1. Data Controller Information
Protax Consultants acts as the Data Controller for the personal information collected through this website and during the provision of our professional services.
- Website: https://www.protax.org.uk/
Scope: This policy applies to website visitors, prospective clients, and current clients.
2. The Data We Collect
To provide accurate accounting, tax, and business advisory services, we may collect and process the following categories of data:
Personal Identification Information
- Names and titles
- Business and residential addresses
- Email addresses and telephone numbers
- National Insurance (NI) numbers
- Unique Taxpayer References (UTR)
- Director and shareholder details
Financial & Business Data
- Bank account details (for processing payments or refunds)
- Income and expenditure records
- Payroll and employee information
- VAT registration details
- Invoicing and transactional data
Technical Data (Website Visitors)
- IP addresses
- Browser type and version
- Device information
- Usage data regarding how you interact with our website
3. Legal Basis for Processing
Under UK data protection laws, we rely on the following legal bases to process your data:
Contractual Necessity
Processing is required to fulfill our engagement with you (e.g., preparing accounts, processing payroll, or filing tax returns).
Legal Obligation
As regulated professionals, we must comply with statutory requirements, including:
- Anti-Money Laundering (AML) regulations
- HMRC reporting requirements
- ACCA professional standards
- Record-keeping for tax audit purposes
Legitimate Interests
We may use data to respond to inquiries, improve our website, or prevent fraud, provided these interests do not override your rights.
Consent
Where applicable, we obtain explicit consent (e.g., for marketing communications), which can be withdrawn at any time.
4. How We Use Your Data
Protax Consultants uses collected data solely for professional and administrative purposes, including:
- Preparing and submitting statutory accounts and tax returns
- Communicating with HMRC and Companies House on your behalf
- Verifying identity for Anti-Money Laundering (AML) checks
- Managing payroll and workplace pensions
- Responding to inquiries submitted via our Contact page
- Invoicing and account management
- Sending crucial tax updates or regulatory alerts relevant to your business
5. Data Sharing & Third Parties
We do not sell, trade, or rent your personal data to third parties. Data may be shared strictly for professional service delivery with:
- HMRC & Companies House: For mandatory statutory filings.
- Software Providers: Cloud accounting platforms (e.g., Xero, QuickBooks) used to manage your records.
- Regulatory Bodies: Such as the ACCA, strictly for compliance or audit purposes.
- IT Service Providers: For secure website hosting and data storage.
All third-party providers are vetted to ensure they adhere to GDPR and data security standards.
6. Data Security
We implement robust technical and organizational measures to protect your data against unauthorized access, loss, or misuse. Our security measures include:
- SSL encryption for website data transmission
- Secure, password-protected storage systems
- Access controls limited to authorized personnel only
- Regular software updates and security patches
- Strict confidentiality agreements for all staff
7. Data Retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected or to comply with legal requirements.
- Tax & Accounting Records: Typically retained for 6 years plus the current year, in line with HMRC and Companies House requirements.
Inquiries: Retained for a reasonable period to address follow-up questions, then securely deleted.
8. Your Rights
Under the UK GDPR, you have specific rights regarding your personal data:
- Right of Access: You may request a copy of the personal data we hold about you.
- Right to Rectification: You may request corrections to inaccurate or incomplete data.
- Right to Erasure: You may request deletion of data, unless we are legally required to retain it (e.g., for tax compliance).
- Right to Restrict Processing: You may ask us to limit how we process your data in certain circumstances.
- Right to Data Portability: You may request your data be transferred to another provider.
To exercise any of these rights, please contact us. We will respond within the statutory timeframe (usually one month).
9. International Transfers
Protax Consultants primarily stores data within the UK or the European Economic Area (EEA). If we use service providers based outside these regions, we ensure appropriate safeguards (such as UK International Data Transfer Agreements) are in place to protect your data.
10. Cookies
Our website may use cookies to improve user experience and analyze site traffic. You can manage your cookie preferences through your browser settings. For more details, please refer to our Cookie Policy.
Questions or Concerns?
If you have any questions regarding this GDPR Statement or how your data is handled, please contact Protax Consultants via our Contact Us page.
If you believe your data has been mishandled, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.