Privacy Policy

Last updated: 30 June 2026

1. Who we are

FT ClientFlow is operated by Ferguson Technologies Ltd (“we”, “us”, “our”), a company registered in England and Wales. We provide a practice management platform for UK financial advice firms (“Firm”, “you”) and, where applicable, the clients of those firms (“Client Users”).

We act as a data processor in respect of client data that a Firm uploads or enters into the platform, and as a data controller in respect of account, billing, and usage data relating to the Firm and its users. This split of responsibility is set out in more detail in our Data Processing Agreement.

2. Data we collect

We collect and process the following categories of data:

  • Account data: name, work email, password hash, firm name, role, and login activity.
  • Client data (entered by Firms): names, contact details, financial and investment information, meeting notes, and documents uploaded to manage advisory relationships.
  • Billing data: subscription plan, billing address, and transaction history. Card details are processed directly by Stripe and are never stored on our servers.
  • Usage data: device, browser, IP address, pages visited, and feature usage, collected to maintain and improve the service.
  • Communications: records of support requests and correspondence with us.

3. Legal basis for processing

  • Contract: to provide the service you have subscribed to.
  • Legitimate interests: to secure, maintain, and improve the platform, and to communicate essential service updates.
  • Consent: for optional cookies and marketing communications, which you can withdraw at any time.
  • Legal obligation: where we are required to retain or disclose data, for example for tax or regulatory purposes.

4. How we use data

We use data to operate the platform, including authenticating users, generating AI-assisted documents you request (suitability reports, meeting summaries, client correspondence), processing payments, providing customer support, and maintaining the security and integrity of the service. We do not sell personal data, and we do not use Firm or client data to train third-party AI models beyond the single request needed to generate the output you asked for.

5. Sub-processors

We share data with the following sub-processors, each bound by a data processing agreement:

  • Supabase — database hosting and authentication
  • Vercel — application hosting and content delivery
  • OpenAI — AI text generation for documents you request
  • Resend — transactional email delivery
  • Stripe — payment processing
  • SignWell — e-signature collection, where this feature is used
  • Twilio — SMS notifications, where this feature is enabled

An up-to-date sub-processor list is available on request at hello@fergusontech.co.uk.

6. International transfers

Our infrastructure is hosted with providers that may process data outside the UK. Where this occurs, we rely on adequacy regulations or the UK International Data Transfer Addendum to ensure data receives an equivalent standard of protection.

7. Data retention

We retain Firm and client data for as long as your subscription is active, plus a limited period afterward to allow for account recovery, followed by deletion or anonymisation, except where we are required by law to retain it for longer. You can request deletion of your data at any time, subject to regulatory record-keeping obligations that apply to FCA-regulated firms.

8. Security

Data is encrypted in transit (TLS 1.3) and at rest. Access to production data is restricted to authorised personnel and logged. See our Security page for further detail.

9. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request erasure of your data, subject to legal retention requirements
  • Restrict or object to certain processing
  • Receive your data in a portable format
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise any of these rights, contact us at hello@fergusontech.co.uk.

10. Cookies

We use essential cookies required for the platform to function, and optional analytics cookies that are only set with your consent. You can manage your preferences at any time via the cookie banner shown on first visit, or by clearing cookies in your browser.

11. Changes to this policy

We will post any changes to this policy on this page and update the “last updated” date above. Material changes will be communicated to active account holders by email.

12. Contact

Ferguson Technologies Ltd. For any privacy queries, including data subject access requests, contact hello@fergusontech.co.uk.