Welcome to [Your Firm Name/ACUMEN ACCOUNTANTS AND TAX ADVISERS LTD] (“we,” “us,” or “our”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy will inform you how we look after your personal data when you engage our services, visit our website, or otherwise interact with us. It also tells you about your privacy rights and how the law protects you.

We act as a “data controller” under the relevant Data Protection Legislation, which includes the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (together the “Data Protection Legislation”).

• Company Name: ACUMEN ACCOUNTANTS AND TAX ADVISERS LTD
• Registered Company Number: 10956078
• Registered Office: 37th Floor, 1 Canada Square, London, England, E14 5DY

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

• Data Protection Officer / Data Privacy Manager: Md Mahabubul Alam Khan
• Email Address: info@acumenagc.com
• Telephone: +44(0)-7852806969
• Postal Address: 37th Floor, 1 Canada Square, London, England, E14 5DY

This Privacy Policy applies to our clients, prospective clients, website users, suppliers, service providers, and any other individuals whose personal data we process in the course of our business activities. This includes data collected online and offline.

We may revise this Privacy Policy from time to time. The most current version will always be posted on our website. Please check back periodically to keep informed of any updates. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes.

Our website may include links to third-party websites, plug-ins, or applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third parties and are not responsible for their privacy statements. We encourage you to read the privacy policy of every website you visit.

Depending on our engagement with you, we may collect, use, store, and transfer various kinds of personal data, including but not limited to:

• Identity Data: First name, last name, date of birth, marital status, national identifiers (e.g., National Insurance Number, Unique Tax Reference (UTR)), etc.
• Contact Data: Postal address, email address, telephone number(s).
• Financial Data: Bank account details, payment card details, transaction history.
• Technical Data: IP address, browser type, and version, time zone setting, operating system, device identifiers, and other technology on the devices you use to access our website.
• Profile Data: Username, password (if applicable), purchases or orders made by you, your preferences, feedback, and survey responses.
• Usage Data: Information about how you use our website and services, including pages visited and duration of visits.
• Marketing and Communications Data: Preferences in receiving marketing materials, communication preferences.

We do not routinely collect any Special Categories of Personal Data (e.g., details about race, ethnicity, religious beliefs, sexuality, health, or biometric data) unless required by law or you voluntarily provide such information and we have a lawful basis to process it (e.g., explicit consent).

We collect personal data through various methods, including:

• Direct interactions: When you fill in forms, request our services, correspond with us by post, phone, email, or otherwise.
• Automated technologies: When you interact with our website, we may automatically collect technical data via cookies, server logs, and similar technologies.
• Third parties or publicly available sources: We may receive personal data from analytics providers (e.g., Google), or from identity verification and anti-money laundering check providers.

Under the Data Protection Legislation, we must have a lawful basis to process your personal data. Depending on the situation, we may rely on:

• Performance of a Contract (Article 6(1)(b)): Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.
• Legal Obligation (Article 6(1)(c)): Where we need to comply with a legal or regulatory obligation (e.g., anti-money laundering checks, HMRC reporting).
• Legitimate Interests (Article 6(1)(f)): Where processing is necessary for our (or a third party’s) legitimate interests, unless overridden by your fundamental rights and freedoms.
• Consent (Article 6(1)(a)): Where you have given clear consent for us to process your personal data for a specific purpose. You can withdraw your consent at any time.

We may process your personal data for the following purposes:

• Provision of Services: To register you as a client, carry out our contractual obligations, and deliver accounting, tax, and related advisory services.
• Client Management: To manage our relationship with you, including billing, fees, and payments.
• Legal Compliance: To comply with our legal obligations (e.g., anti-money laundering regulations, HMRC/Companies House requirements).
• Marketing & Communications: To send you updates about our services or other information that might be of interest to you, provided you have not opted out.
• Website Administration: To administer and protect our website and business, including troubleshooting, data analysis, and system maintenance.
• Analytics: To use data analytics to improve our website, products/services, marketing, client relationships, and user experiences.

We will not use your personal data for new, unrelated purposes without first obtaining your consent or having another lawful basis for the processing.

We may share your personal data within our organisation to staff members who need it to fulfil our contractual or legal obligations.

We will never sell or rent your personal data to third parties for marketing. However, we may disclose your personal data to:

• Service Providers: Trusted third parties who provide IT, payment, cloud services, marketing, or other business operations support under written contract.
• Professional Advisers: Lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
• Regulatory & Legal Authorities: HMRC, Companies House, law enforcement agencies, or other authorities if required by law or to protect our rights.
• Business Transfers: If we merge, sell, or reorganise some or all of our business or assets, we may transfer your personal data to the prospective buyer or merged entity.

All third-party service providers and advisers are subject to data protection compliance obligations and may only process your personal data for specified purposes and in accordance with our instructions.

We will retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the:

• Nature and sensitivity of the data.
• Potential risk of harm from unauthorised use or disclosure.
• Purposes for which we process the data.
• Applicable legal and regulatory obligations (e.g., record-keeping requirements for HMRC).

Under certain circumstances, you have the following rights regarding your personal data:

• Access: Request access to your personal data and receive a copy (commonly known as a “data subject access request”).
• Correction: Request correction of incomplete or inaccurate data we hold about you.
• Erasure (“Right to be Forgotten”): Ask us to delete or remove personal data where there is no good reason for us to continue processing it.
• Objection: Object to processing where we rely on legitimate interests or where we process your data for direct marketing purposes.
• Restriction: Request restriction of processing of your personal data in certain circumstances (e.g., if you contest its accuracy).
• Data Portability: Object to processing where we rely on legitimate interests or where we process your data for direct marketing purposes.
• Withdraw Consent: Where we rely on consent, you can withdraw that consent at any time; however, this will not affect the lawfulness of processing carried out before you withdrew consent.

If you wish to exercise any of these rights, please contact our Data Protection Officer using the details in Section 1.3. You will not ordinarily have to pay a fee to exercise your rights. We may, however, charge a reasonable fee if your request is manifestly unfounded, repetitive, or excessive.

Our website uses cookies and similar technologies to distinguish you from other users, improve user experience, and compile statistical data about site usage. Cookies are small text files stored on your device. They can help us:

• Understand usage patterns.
• Remember your preferences.
• Improve site functionality and speed.

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, some parts of our website may become inaccessible or not function properly.

We may send you marketing communications if:

• You have specifically requested information from us.
• You have purchased services from us.
• You have not opted out of receiving marketing messages.

You can ask us to stop sending marketing messages at any time by clicking the “unsubscribe” link in any email or by contacting us directly. Please note, you will still receive transactional messages or information related to your engagements with us.

If you have any questions, concerns, or complaints about how we handle your personal data, please contact our Data Protection Officer:

• Email: info@acumenagc.com
• Telephone: +44(0)-7852806969
• Address: 37th Floor, 1 Canada Square, London, England, E14 5DY

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not complied with applicable data protection laws. We would, however, appreciate the chance to address your concerns before you approach the ICO.