Privacy Notice

Obsidian Financial Services Limited (Authorisation pending with the Financial Conduct Authority)

Obsidian Financial Services Limited is not authorised by the Financial Conduct Authority at the time of issuing this Privacy Notice. No regulated financial advice or services are provided until authorisation is granted. This is expected to be mid-2026.

Last updated: 5th January 2026

1. Introduction and Purpose

Obsidian Financial Services Limited (“we”, “us”, “our”) is committed to protecting and respecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Notice explains how we collect, use, disclose, retain, and safeguard personal information when you interact with us, including:

  • Visiting our website
  • Registering an interest in our services
  • Contacting us by email, telephone, or written correspondence
  • Becoming a client after FCA authorisation

It should be read alongside our Cookie Policy and other relevant notices. We aim to ensure transparency, fairness, and accountability in all data-handling activities.

2. Who We Are

Data Controller: Obsidian Financial Services Limited
Registered address: 18 Southfield Close, Elsenham, Bishop’s Stortford CM22 6YF
Email: privacy@obsidianfs.co.uk

Obsidian Financial Services Limited is an independent financial advice firm awaiting authorisation from the Financial Conduct Authority (FCA). Until authorisation is granted, we do not provide regulated financial advice or conduct regulated activities.

3. Information We May Collect

We may collect and process the following types of personal data:

3.1 Personal and Contact Information

  • Name, title, date of birth (where provided)
  • Email address, telephone number, postal address

3.2 Communication and Enquiry Data

  • Information you submit via forms, email, or correspondence
  • Details of your communication preferences

3.3 Website and Technical Data

  • IP address, browser type, device data, aggregated website behaviour data
  • Cookies and tracking technologies in line with our Cookie Policy

3.4 Client-Specific Information (Post-Authorisation)

Where you become a client after FCA authorisation, additional data may be collected for:

  • Suitability and risk assessments
  • Financial circumstances, objectives, and goals
  • Ongoing service delivery and review

We do not collect or process special categories of personal data (e.g., health data) unless explicitly necessary and lawful, and only with clear justification or consent.

4. How We Collect Your Information

We collect personal data:

From third parties if authorised by you or where necessary for compliance and service delivery

Directly from you through forms, emails, telephone calls, and web enquiries

Automatically when you visit our website (e.g., via cookies)

5. How We Use Your Information

We may use your personal information for the following purposes:

  • Responding to enquiries and communications
  • Registering and managing expressions of interest
  • Sending updates regarding our FCA authorisation progress
  • Delivering financial advice services and ongoing client support (post-authorisation)
  • Improving website functionality and customer experience
  • Complying with legal, regulatory, and audit obligations

We will not sell personal information to advertisers or other third parties.

6. Lawful Bases for Processing

We process personal data under one or more of the following lawful bases:

  • Legitimate interests: for business administration and customer support, provided this does not override your rights
  • Consent: where you have opted in (e.g., marketing communications)
  • Contract: where processing is necessary to provide services you have requested
  • Legal obligation: where required by law or regulation

7. Disclosure of Your Information

We may disclose personal data:

  • With your consent (e.g., marketing or specified purposes)
  • To trusted third parties (e.g., professional advisers, IT and hosting providers)
  • Where required by law, regulation, or to protect our rights
  • To support fraud prevention, crime detection, or regulatory compliance

We will not disclose personal data to other organisations for their own marketing purposes without your explicit consent.

8. Marketing and Your Rights

We will only send marketing communications where you have consented. You have the right to request that we stop processing your data for marketing at any time. Details on how to manage marketing preferences will be provided at the point of collection and in subsequent communications.

9. Data Security and Storage

We take appropriate technical and organisational measures to safeguard personal information, including secure servers, encryption where applicable, and internal policies to restrict access to authorised personnel only.

Your data may be stored on secure servers in the UK or the European Economic Area. International transfers, if necessary, will be subject to appropriate safeguards.

10. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, comply with legal and regulatory requirements, and support Consumer Duty outcome monitoring. Retention periods are documented in our Data Retention Schedule.

11. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request erasure in certain circumstances
  • Restrict or object to processing
  • Withdraw consent at any time
  • Request data portability

Requests should be made in writing to privacy@obsidianfs.co.uk. We will respond in accordance with legal timelines.

12. Cookies and Tracking Technologies

Our website uses cookies. Please refer to our Cookie Policy for detailed information on how cookies are used and your choices regarding their use.

13. Changes to This Privacy Notice

We may update this Privacy Notice to reflect changes in law, regulation, or our services. The most recent version will be published on our website.

14. Complaints

If you have concerns about how your personal data is processed, you may contact us at the following email address: complaints@obsidianfs.co.uk.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113