top of page

(310) CLIENT PRIVACY NOTICE

This privacy notice should be read alongside the (300) Standard Terms & Conditions.

1. Who we are

Massey Accounting Company Limited is a data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are registered with the Information Commissioner’s Office (ICO).

 

Our contact details are: Massey Accounting Company Limited, 32 Hall Pool Drive, Stockport, SK2 5ED. Email: john@masseyaccountingcompany.com

 

2. What personal data we collect

We collect and process personal data that is necessary to provide our services to you. This includes:

  • Your name, address, date of birth, and contact details

  • Your National Insurance number and Unique Taxpayer Reference

  • Financial information, including income, expenditure, assets, liabilities, and bank details

  • Information about your business, including company registration details and details of directors, shareholders, or partners

  • Identity and verification documents collected under our anti-money laundering obligations

  • Correspondence between us

 

Where relevant to your engagement, we may also collect information about connected persons — for example, business partners, company directors, or persons with significant control.

 

3. Why we collect it and our lawful basis

We process your personal data on the following lawful bases:

  • Contract: processing is necessary to provide the services set out in your letter of engagement

  • Legal obligation: we are required to process certain personal data to comply with our obligations under tax legislation, anti-money laundering regulations, and our ACCA membership requirements

  • Legitimate interests: we may process personal data where it is in our or your legitimate interests to do so and those interests are not overridden by your rights — for example, to manage our business, improve our services, or communicate with you about matters relevant to your engagement

 

Where we rely on your consent for any specific processing activity, we will make this clear at the time. You have the right to withdraw consent at any time — see section 7.

 

4. How we use your personal data

We use your personal data to:

  • Carry out the services described in your letter of engagement and the relevant schedules of services

  • Communicate with you about your affairs

  • Submit returns, accounts, and other documents to HMRC, Companies House, and other relevant bodies on your behalf

  • Comply with our obligations under the anti-money laundering legislation, including identity verification and ongoing monitoring

  • Comply with our obligations as an ACCA-regulated firm

  • Manage our relationship with you, including invoicing and fee collection

  • Maintain our business records and comply with our own legal and regulatory obligations

 

5. Who we share your personal data with

We will not share your personal data with third parties except in the following circumstances:

  • HMRC, Companies House, and other regulatory bodies — where required to carry out your engagement or comply with a legal obligation

  • ACCA — as our professional body, ACCA may require us to provide information about our practice and clients in the context of regulatory oversight, quality reviews, or a complaint

  • Subcontractors — we may occasionally subcontract elements of your work to other tax or accounting professionals. Any subcontractor we use is bound by written confidentiality and data processing agreements

  • An alternate appointed to act on our behalf in the event of incapacity or death, for the purpose of ensuring continuity of service

  • Tax investigation insurers or professional indemnity insurers, where relevant to your engagement

  • Legal requirement — where we are required to disclose information by law, court order, or regulatory authority, including where we are required to make a report under the anti-money laundering legislation. In some circumstances we may not be permitted to inform you that such a report has been made

 

We do not sell your personal data or share it for marketing purposes.

 

Data may be processed in the UK and other jurisdictions where our service providers operate, subject to appropriate safeguards.

 

6. How long we keep your personal data

We retain your personal data for as long as is necessary to fulfil the purposes for which it was collected and to comply with our legal and regulatory obligations. In practice:

  • Records relating to tax returns: six years from the end of the tax year to which the information relates

  • Ad hoc advisory work: six years from the date the business relationship ceased

  • Ongoing client relationships: data needed across more than one year (for example, capital gains base costs and elections submitted to HMRC) is retained throughout the relationship and deleted six years after the end of the relationship, unless you ask us to retain it for longer

  • Identity and verification documents: collected under anti-money laundering legislation: five years from the end of our relationship with you

  • Making Tax Digital for Income Tax: where you are subject to MTD IT, digital records are retained for a minimum of five years from the 31 January submission deadline for the relevant tax year

 

Where we act as a data processor (for example, when processing payroll), we will delete or return all personal data to you as the data controller on termination of that engagement, as agreed between us.

 

7. Your rights

Under the UK GDPR you have the following rights in relation to your personal data:

  • Right of access (subject access request): you can request a copy of the personal data we hold about you. Please make any such request in writing to us at the address in section 1. We will respond within one month. We will not charge you for dealing with a request.

  • Right to rectification: you can ask us to correct inaccurate or incomplete data

  • Right to erasure: in certain circumstances you can ask us to delete your personal data

  • Right to restriction: you can ask us to restrict the way we process your data in certain circumstances

  • Right to data portability: you can ask us to provide your personal data in a structured, commonly used format — for example, so it can be transferred to a new adviser. This right applies where processing is based on consent or contract and is carried out by automated means.

  • Right to object: you can object to processing based on legitimate interests

  • Right to withdraw consent: where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal. Please note that withdrawal of consent may mean we are unable to continue to provide services to you, though it may remain lawful for us to process your data on another legal basis.

 

To exercise any of these rights, please write to us at the address in section 1.

 

Please note that some rights are not absolute and may be subject to exemptions — for example, we may be required to retain certain records regardless of an erasure request where a legal obligation applies. We will explain any such limitation when we respond to your request.

 

We do not use automated decision-making in relation to your personal data.

 

8. Complaints

If you are unhappy with how we have handled your personal data, you have the right to complain to the Information Commissioner’s Office (ICO): https://ico.org.uk/make-a-complaint, or telephone: 0303 123 1113

 

We would, however, ask that you contact us in the first instance so that we have the opportunity to address your concern.

 

9. Changes to this notice

We may update this notice from time to time. The current version is always available at (310) Client Privacy Notice and on request. Where changes are material, we will notify you.

 

10. Further information

If you have any questions about this notice or how we handle your personal data, please contact us at the address or email address in section 1.

© 2025 Massey Accounting Company

  • LinkedIn
  • Facebook
bottom of page