Privacy Notice & Cookie Statement

(June 2023)


Lewis Investment are committed to protecting your personal information and ensuring that it is used fairly and responsibly. This Notice explains how we use any personal information we collect about you.

Data Protection Act

Lewis & Co (Investment &  Pensions) Ltd, trading as Lewis Investment, is a registered Data Controller under the Data Protection Act 1998; registration number Z6529406. Our registration can be found via the Information Commissioner’s website.

Why we need to collect and use your personal data

The primary legal basis that we intend to use for the processing of your data is “performance of a contract”; it is essential for us to collect and process your personal data to be able to carry out the services that you require from us effectively. Without collecting your personal data we’d also be unable to fulfil our legal and regulatory obligations.

What information do we collect and how is it used?

We collect information about you when you engage us for financial planning or mortgage advice, this information will relate to your personal and financial circumstances. It may also include special categories of personal data such as data about your health if this is necessary for the provision of our services. For example;

  • Information you provide to us to enable us to make appropriate investment recommendations (this may include personal information concerning your family members, if provided to us); and/or
  • Where you are a corporate customer, details about your staff (including, where applicable, their family members), and may include information obtained from third parties; and/or
  • Where you are a trustee of a trust, the details of all trustees and other beneficial owners, settlors and protectors as we deem appropriate.
  • Where you are provided with access to the Client Portal personal data, including your name, address, date of birth and national insurance number will be held on the Non-personal data held on the portal includes your assets, your income and expenditure details and your portfolio details, including investments and plans.

You can remove your data from the Client Portal service at any time, although portions of your data, consisting of aggregate data derived from your account information, may remain on our servers indefinitely. Your data may also remain on a backup server or media.

Who might we share your information with?

To effectively deliver our services to you we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to arrange financial products for you.

Where it’s necessary for your personal data to be forwarded to a third party we’ll use appropriate security measures to protect your data in transit. Where we can, we will use secure portals. We will also employ encryption and in some cases secure folders.

To fulfil our obligations in respect of the prevention of money laundering and other financial crime we may send your details to third party agencies for identity purposes.

We may disclose your information to future owners of our business or where we are required by law to do so.

Except for the above provisions, we will not pass your details to any other third party, without your express permission.

You can access the information we hold about you

You have the right to request a copy of the personal information we hold about you. You can make a request to us at any time in writing or by email, details below.

When your personal data is processed by automated means you have the right to ask us to move it to another organisation for their use.

If you believe that any information, we are holding about you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.

How long will we keep your information?

In principle, your personal data shouldn’t be held for longer than is required under the terms of our contract for services with you. However, we’re subject to regulatory requirements to retain data for specified minimum periods. We also reserve the right to retain data for longer than this due to the possibility that it may be required to defend a future claim against us. In any case, we’ll not retain your personal data for longer than 5 years past the time of your death.

You have the right to request deletion of your personal data. We’ll comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.

Visitors to our website

We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various pages of the website. This information is only processed in a way which does not identify anyone.

Our website has its own terms and conditions which can be viewed at

e-marketing and e-newsletter

We’d like to send you information about our products and services which may be of interest to you but only if you’ve consented to receive such information. If you no longer wish to be contacted for marketing purposes, please contact us by email, or post.

We use a third-Party provider, MailChimp, to deliver our e-newsletters and email updates. We gather statistics around opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter and email updates. For more information, please see MailChimp’s Privacy Notice.


We use a third-party service,, to publish our website. The site is hosted by Siteground Inc.

Other Websites

Our website contains links to other websites. Please be aware that when you link to other websites you should read the privacy policies for those websites. We are not responsible for the privacy policy or practices of third party websites.

What are cookies?

Cookies are small text files sent by a web server to an internet user’s computer when the user accesses the website. There are basically two types of cookie, session and persistent.

Session cookies are used to maintain the state of the connection between the web server and the user’s computer, so that once a user is logged in, they can move between the web pages on the same website without having to keep logging in. These are deleted at the end of the browsing session.

Persistent cookies are stored on the hard disk of the internet user's computer unless the user has configured the web browser not to accept cookies. Persistent cookies can be used for authenticating users and maintaining specific information about users, such as site preferences, and to provide the website owner with information about how users use their site.

Third party cookies are where another website domain specifies a cookie and places it on your computer for the website you are viewing.

Consent to the use of cookies

Lewis Investment do not use cookies in an intrusive manner; all cookies that are used on the Lewis Investment website are purely for functional and operational purposes.

How do I change my cookie settings?

A full explanation of cookies, how they can be controlled and deleted with different browsers can be found at or

Please note that disabling all cookies may prevent you from accessing some websites.

What you can do if you are unhappy with how your personal data is processed

You also have a right to lodge a complaint with the supervisory authority for data protection. In the UK this is:

Information Commissioner’s Office

Wycliffe House, Water Lane

Wilmslow, Cheshire. SK9 5AF

How to contact us

If you have any questions about this privacy policy or our treatment of your personal information, please write to us by email to, or by post to 41 Commercial Road, Poole, Dorset BH14 0HU.

Scroll to top
Skip to content