Statement on GDPR compliance
We take your privacy seriously and are committed to handling your personal information in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and the ethical and professional standards set out by the Institute of Chartered Accountants in England and Wales (ICAEW).
We are registered with the Information Commissioner’s Office (ICO) as a data controller and are committed to being transparent about how and why we collect and use personal data.
Last Updated: 28 July 2025
We are registered with the Information Commissioner’s Office (ICO) as a data controller and are committed to being transparent about how and why we collect and use personal data.
- We may hold your own or your client’s details which may include names, private addresses, date of birth, tax and NI references, company number (if applicable), employer’s reference and name (if applicable), business details (if applicable) and details of past and present taxable income and gains and data on other taxes.
- We only hold this data to allow us to provide accountancy and tax compliance and tax advisory services (if applicable).
- We retain data for as long as statute or regulations demand.
- We hold data electronically and on paper.
- We normally destroy files after six years.
- Our computer hard drives are destroyed before disposal.
- We do not share your information with third parties unless required by law or necessary for the delivery of our services (e.g., with HMRC or regulated third-party software providers). Our IT support (outsourced) may work on programmes that hold that data.
- We store data via third party applications including Dropbox, Microsoft and Google products.
- We process and store data on our tax and accounting software, some of which is cloud based.
- We will only share data with HMRC and HM Courts and Tribunal’s service, during the course of an enquiry or investigation or tax appeal if:
a) We authorised to do so by the taxpayer, or
b) In the case of a Schedule 36 FA 2008 Information Notice, we have either been so authorised by a tribunal or we are compelled to provide data under the terms of a third party notice. - We may use third party contractors in our business, and they are required to sign a ‘Fit and proper’ declaration which includes a declaration that they will not remove data or pass on data to other parties.
- You have the right to access, amend, or request deletion of your personal data at any time, subject to legal and regulatory requirements.
Last Updated: 28 July 2025
