Privacy Statement & How we use Cookies

Visitors to our websites

When someone visits our website, we use a third party service, (namely Google Analytics), to collect standard internet log information and details of visitor behaviour patterns. We do this to find out the number of visitors to the various parts of the site. This information is processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do collect any personally identifiable information through our website, it will be obvious to you. We will make it clear when we collect personal information and will explain what we intend to do with it. This privacy policy sets out how Rochester & Associates Ltd uses and protects any information that you give us when you use this website. Rochester & Associates Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Rochester & Associates Ltd may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

We may collect the following information

If you complete any of our online forms we may collect any of the following bits of information:

What we do with the information we gather

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. We require this information to understand your needs and provide you with a better service, legitimate business interests, and in particular for the following reasons: We DO NOT share your information with any 3rd parties, unless that is required to provide the service (such as the online backup) – where this is the case we will provide documentation in regard to the privacy of your data upon request. For all information required for us to provide our services, we only keep your data for the duration of our business interest, or your contact with us. Any data held for marketing purposes is obtained by active consent, stored until you request removal, and is securely deleted otherwise.

Use of cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The types of cookies we use are: We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes anonymously. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer though this may prevent you from taking full advantage of the website.

Links to other websites

Our website may contain links to enable you to visit other websites of interest easily, however, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.


We use a third party provider, MailChimp, to deliver our monthly e-newsletters. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter.


We use a third party software called, WordPress to publish this website, and our blog. We use the standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it.

People who call us

When you call us we may ask for information to be able to contact you. This information will be stored in our database for future reference, for legitimate business interests or general contact use. We do not pass this information to 3rd parties. This information will be stored for the duration of our business together or until you request removal. Once our business together is concluded we will retain this information for a period of 3 months whereafter it will be removed.

People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government guidelines. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected during transmission. We also monitor all emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send does not contain any malicious code.

People who make a complaint to us

Rochester & Associates try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis. We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for the stated duration from closure. It will be retained in a secure (encrypted) environment and access to it will be restricted according to a ‘need to know’ principle.

People who use our services

Rochester & Associates Ltd offers various services to businesses. We may use a third party to deal with some requests, but they are only allowed to use the information you allow us to send them (such as contact details). We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. When people do subscribe to our services, they can cancel their subscription at any time using the unsubscribe link on that service.

Reporting a breach

In the event of a breach we will contact the ICO within 72 hours of noting the breach and contact those effected thereafter with details.

Your rights

Under the GDPR 2018, you have rights as an individual which you can exercise in relation to the information we hold about you. You can read more about these rights here – You may choose to remove your data or restrict the collection or use of your personal information in the following ways: Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used for direct marketing purposes. if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. You may request details of personal information which we hold about you under the GDPR. A small fee will be payable. If you would like a copy of the information held on you please write to the address on our contact page stating your request for information. If you believe that any information we are holding on you is incorrect or incomplete, please call, write to or email us as soon as possible, at the above address or here. We will promptly correct any information found to be incorrect. At any time you can unsubscribe from our legitimate business interests by using the link on the bottom of the emails. You may request us to remove all your data, but this will impair our ability to perform our duties to you. In this case we may refuse to perform certain services under that circumstance. If you do wish to make a request for deletion please contact us and we’ll discuss submitting a formal request for deletion at that time. Please be aware that due to the nature of our business and the fact that we back up all data as a matter of course, your request to be deleted may take some time before the records are purged from our systems.

Access to personal information

Rochester & Associates try to be as open as we can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the GDPR. If we do hold information about you we will: give you a description of it; tell you why we are holding it; tell you who it could be disclosed to; and let you have a copy of the information in an intelligible form. To make a request to us for any personal information we may hold you need to put the request in writing addressing it to our Information Governance department, to the address provided here. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone. For any information we hold about you, you can ask us to correct any mistakes by, once again, contacting our Information Governance department.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Disclosure of personal information

In the vast majority of circumstances we will not disclose personal data without consent. However when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies. Further information is available in our Information Charter about the factors we shall consider when deciding whether information should be disclosed.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 22 May 2018.

How to contact us

This privacy notice was drafted with brevity and clarity in mind. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent using the contact details here. rofiling we do with user data

Industry regulatory disclosure requirements