MorganAsh Limited, which is registered in the UK, as company number 04955931, is the data controller.

We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws. This is the UK’s implementation of the General Data Protection Regulation (UK GDPR), which sits alongside the Data Protection Act 2018.

Like most websites today, our website uses what are known as ‘cookies’. Our cookies are not sinister – they are simply small files, placed on your computer by your browser, to help us provide a better service. We do this to help us understand things such as how many people visit the various parts of our website.

Our cookies do not identify you personally. If we need personal information (such as when you ask us to contact you) we are always upfront about it. We do our best to make it clear, not only when we collect personal information, but also what we intend to do with it.

Why do I have to agree to the use of cookies?

You don’t – you can agree, or you can opt out. Like all websites in the UK, we have to tell you that our website uses cookies and provide a mechanism for you to opt out of their use. You’ll see this notice at the foot of every page, until you agree – at which point the notice disappears.

You can control cookies using your browser

Typically, your Web browser software will allow you to control cookies through its settings. For details on how to do this, please refer to the browser’s help files or the manufacturer’s support pages.

The information we may collect and how we use it

This website collects a limited amount of personally identifiable data and then only what is needed to conduct our business in a timely and effective manner. Data collection is limited to:

  • Website analytics
  • Social media sharing
  • Enquiries and visitor-driven contact

Website analytics

We use Google Analytics to measure website traffic in order to provide the best content and service possible. This is essential to our business in terms of planning marketing and product development. Google Analytics does not personally identify a website visitor to us, although Google may use data gathered to provide a better service. MorganAsh is not responsible for how Google uses data it gathers. If you do not wish to be tracked by Google, you can opt out here.

Social media

This website uses a social media plugin, to enable visitors to more easily share pages on social networks. In order to do this effectively it needs to use cookies. We are currently using the AddThis plugin (owned by Oracle). This does not install tracking software on your computer. It does not have access to any information which can personally identify you. Our website does contribute to collecting data for the purposes of understanding online behavioural advertising. You can find out more on the Oracle website. You can also opt out of this data collection.

Enquiries and visitor-driven contact

In order for visitors to contact us, and for us to respond, it is necessary to collect and store personally identifiable data which includes, but is not limited to:

  • Names
  • Company names
  • Job roles or titles
  • Addresses
  • E-mail addresses
  • Telephone numbers

Additionally, it is usual for us to be provided with contact information for other people within a client organisation, or within their nominated third-party suppliers and partners. Permission to supply this information to us is assumed upon its receipt and the information is used only for the purpose of fulfilling service obligations to our clients. 

We use ActiveCampaign as our marketing and customer-relationship management platform. By contacting MorganAsh, you acknowledge that the information you provide will be transferred to ActiveCampaign for processing, in accordance with their Terms of Service and Privacy Policy. Our contact forms carry a notice to state this.

Your rights

In addition to the right of access to your data, you also have the following rights: erasure, restriction of processing, objection and data portability.

Retention of your data

Data is retained no longer than is necessary. However, unless a client has formally terminated a relationship, the data is kept with the sole purpose of meeting that client’s needs in the future. As outlined above, we may be required to provide trusted third parties with access to materials needed to perform their roles; in order for them to provide an effective service to us, it is expected that they retain these materials unless we specify otherwise. Any information, data or documents provided to trusted third parties is limited to what is required for them to execute their roles.

Withdrawal of consent

If you have provided us with your consent to process your data, for the purpose of using our services, you have the right to withdraw this at any time. In order to do so, please contact us by e-mailing


If you have a concern about the way we collect and/or use your personal data, you should raise your concern with us in the first instance.


Please address any questions, comments and requests regarding our data-processing practices to the managing director, via

Changes to the privacy notice

This privacy notice may be changed at any time.

Our clients say:

To meet vulnerability and impending consumer duty requirements, firms need to understand the characteristics of their customers – and be able to manage and report the conduct risk. A move to more structured assessments that can provide consistent and objective data will provide management information that firms can utilise. The resilience rating within the MARS tool would appear to be a positive first step.

Robert Sinclair, Chief Executive at Association of Mortgage Intermediaries