Ernest & Co AccountantsErnest & Co Accountants Ltd
Legal

Privacy Policy

How we collect, use and protect your personal data.

1. Who we are and how to contact us

Ernest & Co Accountants Ltd ("we", "us", "our") is a UK accounting practice registered in England & Wales (Company No. 15545218). Our registered office is at 3rd Floor, 86–90 Paul Street, London EC2A 4NE.

If you have any questions about this privacy policy or how we handle your data, please contact us at help@ernestcoaccountants.co.uk or call us on +44 7440 015941.

2. What personal data we collect

We collect only the personal data we need to provide our services. This may include:

  • Your name, email address and phone number
  • Your date of birth and home address
  • Your business details, including company name and registration number
  • Your Unique Taxpayer Reference (UTR) and National Insurance number
  • Identity documents (passport or driving licence) and proof of address
  • Payment information processed via Stripe
  • Records of our communications with you

3. Why we collect your data

We use your personal data to:

  • Provide accountancy, tax and bookkeeping services to you and your business
  • Process subscription payments for our client portal and digital tools
  • Verify your identity for Anti-Money Laundering (AML) compliance
  • Send service communications, deadline reminders and tax-related updates
  • Maintain accurate statutory records required by HMRC and Companies House
  • Improve our services and client experience

4. Legal basis for processing

Under UK data protection law, we process your personal data on the following legal grounds:

  • Contract performance — to deliver the accountancy services you have engaged us to provide
  • Legal obligation — to comply with AML regulations, HMRC requirements and Companies House filings
  • Legitimate interests — to send service-related communications, manage our business relationship and prevent fraud
  • Consent — where you have opted in to receive marketing communications (you may withdraw this at any time)

5. How we store and protect your data

We take the security of your personal data seriously. Your information is stored securely via our backend infrastructure, which uses encryption at rest and in transit. Access to your data is strictly restricted by role — only authorised staff who need it to perform their duties can view or handle your information.

We regularly review our security practices and only work with trusted providers who meet industry-standard security certifications.

6. Payment data

All card and payment transactions are processed securely by Stripe, a PCI-DSS compliant payment processor. We do not store your full card details on our systems. Stripe handles payment data in accordance with their own privacy policy and security standards.

7. How long we keep your data

We retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy legal, accounting and regulatory requirements:

  • Client accounting and tax records — retained for 7 years after the end of the relevant tax year, in line with HMRC requirements
  • AML records — retained for 5 years after the end of our business relationship with you, as required by Money Laundering Regulations
  • General correspondence — retained for 3 years after our business relationship ends

When your data is no longer needed, we delete or anonymise it securely.

8. Who we share your data with

We do not sell your personal data to anyone. We only share it with trusted third parties who help us deliver our services:

  • Our backend host — for secure data storage and authentication
  • Stripe — for processing payments
  • Resend — for sending transactional and service emails
  • Companies House API — for verifying company registration details when you register with us

Each of these providers is contractually bound to process your data only for the purposes we specify and to maintain appropriate security measures.

9. Your rights under UK GDPR

You have the following rights regarding your personal data:

  • Right to access — request a copy of the personal data we hold about you
  • Right to rectification — ask us to correct inaccurate or incomplete data
  • Right to erasure — request deletion of your data where there is no legal obligation for us to retain it
  • Right to restrict processing — ask us to limit how we use your data in certain circumstances
  • Right to data portability — receive your data in a structured, commonly used format
  • Right to object — object to processing based on legitimate interests or for direct marketing

To exercise any of these rights, please email us at help@ernestcoaccountants.co.uk. We will respond within one calendar month.

10. Cookies

We use only essential cookies necessary for the operation of our website and services. These include session and authentication cookies that allow you to log in to your client portal and maintain your session securely. We do not use tracking or analytics cookies.

11. Changes to this policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. For material changes, we will notify you by email. We encourage you to review this page periodically for the latest information on our privacy practices.

12. How to complain

If you have any concerns about how we handle your personal data, please contact us first and we will do our best to resolve the issue.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK regulator for data protection issues.

Last Updated: May 2026

← Back to home

Book Free Consultation