Close Menu
    Subscribe

    Privacy Policy

    Last updated: January 24, 2026

    Smart Finance UK is committed to protecting your privacy and ensuring that your personal data is handled lawfully, fairly and transparently in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), the Privacy and Electronic Communications Regulations 2003 (PECR), and all other applicable UK data protection legislation. This Privacy Policy explains how we collect, use, store, share, transfer and protect your personal information when you visit our website, interact with our content, subscribe to our newsletter, leave comments, contact us, or otherwise engage with our services.

    This policy is written in plain English and is intended to be clear and comprehensive. If you have any questions after reading it, please contact us using the details at the end of this document.

    1. Who We Are (Data Controller)

    Smart Finance UK is a personal finance blog operated as a sole trader/individual business based in the United Kingdom. For the purposes of data protection law, we are the data controller responsible for the personal data we collect and process through this website.

    Contact details: Website contact form: https://smartfinanceuk.co.uk/contact-us/

    We are not a large organisation and do not have a dedicated Data Protection Officer (DPO). However, we take our data protection responsibilities very seriously and have implemented appropriate technical and organisational measures to protect your data.

    2. What Personal Data We Collect

    We collect only the personal data that is necessary for the purposes described in this policy. The types of personal data we may collect include:

    2.1 Data You Actively Provide to Us

    • Contact and identification information
      • Name (first name, last name or username)
      • Email address
      • Phone number (if voluntarily provided)

    This data is collected when you:

    • Subscribe to our newsletter or email updates
    • Leave a comment on a blog post
    • Submit a contact form or enquiry
    • Register for an account (if we offer registration in future)

    2.2 Data We Collect Automatically

    • Device and technical information
      • IP address
      • Browser type and version
      • Operating system
      • Device type (mobile/desktop)
      • Time zone setting
      • Referring website / exit pages
      • Approximate geographic location (derived from IP address only – city/region level, never precise GPS)
      • Pages visited, time spent on pages, scroll depth, clicks
    • Cookies and similar technologies We use cookies, web beacons, pixel tags, local storage and similar technologies to:
      • Remember your preferences (e.g., dark mode, newsletter subscription status)
      • Analyse site traffic and user behaviour (Google Analytics)
      • Serve and measure personalised advertising (Google AdSense)
      • Prevent fraud and abuse

    2.3 Data We Receive from Third Parties

    • Google Analytics → anonymised usage statistics
    • Google AdSense → advertising interaction data (impressions, clicks)
    • Newsletter service provider (e.g., Mailchimp or similar) → subscription status, open/click rates
    • Comment system (if using third-party like Disqus or WordPress comments) → comment author name, email, website URL (if provided)

    We do not knowingly collect special category data (health, ethnicity, religion, sexual orientation, etc.) or criminal offence data through this website.

    3. How We Collect Your Data

    We collect data in the following ways:

    Directly from you When you voluntarily provide it via forms, comments, subscriptions or emails.

    Automatically Through cookies, server logs, analytics tools, and advertising technologies when you browse the site.

    From third parties From analytics providers, ad networks and email service providers as described above.

    4. Purposes for Processing Your Personal Data

    We process your personal data only for legitimate purposes under UK GDPR Article 6:

    4.1 Contractual necessity (Article 6(1)(b))

    • To provide you with the website content and services you request
    • To manage newsletter subscriptions

    4.2 Legitimate interests (Article 6(1)(f)) We have a legitimate interest in:

    • Analysing website traffic and improving user experience (Google Analytics)
    • Displaying relevant advertising to support the free operation of this site (Google AdSense)
    • Preventing fraud, spam and abuse
    • Responding to enquiries and comments
    • Aggregated statistics for content improvement

    We carry out a legitimate interests assessment (LIA) for each of these purposes and ensure that your rights and freedoms do not override our interests.

    4.3 Legal obligation (Article 6(1)(c))

    • To comply with tax, accounting or regulatory obligations
    • To respond to valid legal requests (e.g., court orders)

    4.4 Consent (Article 6(1)(a))

    • For non-essential cookies (analytics, advertising) — you give consent via our cookie banner
    • For marketing emails/newsletters — you give explicit consent when subscribing

    You can withdraw consent at any time (e.g., unsubscribe link in emails, cookie banner settings).

    5. Cookies and Tracking Technologies

    5.1 What are cookies? Cookies are small text files placed on your device when you visit a website. They help the site remember your actions and preferences (e.g., login, language, font size) over time.

    5.2 Cookies we use

    • Strictly necessary cookies — required for the website to function (e.g., session management, security). No consent required.
    • Performance / analytics cookies — Google Analytics to understand how visitors use the site (pages viewed, time spent, bounce rate). Anonymised where possible.
    • Advertising cookies — Google AdSense to show relevant ads based on your interests and browsing behaviour. These enable personalised advertising.

    5.3 Third-party cookies

     

    5.4 Managing cookies

    You can control cookies through your browser settings. Most browsers allow you to:

    • See what cookies you have
    • Block cookies from specific sites
    • Delete cookies
    • Block all third-party cookies

    Disabling cookies may limit the functionality of our site (e.g., some features may not work).

    You can also opt out of personalised advertising by Google: https://adssettings.google.com

    5.5 Cookie duration

    • Session cookies: deleted when you close your browser
    • Persistent cookies: remain until expiry date or manual deletion (up to 24 months for analytics/advertising cookies)

    6. Sharing Your Personal Data

    We do not sell your personal data to third parties. We share data only in limited circumstances:

    • With service providers — Google (Analytics, AdSense), newsletter provider, hosting provider, security services — all under strict data processing agreements.
    • For legal reasons — if required by law, court order, or to protect our rights/safety.
    • Business transfer — in the event of merger, sale, or asset transfer.
    • With your consent — only when you explicitly agree.

    7. International Transfers

    Some of our service providers (e.g., Google) are based outside the UK. Where personal data is transferred to countries without an adequacy decision, we rely on:

    • UK International Data Transfer Agreement (IDTA)
    • UK Addendum to EU Standard Contractual Clauses
    • Adequacy regulations (where applicable)

    We ensure appropriate safeguards are in place.

    8. Your Rights Under UK GDPR

    You have the following rights (subject to exemptions):

    • Right to be informed
    • Right of access (subject access request)
    • Right to rectification
    • Right to erasure (“right to be forgotten”)
    • Right to restrict processing
    • Right to data portability
    • Right to object
    • Rights related to automated decision-making (we do not carry out automated decisions with legal effects)

    To exercise any of these rights, contact us. We will respond within one month (extendable by two months for complex cases).

    You can also complain to the Information Commissioner’s Office (ICO): https://ico.org.uk/make-a-complaint/

    9. Security of Your Personal Data

    We implement appropriate technical and organisational measures to protect your data, including:

    • Encryption of data in transit (HTTPS)
    • Access controls
    • Regular security updates
    • Secure hosting environment

    However, no internet transmission or electronic storage method is 100% secure.

    10. Children’s Privacy

    Our website is not directed at children under 16 years old. We do not knowingly collect personal data from children under 16. If you are a parent/guardian and believe we have collected data from your child, please contact us immediately.

    11. Links to Other Websites

    Our site may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

    12. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last updated” date. We may also notify you via email or website notice for material changes.

    13. Contact Us

    If you have any questions, concerns or wish to exercise your rights, please contact:

    Website contact form: https://smartfinanceuk.co.uk/contact-us/

    We aim to respond within 7 working days for general enquiries and within statutory time limits for data subject rights requests.