Privacy Policy
Last updated: January 2025
Claritax Accountants ("we", "us", "our") is committed to protecting and respecting your privacy. This policy sets out how we collect, use and protect any personal information you provide to us, and explains your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We are registered with the Information Commissioner's Office (ICO). Our registered data controller details are available on the ICO register.
1. Information we collect
We may collect and process the following personal data about you:
- Identity data: name, date of birth, National Insurance number, Unique Taxpayer Reference (UTR)
- Contact data: postal address, email address, telephone numbers
- Financial data: bank account details, income and expense information, tax records
- Business data: company name, company registration number, VAT registration number
- Usage data: information about how you use our website
- Marketing data: your preferences for receiving marketing communications from us
2. How we collect your information
We collect personal data through:
- Direct interactions — when you complete our contact form, email us, call us or engage us as a client
- Our website — including cookies and similar tracking technologies (see our Cookie Policy)
- Third parties — such as HMRC, Companies House, or previous accountants where you have authorised us to act as your agent
3. How we use your information
We use your personal data for the following purposes:
- To provide accountancy, tax and related professional services to you
- To comply with our legal and regulatory obligations (including HMRC reporting requirements)
- To manage our relationship with you, including sending you service-related communications
- To respond to your enquiries
- To improve our website and services
- To send you marketing communications (where you have consented, or where we have a legitimate interest)
4. Legal basis for processing
We process your personal data on the following legal bases:
- Contract performance: processing necessary to deliver our accountancy services to you
- Legal obligation: processing required to comply with our legal and regulatory obligations
- Legitimate interests: processing necessary for our legitimate business interests (such as improving our services and preventing fraud)
- Consent: where you have given us explicit consent to process your data for a specific purpose (such as marketing)
5. Sharing your information
We may share your personal data with:
- HMRC, Companies House and other regulatory bodies where required
- Third-party service providers who assist us in delivering our services (e.g. cloud accounting software providers, document management systems)
- Professional advisers such as lawyers and insurers
- Our professional body (CIPFA) for regulatory compliance purposes
We require all third parties to respect the security of your personal data and treat it in accordance with applicable data protection law. We do not sell your personal data to third parties.
6. Data retention
We retain personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting or reporting requirements. Client files are generally retained for a minimum of seven years following the end of the client relationship, in accordance with CIPFA professional standards and HMRC requirements.
7. Your rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access — to request a copy of the personal data we hold about you
- Right to rectification — to request correction of inaccurate data
- Right to erasure — to request deletion of your data in certain circumstances
- Right to restrict processing — to request that we limit how we use your data
- Right to data portability — to receive your data in a structured, machine-readable format
- Right to object — to object to processing based on legitimate interests or for direct marketing
To exercise any of these rights, please contact us at hello@claritax.uk. We will respond within one month of receiving your request.
8. Cookies
Our website uses cookies to enhance your browsing experience. Please see our Cookie Policy for full details of the cookies we use and how to manage them.
9. Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. All client data is stored on secure, encrypted cloud systems with restricted access.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the date at the top of this page. We encourage you to review this policy periodically.
11. Contact us
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your personal data lawfully.