Tired of chasing receipts and missing deadlines? We’ll keep your books in order – stress-free

Privacy Notice

Smart AI Accounting Ltd is committed to safeguarding the privacy and security of personal data in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR).

This Privacy Policy outlines the lawful basis on which we collect, process, and store personal information obtained through our website, services, and communications. Please read this notice carefully to understand our practices regarding your personal data and how we will treat it.

Last updated: September 2025

Who We Are

Smart AI Accounting Ltd is a UK-based accountancy and advisory firm. We provide bookkeeping, tax, and financial advisory services to individuals, sole traders, and limited companies.

Company name: Smart AI Accounting Ltd
Company number: 16401548
Registered office: [Insert registered office address]
Email: info@smartaiaccounting.com
Telephone: [Insert number]
ICO Registration Number: [Insert once received]

We act as a Data Controller, meaning we decide how and why your personal data is processed.

The Information We Collect

Depending on the services we provide, we may collect the following information:

Identity information – name, date of birth, national insurance number, UTR, passport or driving licence (for AML checks).
Contact information – address, email address, telephone number.
Financial information – bank statements, payslips, invoices, payroll details, tax records, company accounts.
Business information – company registration details, shareholder information, VAT numbers.
Communications – emails, letters, or online forms submitted to us.

We will only collect the information we genuinely need to deliver services and meet legal obligations.

Why We Collect Your Data

We process personal data under the following lawful bases:

Contract – to provide services you have engaged us for, such as preparing accounts, running payroll, or filing tax returns.
Legal obligation – to comply with HMRC, Companies House, anti-money laundering regulations, and other statutory requirements.
Legitimate interests – to manage our business, improve services, and keep you informed of updates relevant to your account.
Consent – for optional marketing communications, where you choose to receive them.

How We Use Your Data

Your information may be used for the following purposes:

To prepare accounts, tax returns, and bookkeeping records.
To carry out AML/KYC identity checks.
To process payroll and submit information to HMRC.
To communicate with you about your services and deadlines.
To maintain compliance records and defend legal claims if necessary.
To improve the quality and efficiency of our services.

We do not sell your information or share it with third parties for marketing purposes.

Who We Share Your Data With

We only share your data where it is necessary, lawful, and secure. Examples include:

Regulators: HMRC, Companies House, CIMA (if required).
Software providers: Xero, Google Workspace, Notion, n8n (all GDPR-compliant with data processing agreements).
Banks or auditors: only if authorised by you.
Subcontractors: where we use specialist accountants or consultants, and only under strict confidentiality terms.

International Transfers

Some of our cloud systems (e.g. Google Workspace, Notion) may store data outside the UK. Where this happens, we ensure that the provider uses approved safeguards such as Standard Contractual Clauses or adequacy agreements recognised by the UK.

How Long We Keep Your Data

We retain personal data in line with legal and professional requirements:

Accounting and tax records: 6 years after year-end.
AML/KYC records: 5 years after the end of the client relationship.
Payroll data: 6 years after the end of employment.
Marketing enquiries: 12 months, unless consent is renewed.
Emails and working papers: 6 years.

Once the retention period ends, data will be securely deleted or anonymised.

How We Protect Your Data

We use strong security measures to keep your data safe:

Password protection and two-factor authentication on all systems.
Encrypted storage in cloud platforms such as Google Drive and Xero.
Access restricted to authorised users only.
Secure disposal of data when no longer required.

Your Rights

Under UK GDPR, you have important rights in relation to your personal data. You can:

Request a copy of the data we hold about you.
Ask us to correct inaccurate or incomplete information.
Request deletion of your data (where possible under the law).
Restrict or object to processing.
Request data portability (transfer to another provider).
Withdraw consent (for marketing communications).

We will respond to all valid requests within one month.

How to Complain

If you are unhappy with how we use your data, please contact us first so we can try to resolve the issue. If you remain dissatisfied, you can complain directly to the Information Commissioner’s Office (ICO):

Website: ico.org.uk
Telephone: 0303 123 1113

Updates to This Notice

We review this Privacy Notice regularly to keep it accurate and up to date. Any changes will be posted on our website, and significant updates will be communicated to clients directly.

Our Commitment

Protecting your personal data is central to how we operate. As accountants, we handle sensitive financial information every day, and we treat it with the highest levels of care and confidentiality. Our policies and systems are designed not just to comply with the law, but to give you confidence that your information is safe in our hands.