Privacy Policy

1. Contact details

Email: info@taxtidy.co.uk

Phone: 01827 794562

Postal address: [Insert business address]

Data Protection Officer (if applicable): [Insert name/contact] / Not applicable

2. Personal data we may collect

Depending on how you interact with us, we may collect:

• Identity and contact details (e.g., name, business name, email address, telephone number, postal address)
• Enquiry information (e.g., messages you send to us, service interests, appointment requests)
• Client/service data (e.g., information required to provide bookkeeping/accounting/tax-related services)
• Technical data (e.g., IP address, browser type, device information, pages visited) via cookies or similar technologies

Please do not submit special category data via website forms unless we ask you to and it is necessary for the services you request.

3. How we use your personal data

We use personal data for purposes such as:

• Responding to enquiries and providing customer support
• Providing our services (including onboarding, delivering agreed work, and ongoing client administration)
• Managing our relationship with you (including communications about services)
• Improving our website, services, and user experience
• Meeting legal, regulatory, and professional obligations
• Protecting our business from fraud and security incidents

4. Lawful bases for processing

We process personal data under one or more lawful bases, depending on the context:

• Contract: where processing is necessary to provide services or take steps at your request prior to entering a contract
• Legitimate interests: where necessary for our legitimate interests (e.g., operating and improving our business and website), provided those interests are not overridden by your rights
• Legal obligation: where necessary to comply with laws and regulations
• Consent: where required (e.g., certain cookies; and marketing where consent is the appropriate basis)

Where we rely on consent, you can withdraw it at any time (this will not affect the lawfulness of processing before withdrawal).

5. Who we share personal data with

We may share personal data with trusted third parties where necessary, such as:

• IT and website hosting providers
• Email and communications providers
• Professional advisers (e.g., legal, accounting, compliance) where appropriate
• Regulators, HMRC, or other authorities where required by law or where relevant to your engagement (and with appropriate authority)

We require service providers to protect personal data and only process it in line with our instructions and applicable law.

6. International transfers

Some of our suppliers may process data outside the UK. Where personal data is transferred internationally, we take steps to ensure appropriate safeguards are in place (for example, use of adequacy regulations or approved contractual clauses).

Note: Confirm and list the key suppliers/tools you use (e.g., analytics, forms, CRM, hosting) and whether they involve international transfers.

7. How long we keep personal data

We keep personal data only as long as necessary for the purposes set out in this policy, including to meet legal, accounting, or regulatory requirements. Retention periods depend on the nature of the data and why we hold it.

Optional: Add a simple retention summary (e.g., enquiry data for X months; client files for Y years in line with legal/professional obligations).

8. How we keep personal data secure

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. Access is restricted to those who need it for legitimate business purposes.

9. Your data protection rights

Under UK data protection law, you may have rights including:

• Access to your personal data
• Correction of inaccurate or incomplete data
• Erasure (in certain circumstances)
• Restriction of processing (in certain circumstances)
• Data portability (in certain circumstances)
• Objection to processing (particularly where based on legitimate interests or for direct marketing)
• Withdrawal of consent (where processing is based on consent)

To exercise your rights, contact us using the details above.

10. Complaints

If you have concerns about how we handle your personal data, please contact us first so we can try to resolve it.

You also have the right to complain to the Information Commissioner’s Office (ICO). Details are available on the ICO website.

11. Cookies and analytics

We use cookies and similar technologies to make our website work and to understand how it is used.

Where required, we will ask for your consent before setting non-essential cookies. You can change your cookie preferences at any time via [insert cookie settings link].

Optional: Add a separate Cookie Policy page listing the cookies you use (name, purpose, duration, and provider).

12. Marketing communications

We may send service-related messages where necessary (for example, to respond to enquiries or manage an existing client relationship).

If we send marketing communications, we will do so in line with applicable law. You can opt out of marketing at any time by using the unsubscribe link (where provided) or by contacting us.

13. Children

This website and our services are not intended for children, and we do not knowingly collect personal data from children.

14. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date above shows when it was most recently revised.