Privacy Policy

The Buy to Let Business is committed to protecting the privacy and confidentiality of information provided by its customers and upholding data protection principles.


This Privacy Notice applies to the use and processing of personal information collected by The Buy to Let Business Limited and its trading styles Dynamo, Dynamo for Intermediaries, The Good Mortgage Company. The ICO registration number for this company is Z9331443.

The phrases “us”, “we” or “our” will mean The Buy to Let Business Limited and all trading styles on behalf of and in respect of whom this Privacy Notice is made. Any reference to “you” or “your” refers to anyone whose personal information we process.

For information concerning the collection, use and processing of personal information by any of our third-party business partners or suppliers, please contact our representative with whom you usually deal.



  1. Personal data. This is information, or any combination of separate pieces of information, that could be used to identify you
  2. Special categories of personal data. This is information which is classified as sensitive (for example details of your health)

Please read this Privacy Notice carefully. If you have any questions about this notice or our use of your personal data, please contact the The Buy to Let Business Data Protection Officer:

By email to or;

In writing to:

Cumbria House 
16–20 Hockliffe Street
Leighton Buzzard

The Buy to Let Business Limited is part of the Connells Group, and all data protection matters are managed at Group level.



When you enquire or register for products and services provided by The Buy to Let Business Limited we may collect personal information from a variety of sources.

The majority of the personal information which we collect will have been provided by you during the course of your relationship with us either through face-to-face contact, by telephone, email or electronic communications such as messaging or through the internet.

However, we may also obtain your personal data from other sources including:

  • Information we collect when you visit our websites
  • Other Connells Group companies
  • Companies which support advertising services that promote our services including, social media sites (such as Facebook and Twitter) and online advertising platforms (such as Google Adwords)
  • Information provided to us by other third parties, as part of a service we are providing to you or our customers such as
  • Next of kin / delegated authorities
  • Business associates
  • Employers
  • ‘Trusted Sources’:
    • Government / Land / Police registers
    • Credit / Default Agencies
    • Financial Institutes (Banks, Building Societies, Loan Agencies, Credit Card companies)
    • Insurance Companies
    • Other Law firms
    • Health providers
    • Third party service affiliates or suppliers who have sought your consent 
  • Other publicly available sources such as the electoral roll and HM Land Registry

We will always attempt to provide you with our Privacy Notice in regards to information received from other sources than yourself if it is not deemed to be disproportionate or prejudicial.



4.1 Information we collect directly from you

Depending on the type of service or product we are discussing, the following are examples of information we may collect directly from you:


Information and documents we may collect directly from you   Why we collect it
Your name and any previous names or aliases, gender, mother’s maiden name, date of birth, contact telephone numbers and contact email address, current address and previous addresses, details of your health and family history, information about your status and dependents including their date of birth, your nationality, bank account details, savings and investments, existing financial commitments and personal expenditure, your credit history, your mortgage requirements and existing protection arrangements   To inquire or apply for mortgage or protection products on your behalf
Your date of birth, nationality and details from identity documents you provide   To perform ‘know your client’, anti-money laundering, as required by law
Your bank account details or payment card information   Processing payments and transactions including: Accounting, Authorisation, Clearing, Chargebacks, Auditing, Billing, Reconciliation, Collection, Credit Checks and related dispute resolution activities
Details of your mortgage arrangements, confirmation of how long you have owned the property and details of the source of monies invested in the property   To undertake to know your client and anti-money laundering checks
Your marital status, employment details, national insurance number, nationality, residential status, bank details and credit history   To carry out referencing and credit checks and the results of those checks
Bank Statements, Mortgage Statement, Proof of deposit, Payslips and P60, Accounts, SA302’s & SA100’s, Tax Year Overviews, ID and proof of address, ASTs.   Supporting your mortgage and/or insurance application


When you ask us to help you with your life, critical illness or income protection insurances, and we collect personal information from you which is of a sensitive nature, we treat this ‘special category’ information in accordance with the additional protection it is given under data protection laws.

We may, during the course of your relationship with us, request additional information from you which is relevant to the provision of specific services.

Any telephone calls either to or from our customer service teams may be monitored for training, compliance and security.


4.2 Information we collect on our websites

We use cookies and other technologies to collect information when you visit our web sites. Details of how we use cookies in our Cookie Policy.


4.3 Information we obtain from other Connells Group companies

For activities related to providing advice on regulated mortgages and non-investment insurance contracts, The Buy to Let Business is a wholly owned subsidiary of Connells Ltd and may share your information within the Group.

Connells Ltd is authorised and regulated by the Financial Conduct Authority; the Financial Services Register number is 302221.


4.4 Information we obtain from third parties

Where we are required by law, or for business needs, we will obtain information about you from third parties, but only after we have your agreement to do so. For example (but not limited to) the third parties we may need to contact our credit reference agencies, banks, employers, accountants and solicitors in order to obtain references, undertake identity verification and basic criminal record checks, and validate your income level and financial history.


4.5 Circumstances under which criminal disclosures will be collected

The arrangement of certain types of insurance may involve disclosure by you to us of information relating to historic or current criminal convictions or offences. This is relevant to insurance related activities such as underwriting, claims and fraud management.

When we process any Criminal Disclosures we do so on the basis that it is in the substantial public interest to be able to provide vital insurance products as permitted by UK data protection-related laws and regulations from time to time. Information on Criminal Disclosures must be capable of being exchanged freely between insurance intermediaries such as us and insurance providers, to enable customers to secure the important insurance protection that they require.



We will process the information you provide or we obtain from other sources to provide you with products and services and answer any questions you may have. 

The following are examples of how we use the information we collect:

  • To process your registration and confirm your identity
  • To arrange a survey and valuations
  • To provide advice on financial products and services, such as mortgages, insurance and protection products
  • To keep you informed of any developments in relation to any mortgage product, protection product or insurance product which we help you to take out;
  • To provide conveyancing services
  • To provide will writing and associated legal services
  • To provide property auction services
  • To process payment for our services 
  • To protect against and prevent fraud, unauthorised transactions, money laundering, tax evasion, claims, other liabilities and manage risk exposure and agent or franchise quality, integrity, compliance and security of business processes
  • To provide, administer and communicate with you about Connells Group  products, services, offers, programs and promotions, their issuers, acquirers, retailers and partners
  • To arrange an energy performance certificate or home report inspection
  • To compile business directories, including business contact information and maintain up to date client records
  • To operate, monitor, evaluate and improve our products, services and websites
  • To evaluate your interest in and suitability for employment


5.1 Customer surveys

From time to time we may provide your information to our customer service agencies for research, survey and analysis purposes so that we can monitor and improve the services we provide. We or our agents and sub-contractors may occasionally contact you including by post, email or telephone to ask you for your feedback and comments on our services.


5.2 Information about our products and services

We may also use your personal data to contact you by post, email, telephone or other electronic means to provide you with information about products and services from the Connells Group and carefully selected third parties which we feel may be of interest or relevant to your needs.


5.3 Credit scoring

Some of the services provided by third parties may involve an automated decision and/or credit scoring to determine whether we are able to provide a service or product. 

Using third parties to undertake searches and collate information on our behalf helps make fair and responsible decisions. When coming to these decisions the third parties will consider:

  • The information provided on the application form
  • Information about previous account conduct, including any payment arrears  and
  • Official public records information such as fraud record information and insolvency records

Any credit scoring methods used by third parties are regularly tested to ensure they remain fair, effective and unbiased.



We may share your information both within the Connells Group of companies and also relevant third party business partners, both for the purposes set out in this Privacy Notice, or for other purposes approved by you.


6.1 Connells Group

We may share information within the Connells Group of companies for the following purposes:

  • Where services are provided by one Connells Group Company to another pursuant to an intra-company
  • For the purpose of administering our business
  • To provide you with information about products and services
  • For any other purpose agreed by you


6.2 Third party service providers

Where we engage third party service providers to provide products (such as mortgages, house and contents and family protection insurances and utility services) or other business services and operations, we provide them with only the personal information they need to perform the service or provide the product we request. We contractually require them to securely protect the information, and not to use it for any other purpose.
Indicatively – but not limited to – we may disclose your information to the third parties listed below for the purposes listed:


Third party   Why we share your personal information
Surveyors   To undertake a structural or Homebuyers survey
Firms on our conveyancing panel   To provide home conveyancing services
Our panels of mortgage lenders   To progress your enquiry or application for a residential or buy to let mortgage application
Our panel of insurance providers   To progress your enquiry or application for buildings and contents insurance
Our panel of protection providers   To progress your enquiry or application for term insurance, critical illness cover and income protection 
Referencing Companies; Credas  

To check your creditworthiness and to help prevent fraud and money laundering.

For fraud prevention, anti-money laundering checks and identity verification
Law enforcement bodies including the police, HMRC and local authorities   To comply with court orders or legal obligations
Debt collection companies   To assist us in recovering any monies which are owed and overdue
Land Registry Office, Her Majesty’s Revenue and Customs (HMRC)    
Other estate agents and parties involved in the sale or purchase of your property   To support the progression of the sales chain


We may provide a link from our website to Google Maps, to show the location of our office. If you use or access Google Maps you are bound by the Google Maps/Google Earth Additional Terms of Service including the Google Privacy Policy



The Buy to Let Business Limited processes your information under any of the following lawful conditions:   

  1. Performance of a contract -  this is where the collection and processing of your data is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract
  2. Legal obligation - this is where the collection and processing of your data is necessary for compliance with a legal obligation, for example, verification of identity and fraud prevention
  3. Consent  - where we process information under consent we will seek your clear and unambiguous consent before processing your data, for example, to send and/or receive marketing information from other Connells Group companies
  4. Legitimate interests - some information is processed by The Buy to Let Business Limited as part of its legitimate interests which include network and information security, direct marketing, web analytics, updating customer details, lettings, sales, and other core services provided. We may also process further information for Fraud prevention and detection, Risk assessment, due diligence, Training, communication and awareness, Profiling, Acquisitions, Management Information, Compliance and Audit self-assessments.



Connells Group may use direct or anonymised information to engage in data analysis, data matching and profiling activities for a variety of purposes, including, but not limited to:  

  • Business conduct 
  • Investigation and identification of fraud, money laundering and other potential unauthorised activities,
  • Financial Viability analysis / reports
  • Business partner / client portfolio position, performance, risk positions
  • Anti-money laundering
  • Tax reporting
  • Credit defaulting / exposure



We may transfer or otherwise process your personal information:  

  • As part of the sale of a Connells Group business to another company, or in relation to the purchase of another business
  • To enforce our terms and conditions 
  • When required by law and/or government authorities
  • When requested by any consumer ombudsman or trade association



We will keep your information for as long as is reasonably necessary for the purposes set out in this privacy notice, and to fulfil our legal and regulatory obligations.

In certain circumstances we have a statutory obligation to keep your personal information for a set period of time, for example, financial information (normally 7 years) for financial auditing purposes. Information is always retained in line with its purpose of processing and only for as long as necessary usually, information is kept for 7 years after last contact with you. However, this period may be extended dependent upon any legal or contractual obligations Connells Group may be required to comply with, as well as any overriding business legitimate interests. 

For further information about how long we will keep your information, please contact the Connells Group Data Protection Officer by email. 



Your rights
  1. Your right of access – you have the right to ask us for copies of your Personal Data. Exemptions within the legislation could mean that you may not receive all the information we process. If this is applicable an explanation will be provided to you within our response.
  2. Your right to rectification – you have the right to request that inaccurate information is rectified and incomplete information completed.
  3. Your right to erasure – you have the right to request your personal information be deleted by us in certain circumstances.
  4. Your right to restrict processing – you have the right to ask us to restrict the processing of your personal information in certain circumstances.
  5. Your right to object to processing – you have the right to object to the processing of your personal information in certain circumstances.
  6. Your right to data portability – you have the right to request whether and to where we may have transferred your personal data.
  7. Rights related to automated decision making and profiling – you have the right not to be subjected to a decision based solely on automated processing (including profiling) which may significantly affect you.

If you would like to make a request to exercise any of your individual rights described in this section, please email or write to the Compliance Team, Dynamo, Building Eight, Watchmoor Park, Camberley, Surrey, GU15 3YL. Upon receipt of your request, The Company will carry out a review and a response determining our decision will be provided to you within the recommended timescales.

Should we feel the need to verify your identity, identification will be requested within the one month time frame and only limited to what is necessary for confirmation. Once we are satisfied we will then process your request. 

Should we refuse to comply with a request we will inform you of this within the one month time frame and provide an explanation outlining our justification, our internal complaints procedure and your right to complain to a supervisory authority and to enforce your rights through a judicial remedy.



We store your personal information on our computer systems and in our paper records.

We have implemented strict security procedures to ensure that personal information is not damaged, destroyed or misused, and to prevent unauthorised access to your information.
The information that we collect is stored in a secure facility with restricted physical access.

We also use a number of security measures to prevent electronic access.

Where – in line with this Privacy Notice – information is shared with third parties, similar security measures are used to protect your information.



If we need to transfer data outside the European Economic Area (EEA) and the country it’s transferred to is not on an approved list for having adequate security controls in place, we will limit when we do this and the amount of personal data we send. We will also ensure that there is adequate protection in place before sending anything to other countries outside the EEA by imposing contractual obligations on the recipients to ensure the security and confidentiality of your data.


We do not offer any products or services to children. In certain circumstances we may need to collect the name and date of birth of children from mortgage or protection applicants and share this with the selected mortgage or protection provider.


Our websites, other electronic portals and documentation may provide links to other websites for your convenience and information. These may operate independently from us and have their own privacy notices or policies, which we strongly suggest you review.

Where linked websites are not owned or controlled by us, we are not responsible for their content or data privacy practices.


When you provide us with this information, you agree to the collection, use and sharing of your information in accordance with this data privacy notice. Our promise to you is that:

  • We’ll work with other businesses to put together offers we think you might like
  • You are in control of your data
  • You can change your privacy settings at any time
  • If you don’t think the data is correct tell us and well put it right
  • We will keep your data secure
  • We also promise to collect, process store and share your data safely and securely and to make sure the businesses we work with do the same

Contact information

You can exercise your rights, raise a query or concern, report a breach or make a complaint by contacting The Buy to Let business Limited or: 


Writing to: 

Compliance Department 
Building Eight
Watchmoor Park
GU15 3YL

To assist us in responding to your request in a timely and satisfactory manner please provide as much detail as possible during your contact with us.

How to lodge a complaint

If you remain unsatisfied with the way in which The Buy to Let Business or Connells Group have handled your data or dealt with your request / complaint you have a right to raise this with the relevant Supervisory Authority and to seek to enforce your rights through a judicial remedy.

UK Information Commissioner’s Office 
Wycliffe House
Water Lane
Tel: 0303 123 1113 

The ICO currently recommends you contact them within 3 months of your last contact with us. 


We will occasionally update our Privacy Notice, so we suggest that you review this Notice from time to time. If we make substantial changes to our Privacy Notice, we will endeavour to inform you directly about these changes.

Date updated – 24/02/2023 

Contact Us

Trading office: Building Eight,
Watchmoor Park, Camberley,
Surrey, GU15 3YL
Registered in England No. 5695802

Tel. 0800 170 1888