Clarity Accounts

Legal

Privacy policy.

Last updated: May 2026 · Effective immediately

Clarity Accounts ("we", "our", "us", "I") is committed to protecting your privacy and handling your personal data responsibly. This policy explains what data we collect, why we collect it, how we use it, how long we keep it and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using this website or engaging our services, you agree to the terms set out in this policy.

1. Who we are

Clarity Accounts is a sole-practitioner accountancy firm based in Kings Hill, Kent, providing bookkeeping, management accounts, VAT, CIS and year-end services to UK businesses. We are the data controller for any personal data we process about you.

Contact: info@clarityaccounts.co.uk · 07463 125695 · Kings Hill, Kent, UK.

2. What we collect

We only collect the personal data we genuinely need. That typically includes:

  • Enquiry data — name, email, phone number, business name and the message you send us via the contact form.
  • Client onboarding data — for engaged clients, the information required for anti-money-laundering (AML) checks, including proof of identity and address, and beneficial-ownership details.
  • Financial records — bank statements, invoices, receipts, payroll data and other accounting records you share with us in the course of an engagement.
  • Website data — anonymised analytics about pages visited, device type and approximate location, plus the small set of cookies described in our cookie policy.
  • Correspondence — emails, messages sent via the Clarity Portal and notes from meetings.

3. How we use it

  • To respond to your enquiry and provide a quote.
  • To deliver the accountancy services set out in our engagement letter.
  • To file returns and information with HMRC, Companies House and other regulators on your behalf.
  • To comply with our legal and regulatory obligations, including AML.
  • To send you occasional service updates (you can opt out at any time).
  • To improve the website and the services we offer.

We never sell your data and we do not use it for third-party advertising.

4. Lawful basis for processing

We rely on the following UK GDPR lawful bases:

  • Contract — to deliver the services in your engagement letter.
  • Legal obligation — for AML, tax, payroll and statutory filings.
  • Legitimate interests — to respond to enquiries, maintain our records and improve our service. We balance these interests against your rights.
  • Consent — for optional marketing emails and non-essential cookies. You can withdraw consent at any time.

5. Sharing your data

We share personal data only where necessary, with:

  • HMRC, Companies House and other UK regulators.
  • Trusted software providers we use to deliver the service — for example Xero, QuickBooks, BrightPay, Dext, Google Workspace and our portal hosting provider. Each is bound by a data-processing agreement.
  • Our AML supervisory body and professional indemnity insurer, where required.
  • Law enforcement or courts, where we are legally required to do so.

We do not pass your data to marketing companies, data brokers or advertising networks.

6. How long we keep it

  • Enquiry data from people who don't become clients: up to 12 months, then deleted.
  • Client records and accounting data: at least 6 years after the end of the engagement, as required by HMRC and AML regulations.
  • AML identification records: 5 years after the end of the business relationship.
  • Website analytics: aggregated and retained for up to 26 months.

7. How we protect your data

We take security seriously. Data is encrypted in transit (TLS) and at rest, stored on UK or EU servers, and access is restricted to people who need it. We use multi-factor authentication on all key systems, keep software up to date and review our procedures regularly. If a personal data breach affects your rights, we'll notify you and the Information Commissioner's Office (ICO) within 72 hours as required.

8. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate data corrected.
  • Have your data erased, where we don't have a legal duty to keep it.
  • Restrict or object to processing in certain circumstances.
  • Receive your data in a portable format.
  • Withdraw consent for any processing based on consent.
  • Lodge a complaint with the ICO (see below).

To exercise any of these rights, email info@clarityaccounts.co.uk. We'll respond within one calendar month.

9. International transfers

Most of our processing happens in the UK or EEA. Where a software provider transfers data outside these areas (for example, a US-based cloud service), we rely on UK-approved safeguards such as the UK International Data Transfer Agreement or the EU Standard Contractual Clauses with the UK Addendum.

10. Children's data

Our services are aimed at businesses, not children. We don't knowingly collect personal data from anyone under 16. If you believe we have, please contact us and we'll delete it.

11. Changes to this policy

We may update this policy from time to time. Material changes will be highlighted on this page and, where appropriate, notified to existing clients by email. The "last updated" date at the top tells you which version you're reading.

12. Contact & complaints

If you have any questions about this policy or how we handle your data, please contact:

Clarity Accounts
Kings Hill, Kent, UK
info@clarityaccounts.co.uk
07463 125695

You also have the right to complain to the UK supervisory authority, the Information Commissioner's Office, at ico.org.uk or on 0303 123 1113. We'd appreciate the chance to put things right first, so do contact us before escalating.