Privacy Policy

Last Updated: April 17, 2026

Introduction

twilight-spring values your privacy and takes our responsibility to protect your personal information seriously. This Privacy Policy explains how we collect, use, store, and safeguard information you provide when using our website and services.

By accessing our website or engaging our services, you acknowledge that you have read and understood this policy. If any aspect concerns you, please contact us before proceeding.

Information We Collect

Information You Provide Directly

When you contact us or use our services, we collect information you voluntarily provide, which may include:

  • Your name and contact details including email address
  • Financial information relevant to the services you request
  • Income, expenses, debts, assets, and investment details
  • Employment information and career history
  • Financial goals and objectives
  • Any other information you choose to share during consultations

Information Collected Automatically

When you visit our website, certain technical information is collected automatically:

  • IP address and general location data
  • Browser type and version
  • Device information and operating system
  • Pages visited and time spent on each page
  • Referring website or source
  • Date and time of access

How We Use Your Information

We use collected information for the following purposes:

  • Providing financial advice and services you've requested
  • Analyzing your financial situation to develop customized strategies
  • Communicating with you about our services
  • Responding to inquiries and support requests
  • Improving our website functionality and user experience
  • Understanding how visitors use our website
  • Complying with legal obligations and regulatory requirements
  • Protecting against fraud and unauthorized access

We will never sell your personal information to third parties. We do not share your data with marketing companies or use it for purposes unrelated to providing our services.

Legal Basis for Processing

Under UK data protection law, we process your personal information based on:

  • Contractual Necessity: Processing required to provide services you've requested or prepare contracts you're entering
  • Consent: Where you've given explicit permission for specific processing activities
  • Legitimate Interests: Processing necessary for our legitimate business operations, provided it doesn't override your rights and interests
  • Legal Obligations: Compliance with laws and regulations applicable to financial services

Data Storage and Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encrypted data transmission using SSL/TLS protocols
  • Secure server infrastructure with regular security updates
  • Access controls limiting who can view your information
  • Regular security audits and vulnerability assessments
  • Employee training on data protection practices
  • Secure backup procedures

While we employ robust security measures, no system is completely impervious to threats. We cannot guarantee absolute security but maintain vigilance in protecting your data.

Data Retention

We retain personal information only as long as necessary for the purposes outlined in this policy or as required by law. Specific retention periods include:

  • Client service records: Retained for seven years following service completion, as required by financial regulations
  • Email correspondence: Retained for the duration of our relationship and seven years thereafter
  • Website analytics data: Retained for 26 months
  • Marketing communications: Until you unsubscribe or request deletion

After retention periods expire, we securely delete or anonymize your information so it no longer identifies you.

Third-Party Service Providers

We engage select third-party service providers who assist with business operations. These providers may access your information only to perform specific tasks on our behalf and are obligated to protect it. Categories of third parties include:

  • Cloud hosting providers for website and data storage
  • Email communication platforms
  • Analytics services helping us understand website usage
  • Payment processors for service fees

We carefully vet all service providers to ensure they maintain appropriate data protection standards and use your information solely for specified purposes.

International Data Transfers

Your information is primarily stored and processed within the United Kingdom. In some cases, our service providers may process data outside the UK. When this occurs, we ensure adequate safeguards are in place through:

  • Standard contractual clauses approved by regulatory authorities
  • Verification that recipient countries provide adequate data protection
  • Additional security measures where necessary

Your Rights

Under UK data protection legislation, you have several rights regarding your personal information:

  • Access: Request copies of personal information we hold about you
  • Rectification: Request correction of inaccurate or incomplete information
  • Erasure: Request deletion of your personal information in certain circumstances
  • Restriction: Request limitation on how we process your information
  • Portability: Receive your information in a structured, commonly used format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw previously given consent at any time

To exercise these rights, contact us at [email protected]. We will respond within one month, though complex requests may require additional time.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies. For detailed information about the cookies we use and how to manage them, please refer to our Cookies Policy.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we will update the date at the top of this page and may notify you through other means such as email.

We encourage you to review this policy periodically to stay informed about how we protect your information.

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.

Contact Information

If you have questions about this Privacy Policy or how we handle your personal information, please contact us:

Email: [email protected]
Address: 42 Cheapside, London EC2V 6AA, United Kingdom

Regulatory Authority

If you believe we have not handled your personal information appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator:

Website: ico.org.uk
Telephone: 0303 123 1113