At E&F Accounting and Advisory (“we”, “us”, “our”), we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use our services, contact us, or visit our website [insert your website URL].

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and where applicable, the EU GDPR.

1. Who We Are (Data Controller)

Business name: E&F Accounting and Advisory

Registered address: Albion Mills Business Centre, Albion Mills, Greengates, BD10 9TQ

Email: accounts@efaccounting.co.uk

Phone: 01274 072098

ICO Registration Number (if applicable): [insert ICO registration number if applicable]

For the purposes of data protection laws, E&F Accounting and Advisory is the Data Controller of your personal information.

2. What Information We Collect

We may collect and process the following types of personal data:

A) Personal identity and contact information

• Full name

• Address

• Email address

• Phone number

• Date of birth (where required)

• National Insurance number (if required)

B) Financial and business information

• Income details, accounts, invoices, receipts

• Bank details (where relevant for services)

• Payroll information

• VAT and tax records

• Company information (if applicable)

• HMRC information and references

C) Identification documents (where required)

For AML (Anti-Money Laundering) compliance, we may request:

• Passport or driving licence

• Proof of address (e.g., utility bill, bank statement)

D) Website usage and technical information

When you visit our website, we may collect:

• IP address

• Browser type and version

• Device information

• Pages visited and time spent

• Referral source (how you found our site)

E) Communications

• Emails/messages you send to us

• Notes from phone calls or meetings

• Information you provide via forms or documents

3. How We Collect Your Data

We collect information in the following ways:

• When you contact us by email, phone, or via our website

• When you become a client and use our services

• From documents you provide (paper or digital)

• From third parties such as HMRC, Companies House, or payroll providers (where lawful)

• Through cookies and similar technologies on our website

4. Why We Use Your Data (Lawful Bases)

We only use your personal information when we have a lawful reason to do so, including:

A) To provide accounting and related services

Lawful basis: Contract

We process your data to:

• Provide bookkeeping and accountancy services

• Prepare tax returns, accounts, VAT returns, payroll

• Provide advice and support

• Communicate with you about your work

B) To comply with legal obligations

Lawful basis: Legal obligation

Including:

• Tax regulations

• AML requirements

• Professional standards

• Record keeping obligations

C) For legitimate business purposes

Lawful basis: Legitimate interests

Such as:

• Running our business effectively

• Protecting against fraud

• Maintaining internal records

• Improving our services and customer experience

D) With your consent (only when required)

Lawful basis: Consent

For example:

• Marketing emails (if you opt in)

You can withdraw consent at any time.

5. How We Use Your Data

We may use your personal data to:

• Deliver services and comply with professional obligations

• Prepare and submit financial statements and tax filings

• Communicate with HMRC, Companies House, pension providers, and other relevant bodies

• Carry out identity checks and AML compliance checks

• Manage invoices, fees, payments, and client accounts

• Respond to queries or complaints

• Improve our website and customer experience

6. Who We Share Your Data With

We only share personal data when necessary and lawful. This may include:

A) Government agencies and regulators

• HMRC

• Companies House

• The Information Commissioner’s Office (ICO)

• Law enforcement (when legally required)

B) Professional service providers

Where relevant to your services:

• Payroll software providers

• Bookkeeping software providers

• Cloud storage providers

• IT support providers

• Banks/payment processors

• External accountants, advisors, or auditors (only with permission or necessity)

C) Our professional bodies and insurers

• Professional indemnity insurers

• Our regulatory/professional accountancy bodies (where applicable)

All third parties are required to handle your data securely and lawfully.

7. International Data Transfers

Some of our service providers (for example cloud software or storage providers) may store data outside the UK.

If we transfer your data internationally, we will ensure appropriate safeguards are in place such as:

• UK adequacy regulations

• Standard Contractual Clauses (SCCs)

• Equivalent lawful transfer mechanisms

8. How We Store and Protect Your Data

We take security seriously and use appropriate measures to protect personal information, including:

• Password-protected systems

• Encrypted devices and secure file storage where possible

• Access controls limiting who can see your information

• Secure backup procedures

• Staff confidentiality obligations

• Secure disposal of documents when no longer required

While we do our best, no system is completely secure. If a data breach occurs, we will take immediate steps to reduce risk and comply with reporting duties.

9. How Long We Keep Your Data

We only keep personal information as long as necessary for the purposes we collected it.

Typically, we retain client records for at least 6 years to comply with tax, accounting, and legal obligations, including HMRC requirements.

In some cases, we may retain information longer where:

• Required by law or regulation

• Needed to resolve disputes

• Necessary for professional or business purposes

Once no longer needed, your data will be securely deleted or destroyed.

10. Data Processing for Prospective Clients

If you contact us but do not become a client, we may retain your information for up to 6 months for follow-up and record keeping purposes, unless you request deletion sooner.

11. Your Data Protection Rights

Under UK GDPR, you have the right to:

• Access your personal data (Subject Access Request)

• Correct inaccurate or incomplete data

• Request deletion of your data (where applicable)

• Restrict processing of your data

• Object to processing (especially marketing)

• Data portability (where applicable)

• Withdraw consent where processing is based on consent

• Lodge a complaint with the ICO

To exercise any of these rights, please contact: accounts@efaccounting.co.uk

We may need to verify your identity before responding.

12. Marketing Communications

We may send marketing communications only where lawful to do so.

You can opt out at any time by:

• Clicking “unsubscribe” in an email, or

• Contacting us at accounts@efaccounting.co.uk

We do not sell your personal data to third parties.

13. Cookies and Website Tracking

Our website may use cookies to improve user experience and analyse traffic.

Cookies may include:

• Essential cookies (required for the website to function)

• Analytics cookies (to understand site performance)

• Preference cookies (to remember settings)

You can control cookies through your browser settings and may also manage cookie preferences using our cookie banner (where enabled).

14. Links to Other Websites

Our website may include links to external websites. We are not responsible for the privacy practices of third-party sites.

We recommend reviewing their privacy policies before providing any personal data.

15. Children’s Privacy

Our services are not intended for children. We do not knowingly collect personal information from anyone under the age of 16.

16. Changes to This Privacy Policy

We may update this Privacy Policy occasionally to reflect legal or operational changes.

The latest version will always be posted on our website, and the “Last Updated” date will be revised.

17. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal information, please contact:

E&F Accounting and Advisory

Albion Mills Business Centre, Albion Mills

accounts@efaccounting.co.uk

01274 072098

18. Complaints

If you are unhappy with how we handle your data, you have the right to complain to the UK regulator:

Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113

Website: ico.org.uk