Privacy Notice

1. Introduction

Allset Go Accounting Ltd is an ACCA-regulated accounting practice. We are committed to protecting the privacy and security of your personal data.

This Privacy Notice explains how we collect, use, store, and share your personal data when you engage our accounting, bookkeeping, tax, and advisory services, or when you use our website at allsetgo.co.uk.

We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data We Collect

In the course of providing our professional services, we may collect the following categories of personal data:

• Identity data: full name, date of birth, National Insurance number, UTR (Unique Taxpayer Reference), company registration number, passport or driving licence details (for AML verification)
• Contact data: email address, phone number, postal address
• Financial data: bank statements, invoices, receipts, payroll records, tax records, VAT records, and other accounting documents
• Employment data: employee names, salaries, NI numbers, pension details (where we provide payroll services)
• AML verification data: proof of identity and proof of address documents, as required by the Money Laundering Regulations 2017
• Technical data: IP address, browser type, and website usage data collected via cookies

3. How We Use Your Data

We use your personal data to:

• Prepare and file statutory accounts, tax returns (Corporation Tax, Self Assessment, VAT), and annual confirmations with Companies House
• Provide bookkeeping, payroll, and management accounting services
• Submit RTI (Real Time Information) reports to HMRC on your behalf
• Carry out client due diligence under Anti-Money Laundering regulations
• Communicate with HMRC, Companies House, banks, and other third parties on your behalf where authorised
• Respond to enquiries and provide quotations
• Comply with professional and regulatory obligations under ACCA rules
• Improve our website through anonymised analytics

4. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract: processing is necessary to perform our engagement with you — e.g. preparing your accounts or tax returns
• Legal obligation: processing is required to comply with tax legislation, AML regulations, Companies Act requirements, or other statutory obligations
• Legitimate interests: we have a legitimate business interest in administering our practice, improving our services, and maintaining client relationships, provided this does not override your rights
• Consent: where you have opted in to receive marketing communications or newsletters

5. Who We Share Your Data With

We may share your personal data with the following parties where necessary for the delivery of our services or to comply with legal obligations:

• HMRC — for tax filings, VAT returns, RTI submissions, and responding to enquiries
• Companies House — for filing statutory accounts, confirmation statements, and company changes
• Cloud accounting software providers — such as Xero, QuickBooks, FreeAgent, or Sage, used to process your accounting data
• Payroll bureaux and pension providers — where we administer payroll and auto-enrolment on your behalf
• Banks and financial institutions — where required for the delivery of services
• National Crime Agency (NCA) — if we are required to make a suspicious activity report under AML legislation
• ACCA — in connection with regulatory or disciplinary matters
• Website analytics — Vercel Analytics (anonymised usage data only)

We do not sell your personal data to any third party.

6. Data Retention

We retain your personal data and client files for a minimum of six years from the end of the engagement, in line with HMRC requirements and ACCA professional guidance. Certain records may be retained for longer where required by law (e.g. AML records must be kept for five years after the end of the business relationship).

After the applicable retention period, data will be securely deleted or destroyed.

7. Your Rights

Under the UK GDPR, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request erasure of your data (subject to our legal and professional retention obligations)
• Object to or restrict processing of your data
• Request data portability
• Withdraw consent at any time where consent is the legal basis

Please note that some of these rights may be limited where we are required to retain data under tax or AML legislation.

To exercise any of these rights, please contact us at info@allsetgo.co.uk. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

8. Data Security

We take the security of your data seriously. We implement appropriate technical and organisational measures to protect your personal data, including encrypted file storage, secure cloud accounting platforms, and restricted access controls.

All staff are trained on data protection and confidentiality obligations, and we operate in accordance with ACCA’s professional standards on client confidentiality.

9. International Transfers

Your data is primarily processed within the United Kingdom. Where any data is transferred outside the UK (for example, through the use of cloud-based software), we ensure that appropriate safeguards are in place in accordance with UK data protection legislation.

10. Changes to This Notice

We may update this Privacy Notice from time to time. Any changes will be posted on this page with an updated revision date.

11. Contact Us

If you have any questions about this Privacy Notice or how we handle your personal data, please contact us:

• Email: info@allsetgo.co.uk
• Phone: 078 4308 6920
• Address: 10 York Road, London, SE1 7ND