Privacy Policy

Effective Date: 23/08/2025

Boston House Accountants (“we,” “our,” or “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

1. Data Controller

The Data Controller responsible for your personal data is:

Boston House Accountants
214 High Street, Boston Spa,
West Yorkshire, LS23 6AD
info@boston-house.co.uk
01937 848850

2. Information We Collect

We may collect and process the following categories of personal data:

  • Identity and contact data: name, address, email, phone number, date of birth.
  • Financial and business data: tax records, bank details, payroll information, company accounts.
  • Regulatory documents: identification for anti-money laundering checks.
  • Technical data: IP address, browser type, and interactions with our website (via cookies).

3. Legal Basis for Processing

We process your personal data under the following lawful bases:

  • Contractual necessity – to perform our services and deliver accountancy obligations.
  • Legal obligation – to comply with tax, audit, and anti-money laundering regulations.
  • Legitimate interests – to manage our business and improve services.
  • Consent – where you have given explicit consent (e.g., for marketing communications).

4. How We Use Your Data

Your personal data may be used to:

  • Provide accountancy, tax, and advisory services.
  • Maintain accurate client records.
  • Communicate with you about services or regulatory matters.
  • Comply with professional and legal obligations.
  • Improve website functionality and security.

5. Sharing Your Data

We may share your data with:

  • HM Revenue & Customs, regulators, and other authorities when required by law.
  • Professional advisers (lawyers, bankers, auditors, insurers).
  • Service providers such as IT, cloud storage, or software providers, under strict data processing agreements.

We will never sell your data to third parties.

6. International Transfers

Where data is transferred outside the UK/EU, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the UK/EU.

7. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected, and to meet legal, regulatory, and professional requirements. Typically, financial records must be kept for at least six years.

8. Your Data Protection Rights

Under the UK/EU GDPR, you have the right to:

  • Access your personal data.
  • Request correction of inaccurate data.
  • Request erasure (“right to be forgotten”) where legally possible.
  • Restrict or object to processing.
  • Request transfer of your data (data portability).
  • Withdraw consent at any time (where processing is based on consent).

To exercise these rights, please contact us at [insert contact email].

9. Cookies

Our website uses cookies to enhance your experience. You may set your browser to refuse cookies, though this may affect site functionality. See our Cookie Policy.

10. Security

We use appropriate technical and organisational measures to protect your data against accidental loss, misuse, or unauthorised access.

11. Complaints

If you have concerns about how we handle your personal data, please contact us first so we can address the issue.

If you are based in the UK, you may also complain to the Information Commissioner’s Office (ICO):
https://ico.org.uk | Tel: 0303 123 1113

If you are based in the EU, you may contact your local supervisory authority.

12. Updates to this Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.