Privacy Policy — Goldstone & Crown Ltd
Goldstone & Crown Ltd

Privacy Policy

Last updated: 7 July 2026

1.Who we are

Goldstone & Crown Ltd is the “data controller” responsible for your personal data. We are a company registered in England & Wales (company number 17294072), with our registered office at 14 Briars Lane, Liverpool, United Kingdom, L31 6AR.

We are an introducer. We do not provide regulated financial, investment, tax or legal advice. Our role is to understand your circumstances and, where appropriate, introduce you to independent, regulated specialists who do.

If you have any questions about this policy or how we handle your data, contact us at [email protected].

ICO registration: Organisations that process personal data are usually required to register with the Information Commissioner’s Office and pay the data protection fee. Our registration reference is ZC188945.

2.The personal data we collect

Depending on how you interact with us, we may collect:

  • Identity and contact details — your name, company name, email address and telephone number.
  • Enquiry details — the service you are interested in (for example, tax-efficient profit extraction or company exit), and any information you choose to give us about your company or circumstances.
  • Booking details — when you book a call, the date, time and any notes associated with the appointment.
  • Communications — records of correspondence between you and us by email, phone or web form.
  • Technical and usage data — limited information collected automatically through our website and booking tools, such as IP address and browser/device information (see “Cookies” below).

We do not intentionally collect special category data (such as health information). Please do not include sensitive personal information in free-text fields unless necessary.

3.How we collect your data

  • Directly from you — when you complete our enquiry form, book a consultation, or contact us by email or phone.
  • Automatically — when you use our website, through cookies and similar technologies.

4.How and why we use your data

We only use your personal data where the law allows us to. The table below sets out our main purposes and the lawful basis we rely on under the UK GDPR.

PurposeLawful basis
To respond to your enquiry and arrange a suitability callTaking steps at your request before entering into any arrangement; our legitimate interests in responding to enquiries
To introduce you to a suitable regulated specialistYour consent and/or our legitimate interests (you have asked us to help you find a specialist)
To manage our relationship with you and keep business recordsOur legitimate interests; compliance with our legal obligations
To send you updates or information you have asked to receiveYour consent (which you can withdraw at any time)
To comply with legal, regulatory and accounting obligationsCompliance with a legal obligation
To protect our business and prevent fraud or misuseOur legitimate interests

5.Who we share your data with

We do not sell your personal data. We share it only as described below:

  • Regulated specialists — where you have asked us to help, we pass your details to a suitable, independent regulated specialist so they can contact you. Once introduced, that specialist is responsible for your data under their own privacy policy.
  • Service providers (processors) — trusted suppliers who help us run our business under contract, including our CRM, website and booking platform (HighLevel / “GoHighLevel”) and our email provider (Google Workspace). They process data on our instructions only.
  • Professional advisers and authorities — such as our accountants or legal advisers, and regulators or law enforcement where we are required to share information by law.

6.International data transfers

Some of our service providers are based outside the United Kingdom (for example, HighLevel is based in the United States). Where your data is transferred outside the UK, we take steps to ensure it is protected by an appropriate safeguard recognised under UK data protection law, such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or an adequacy decision.

7.How long do we keep your data?

We keep your personal data only for as long as necessary for the purposes set out in this policy. In general, we keep enquiry and contact data for as long as we are in contact with you or working to introduce you, and afterwards for 6 years to meet our legal, accounting and record-keeping obligations, after which it is securely deleted.

8.How we protect your data

We use appropriate technical and organisational measures to keep your data secure, including access controls and reputable, security-conscious service providers. While no system can be guaranteed completely secure, we take reasonable steps to protect your information against unauthorised access, loss or misuse.

9.Your rights

Under the UK GDPR, you have the right to:

  • Be informed about how your data is used (this policy);
  • Request access to the personal data we hold about you;
  • Ask us to correct inaccurate or incomplete data;
  • Ask us to erase your data in certain circumstances;
  • Restrict or object to our processing of your data;
  • Request portability of certain data; and
  • Withdraw consent at any time, where we rely on consent.

To exercise any of these rights, contact us at [email protected]. We will respond within the timescales required by law (usually one month).

10.Cookies

Our website and booking tools may use cookies and similar technologies to function correctly and to understand how the site is used. You can control cookies through your browser settings.

11.Marketing

We will only send you marketing communications if you have asked us to or otherwise consented. You can opt out at any time by contacting us or using the unsubscribe option in any marketing email.

12.Changes to this policy

We may update this policy from time to time. The latest version will always be available on our website, with the date it was last updated shown at the top.

13.How to contact us and how to complain

If you have any questions or concerns about how we handle your data, please contact us first at [email protected] or by post at 14 Briars Lane, Liverpool, United Kingdom, L31 6AR.

You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection, at ico.org.uk or on 0303 123 1113. We would, however, appreciate the chance to address your concerns before you approach the ICO.