Maintaining your privacy is extremely important to us. You entrust us with sensitive financial information, and we take that responsibility seriously.
Version 2.0: This policy was last updated on 10th May 2018 in line with GDPR requirements. It may be updated in the future and we’ll post the new version here on our website. 

1. Who We Are

AccountsNet Limited (‘we’ or ‘us’ or ‘our’) gather and process your personal information in accordance with this privacy notice and in compliance with the relevant data protection Regulation and laws. This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data. AccountsNet Limited’s registered office is at Dryburgh House, 3 Meikle Road, Livingston, EH54 7DE, and we are a company registered in Scotland under company number SC183293. We are registered on the Information Commissioner’s Office Register; registration number ZA000743, and act as the data controller and data processor when processing your data. Our designated Data Protection Officer can be contacted at Dryburgh House, 3 Meikle Road Livingston EH54 7DE or by emailing info@accountsnet.com

2. Information That We Collect

AccountsNet Limited processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.

Your personal data

When we say your “personal data”, we mean any information that identifies any person, that you provide to us during or after the time we act as your accountants or that is contained in any other information that you provide to us (or that you authorise a third party to give to us on your behalf). Your “personal data” may also be contained in information that we collect about you in connection with your use of the AccountsNet website. The financial data that you enter into AccountsNet portal, or that is provided to AccountsNet from your bank or HMRC, isn’t part of the “personal data” discussed here, unless it identifies a person. When it comes to your personal data, we comply with our obligations under the General Data Protection Regulation and any other applicable data protection legislation from time to time.

Information you provide – Your personal data includes the information you provide, or that you authorise someone else to provide, when you sign up to use our services or sign up to receive our new letters or during a support enquiry about you and/or your organisation. It also includes information you provide when you complete any forms which you submit to us (e.g. to authorise us to receive the transaction information from your bank account). It also includes information you upload to your AccountsNet portal. Examples of this personal data include your name, your email address, contact and/or employee names; and any correspondence when you contact us. It could also include your bank account details and bank transaction details (if it identifies a person). It could also include details in any invoices or receipts that you upload (if they identify a person). We do not collect or process special categories of personal data, as defined under GDPR. Also, we do not knowingly collect or solicit any personal data from anyone under the age of sixteen. AccountsNet is not directed at children under the age of sixteen. In the event that we learn that we have collected personal data from a child under age sixteen without verification of parental consent, we will delete that information as quickly as possible.
Information Others Provide to Us - We may receive information from others (e.g. your bank) that you have authorised that third party to provide to us. This could include the initial information to enable us to create your account (e.g. your full name, your email address and your business type) and also your bank transaction data. In addition, for new clients and to comply with anti money laundering legislation we use an agency to verify your identity. We do this by using information you supply to us such as name, address, NI number.

Financial Data

In addition to your personal data, we will also hold financial data that you enter into the AccountsNet Portal. Examples of your financial data include your organisation’s invoices, expenses, receipts and bank transactions.

You own all of the financial data you enter or upload into AccountsNet and have ultimate control over who has access to it. Keep in mind however it is your job to safeguard your password and account access. Also, you need to make sure you have obtained any relevant consents or permissions necessary for you to upload any personal data to AccountsNet and for it to be used as set out in this policy.

3. What do we use your data for?

We use your personal data to enable us to register you and provide you with access to AccountsNet Services and the AccountsNet Portal. It will also enable us to contact you by email, fax, post, SMS, social media or telephone where necessary concerning AccountsNet, your accounts and tax affairs; to record your personal preferences; to personalise our services to you (such as by pre-populating fields to make it easier for you to provide information when you return to AccountsNet Portal). It will also enable us to produce reports you request as part of the services we provide, including regulatory reports and/or other reports. We may also validate your information (and, in some cases, match it against information that has been collected by a third party, for example Companies House) to check that the data we hold about our customers/users is accurate, consistent and current. Should you choose to use parts of the AccountsNet Portal that involve providing your personal and/or financial data to third parties (for example, if you choose to give your IFA or your bank access to your data), then your personal and/or financial data will be shared in that way. Such personal and / or financial data may include for example, general, financial and transactional data, and information from your account such as accounting ledger balances, bank transactions and invoice, bill, expense and project details. These third parties will use that data in accordance with any consents you have given us or that you may give to us in the future.
Contacting you for Marketing or Newsletter Purposes - We may use your personal data to contact you by email, fax, post, SMS, social media and/or telephone to let you know about our other AccountsNet and/or third party services, content, offers or product ranges which may be of interest to you. We will only use your data in this way where you have provided consent, we have legitimate business reasons for doing so, or where we are otherwise entitled by law to do so. If you would like us to stop providing you with such notifications, just contact us at info@accountsnet.com. Please note, this may take up to one working day to take effect. 

Legal Requirements – We may use your personal data to comply with any legal obligations to which we are subject. We shall periodically check that the personal data we store for you is accurate. If you would like to update the personal data we hold about you, please login to your AccountsNet  account or contact us at info@accountsnet.com with your request.

4. Why do we use your personal data?

Legal Requirements – We may use your personal data to comply with any legal obligations to which we are subject. We shall periodically check that the personal data we store for you is accurate. If you would like to update the personal data we hold about you, please login to your AccountsNet  account or contact us at info@accountsnet.com with your request.

We collect and use your personal data for a variety of reasons. We need some data to enter into and perform our contract with you and provide you with access to AcountsNet– for example your contact details and other information requested during the AccountsNet setup process. If you fail to provide such data we will be unable to provide our service to you. Other information we collect because we have legitimate business interests, for example, in: Ensuring that we can onboard you as a customer and manage your account; Understanding how our customers use our products, services and websites; Understanding and responding to customer feedback; Researching and analysing the services our customers want; Improving our product and better understanding how our customers use it. In some circumstances we may process your personal data because it is required for compliance with a legal or regulatory obligation.

5. Who do we share your information with?

We may have to share your data with third parties, including third-party service providers and other entities. We require third parties to respect the security of your data and to treat it in accordance with the law.

We will not transfer personal data outside of the European Economic Area (EEA) without complying with the provisions of the Data Protection Legislation in respect of such transfer. Where you access our services outside the EEA, it shall be your responsibility to ensure that any access outside of the EEA which results in a transfer of personal data complies with the provisions of the Data Protection Legislation.

However if you choose to access your personal data outside the EEA, you should only do so in a secure environment which means that your browser must support the encryption security used in connection with our services.

If we do, you can expect a similar degree of protection in respect of your personal information.

Why might you share my personal information with third parties?
We may have to share your data with third parties, including third-party service providers and other entities. We require third parties to respect the security of your data and to treat it in accordance with the law. We may transfer your personal information outside the EU. If we do, you can expect a similar degree of protection in respect of your personal information. Why might you share my personal information with third parties? We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
Which third-party service providers process my personal information?
Third parties” includes third-party service providers. The following third-party service providers or categories of third party service providers MAY process personal information about you for the following purposes: HMRC for tax collection purposes; Payroll and banking services; Companies House; Pension providers; Direct Debit;

6. Data Security

AccountsNet is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. For example, any personal data transferred to us over the internet is protected with Secure Sockets Layer / Transport Layer Security (SSL/TLS) Encryption Certificate technology. This ensures that all personal data transferred is encrypted to prevent eavesdropping and tampering.   AccountsNet servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include monitoring, 24/7 surveillance and on-site security staff. Other personal data may be kept in paper form within our office, if needed, although in the main copies are destroyed after they have been scanned into computer systems. While no Service is completely secure, AccountsNet takes precautionary measures and has strict security standards to help prevent data loss, theft, misuse and unauthorised access, disclosure, alteration and destruction or other like incidents that might affect the security of your personal data. These measures include encryption, password protection, anti-malware, firewalls, server authentication, user profiles, backup/disaster recovery systems, restriction of access to premises and computer systems, as well as use of relevant third party service providers to provide security. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

7. Our retention of your information

AccountsNet retains personal data for as long as necessary to provide our services or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly. For example, the default standard retention period for accounting records is six years plus current, otherwise known as six years + one. This is defined as six years after the last entry in a record followed by first review and/or destruction to be carried out in the additional current (+ one) accounting year. If AccountsNet needs to alter, restrict processing of your data, or remove your data we will inform you.

7. What are your rights?

You can find detailed information about your rights under Data Protection legislation on the UK Information Commissioner’s website at ico.org.uk. You have the right to withdraw consent, at any time and you may always opt not to disclose certain data, but that may mean we will be hindered in our ability to provide our services, or it may mean you will not be able to access certain services.

You have:

The right to be informed – You have the right to obtain confirmation whether your personal data is being processed by AccountsNet or a third party processor. Through this Policy we explain the data we may gather, how it is used and why.

The right of access – You have the right to access personal data we hold about you. You can make a request for access to the data we hold about you by emailing info@accountsnet.com There is no charge for this service. However, we can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive and we may also charge a reasonable fee to comply with requests for further copies of the same information. We will provide copies of the personal data we hold about you without delay and at the latest within one month of receipt. The period of time for response may be extended by a further two months where requests are complex or numerous. If this is the case, AccountsNet will inform you within one month of the receipt of the request and explain why.

The right to rectification – You have the right to your personal data being corrected if it is inaccurate or incomplete. If you think your personal data needs to be corrected email info@accountsnet.com.

The right to erasure (also known as the right to be forgotten). You can withdraw your consent and request the deletion or removal of your personal data where there is no compelling reason for its continued processing. AccountsNet have in place processes to regularly review the data we hold and ensure that it is removed when it is no longer appropriate to hold it. However if you wish to make a request for Your personal data to be removed, you can do this by emailing info@accountsnet.com.

The right to restrict processing. Under certain specific circumstances, such as when you contest the accuracy of your personal data, you have a right to ‘block’ or suppress processing of personal data. If this is requested AccountsNet are permitted to store your personal data, but not further process it. In the unlikely event that you wish to restrict processing you can do this by emailing info@accountsnet.com

The right to data portability. You have the right to data portability allowing you to obtain and reuse your personal data for your own purposes across different services. To allow you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way without hindrance to usability AccountsNet can provide you with a CSV file. Please email info@accountsnet.com. Please note this right only applies to data subject to automated processing.

The right to object You have the right to object to: processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing; and processing for purposes of scientific/historical research and statistics. In relation to AccountsNet, only the direct marketing ground is applicable. If you wish to object to AccountsNet direct marketing please email info@accountsnet.com After you have signed up for our services you will receive service related emails from us, which are necessary to enable us to provide our services. You will always have the ability to opt-out of receiving non-service related messages. You can also ask to opt-out of having personal identifiable information used for certain purposes, including promotional communications and newsletters.

You can exercise your right to prevent such processing by following the opt-out instructions, which will be clear and obvious on the forms, or emails we use to collect your data.

You can also exercise the right at any time by contacting us at info@accountsnet.com If you wish to complain about AccountsNet’s handling of your personal data, please contact our Data Protection Officer, providing full details of your complaint and including any relevant documentation, by email info@accountsnet.com; or letter to the Data Protection Officer, AccountsNet Limited, Dryburgh House, 3 Meikle Road, Livingston, West Lothian EH54 7DE.

8. Changes to our Policy

AccountsNet may modify or update this Policy when necessary to reflect feedback and changes in our services. Visiting our website and/or using our services after any modification to this Policy will constitute your acceptance of such modification and updates. When we update this Policy we will revise the ‘Last Update’ date at the top of the Policy. If there are material changes to the Policy or in how AccountsNet uses your personal data, we will notify you either by posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to regularly review this Policy to learn more how AccountsNet is using and protecting your information.