collected.

We will retain your personal data for a relevant period in line with professional advisors document retention policy for wills and trusts, or for as long as necessary to fulfil our legal obligations in relation to the Services. We retain your personal information for that period so that we can show, in the event of a legal claim or query, that we have administered the Services in an appropriate and correct manner. After this period, we will securely destroy your personal information in accordance with our data retention policy and applicable laws and regulations.

If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list indefinitely so that we know not to send you further marketing communications in the future.

 

10. Marketing

We may periodically send you marketing correspondence or emails with news about Charter Tax, or other information which we think you may find interesting using the contact details you have provided.

We shall only send you marketing correspondence where we have provided Services to you, or you have expressed an interest in our Services and have given us your consent. We will obtain your consent before sending third party direct marketing communications.

You can opt out of receiving marketing correspondence from us at any time by clicking on the “unsubscribe” link in any email which we send to you, or by emailing us as follows:

 

11. Confidentiality and security of your personal data

We are committed to keeping the personal data you provide to us secure, and we have and will continue to put in place appropriate security measures to protect your personal data from loss, misuse or alteration.

We have information security policies, rules and technical measures to protect the personal data that we have under our control from:

    • unauthorised access
    • improper use or disclosure
    • unauthorised modification; and
    • unlawful destruction or accidental loss.

We limit access to your personal information to those employees, agents, contractors and other third parties who need it to assist in providing the Services. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

 

12. How to access your information and your other rights

You have the following rights in relation to the personal data we hold about you. If you would like to exercise any of these rights, please contact us using the details set out in How to contact us.

Your right of access.

If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data (along with certain other details). If you require additional copies, we may charge a reasonable fee for producing those additional copies.

Your right to rectification.

If the personal data we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have shared your personal data with others, we will let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.

Your right to erasure.

You can ask us to delete or remove your personal data in some circumstances, such as where we no longer need it or where you withdraw your consent (where applicable). If we have shared your personal data with others, we will let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.

Your right to restrict processing.

You can ask us to ‘block’ or suppress the processing of your personal data in certain circumstances such as where you contest the accuracy of that personal data, or you object to us processing it for a particular purpose. This may not mean that we will stop storing your personal data but, where we do keep it, we will tell you if we remove any restriction that we have placed on your personal data to stop us processing it further. If we have shared your personal data with others, we will let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.

Your right to data portability.

You have the right, in certain circumstances, to obtain personal data you have provided to us (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer it to a third party of your choice.

Your right to object.

You can ask us to stop processing your personal data, and we will do so, if we are:

    • relying on our own or someone else’s legitimate interest to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or
    • processing your personal data for the purposes direct marketing.

Your rights in relation to automated decision-making and profiling.

You have the right not to be subject to a decision when it is based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for the entering into, or the performance of, a contract between you and us.

Your right to withdraw consent.

If we rely on your consent (or explicit consent) as our legal basis for processing your personal data, you have the right to withdraw that consent at any time. You can exercise your right of withdrawal by contacting us using our contact details in the “How to contact us” section or by using any other opt-out mechanism we may provide, such as an unsubscribe link in an email.

Your right to lodge a complaint with the supervisory authority.

If you have a concern about any aspect of our privacy practices, including the way we have handled your personal data, please contact us using the contact details provided in the “How to contact us” section. You can also report any issues or concerns to a national supervisory authority in the Member State of your residence or the place of the alleged infringement. As we are incorporated in the United Kingdom, once we commence trading our regulatory authority will be the Information Commissioner’s Office (ICO) in respect of data privacy matters who can be contacted at www.ico.org.uk.

If you want to exercise any of the above rights, please email our data protection point of contact as follows:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee for the administrative costs of complying with the request if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details above.

 

13. Making a complaint

When we receive a complaint, we create a file containing the details of the complaint. This normally contains the identity of the complainant, and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide.  We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute.  We usually have to disclose details of the complaint to our Professional Indemnity Insurance Broker and Insurer.  We may be required to provide a copy of our file to the Financial Ombudsman Service should an adjudicator be required to consider the complaint case.

Charter Tax Consulting Ltd are regulated by the ICAEW who can do inspections and ask to view a sample of client files. This data may include names or details that identify the specific data subject.

The details to make a complaint to are contained in the “How to contact us” section of the relevant website.

 

14. Visitors to our websites and the use of cookies

When someone visits our websites we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Use of cookies

Cookies are small text files that are placed onto your computer or other electronic devices by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.

Please see our websites to find out more about the cookies and other similar technologies we use, the purposes for which we use them and how to manage, block or delete them.

We may use the following categories of cookies on our website:

Strictly necessary: These are cookies which are essential for certain features of our website to work. These cookies do not record identifiable personal information, and we do not need your consent to place these cookies on your device. Without these cookies we will be unable to provide all or part of Our Services to you.

Performance monitoring: We use these cookies to collect details on an anonymous basis about how you use our websites. This information may be used to help us improve our websites and understand how effective our adverts are. In some cases, we use trusted third parties to collect this information for us but they only use the information for the purposes explained.

Functional: These cookies are used to provide services or remember your settings. These cookies are aimed at enhancing your user experience by remembering your preferences. The information these cookies collect is anonymous and does not enable us to track your browsing activity on other websites.

Marketing: These cookies are used by trusted third parties to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. Information contained in these cookies is anonymous and doesn’t contain your personal information. To find out more about cookies used for targeting and advertising follow www.youronlinechoices.com and www.networkadvertising.org or contact us for further information about the trusted third parties we use.

 

15. Changes to this privacy notice

We may make changes to this Privacy Notice from time to time.

To ensure that you are always aware of how we use your personal data, we will update this Privacy Notice from time to time to reflect any changes or proposed changes to our use of your personal data. We may also make changes to comply with changes in applicable law or regulatory requirements.

We encourage you to periodically review this Privacy Notice, which is available on our websites or by contacting our offices, to be updated and informed of how we use your personal data.

This privacy notice was last updated on 03 March 2025.