Privacy Policy

Last updated: April 2026

Who we are

Rhodium Accounting Limited is a limited company registered in England and Wales. We are the data controller responsible for any personal data you provide to us through our website, our services or any communication you have with us.

For all data protection matters you can contact us at support@rhodiumaccounting.co.uk.

This privacy policy explains how we collect, use, store and protect your personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read it carefully.

Our regulatory position

Rhodium Accounting Limited is a UK accountancy practice supervised by HM Revenue and Customs for the purposes of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. Our HMRC AML supervision number is XEML00000217559.

The practice is led by an ACCA-qualified accountant. As we are not currently a member firm of the ACCA, our anti-money laundering supervision is provided directly by HMRC rather than by ACCA.

What information we collect

We only collect personal data that we need to provide our services or run our business properly. Depending on how you interact with us, this may include the following.

Contact and identity data. Your name, email address, phone number and business name.

Identity verification data. For clients receiving accountancy services, we are required by law to verify your identity under Anti-Money Laundering regulations. This may include a copy of your passport or driving licence and proof of your address.

Financial and tax data. For clients receiving accountancy services, we collect financial records relevant to the work we are doing for you. This may include income and expense records, bank statements, invoices, tax returns, HMRC correspondence and information about your business activities.

Payment data. We do not store credit card or bank account details on our systems. All payments are processed by third-party payment processors who handle this data under their own privacy policies.

Website usage data. When you visit our website we collect basic information about your visit through Google Analytics. This includes your approximate location, the device you are using, the pages you visit and how long you stay. This data is anonymised and we cannot identify you personally from it.

Communications. Any messages, emails or calls you have with us are kept as part of our normal business records.

How we collect your data

We collect personal data directly from you when you contact us, sign up for our services, purchase a product or fill in a form on our website. We also collect data from your interaction with our website through cookies and analytics. Where it is necessary to provide our services, we may collect data from third parties such as HMRC, Companies House or your previous accountant. We may also collect data from publicly available sources such as Companies House when carrying out due diligence checks.

Why we collect your data and our legal basis

UK GDPR requires us to have a lawful basis for processing your personal data. The legal basis we rely on depends on what we are doing with the data.

When we provide accountancy and tax services that you have engaged us to deliver, we rely on the performance of a contract. When we verify your identity under Anti-Money Laundering law, we rely on a legal obligation. When we prepare and submit tax returns or correspond with HMRC on your behalf, we rely on the performance of a contract and on a legal obligation.

When we respond to enquiries received through our website or by email, we rely on our legitimate interest in responding to people who contact us. When we send you our newsletter or marketing emails, we rely on your consent. When we use website analytics to improve our website and understand how visitors use it, we rely on our legitimate interest in improving our services. When we keep records for tax and regulatory compliance, we rely on our legal obligations.

You can withdraw consent for marketing at any time by clicking unsubscribe on any email we send or by emailing us directly.

Who we share your data with

We do not sell your personal data to anyone. We do not share it for marketing purposes. We will only share your data with the parties described below.

HMRC and other regulatory bodies. Where we are filing returns on your behalf, dealing with HMRC enquiries, or where we are required by law to disclose information.

Cloud accounting software providers. We use Xero, QuickBooks and FreeAgent to provide bookkeeping and accounting services to clients who have engaged us to use these platforms. Your financial data is processed within these platforms under their own privacy policies. All three are UK and EU GDPR compliant.

Document storage providers. We use Google Drive, Dropbox and OneDrive to store and share documents securely with clients. These providers are GDPR compliant and use industry-standard encryption.

Email and communication providers. We use standard business email and communication tools to correspond with you. These providers process email content as part of normal email delivery.

Professional advisers and contractors. Where necessary to provide our services we may share data with professional advisers such as solicitors or specialist tax advisers, always under a duty of confidentiality.

We will never transfer your data outside of the UK or EEA without ensuring an appropriate level of protection is in place.

How long we keep your data

We only keep your personal data for as long as we need to. The specific retention periods depend on the type of data.

Client tax and accounting records are kept for six years from the end of the tax year to which they relate, in line with HMRC requirements. Anti-Money Laundering records are kept for five years from the end of the client relationship, in line with the AML regulations. Client engagement letters and correspondence are kept for six years from the end of the client relationship.

Website enquiry data, where you do not become a client, is kept for twelve months. Newsletter and marketing data is kept until you unsubscribe and then for up to twelve months for record keeping. Website analytics data is kept for fourteen months, which is the Google Analytics default.

Where there is a legal requirement to keep data for a longer period, we will keep it for that period.

Your rights under UK GDPR

You have the following rights regarding your personal data.

Right of access. You can ask us for a copy of any personal data we hold about you.

Right to rectification. You can ask us to correct any data that is inaccurate or incomplete.

Right to erasure. You can ask us to delete your data in certain circumstances, although we may need to retain some data where we have a legal obligation to do so, such as tax records.

Right to restrict processing. You can ask us to limit how we use your data in certain circumstances.

Right to data portability. You can ask us to provide your data in a machine-readable format so you can transfer it to another service.

Right to object. You can object to us processing your data for marketing purposes at any time. You can also object to processing based on legitimate interest.

Right to withdraw consent. Where we are processing data based on your consent, you can withdraw that consent at any time.

To exercise any of these rights, email support@rhodiumaccounting.co.uk. We will respond within one calendar month.

Cookies

Our website uses cookies to improve your experience and to help us understand how visitors use the site.

We use essential cookies that are required for the website to function correctly. These cannot be disabled.

We also use analytics cookies through Google Analytics to collect anonymised information about how visitors use our website. This helps us improve the content and structure. You can opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-on, available from Google.

You can manage cookies through your browser settings. Note that disabling cookies may affect how parts of our website work.

Security

We take the security of your personal data seriously. We use encrypted connections (HTTPS/SSL) on our website, password protection and two-factor authentication on all systems holding client data, GDPR-compliant cloud providers for document storage and accounting platforms, and regular review of access permissions to ensure data is only accessible to people who need it.

While we take reasonable steps to protect your data, no method of transmission over the internet is 100 percent secure. If you have concerns about the security of any specific information, please contact us before sending it.

Complaints

If you believe we have not handled your personal data correctly, please contact us first at support@rhodiumaccounting.co.uk and we will investigate and respond.

If you remain unsatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at any time. The ICO is the UK regulator for data protection. You can contact them at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, on the helpline number 0303 123 1113, or through their website at ico.org.uk.

Changes to this policy

We may update this policy from time to time to reflect changes in the law or in how we operate. The date at the top of the page shows when the policy was last updated. We recommend checking it occasionally so you are aware of any changes.

Contact us

For any questions about this privacy policy or how we handle your personal data, contact us by email at support@rhodiumaccounting.co.uk.

Rhodium Accounting Limited is a limited company registered in England and Wales. Our company number is 08134681.

Tax Guides

Bookkeeping

Email:

Contact Us

support@rhodiumaccounting.co.uk

© 2026. All rights reserved | Privacy Policy | Terms and Conditions

Monthly Management Reporting

Budgets & Forecasts

Cash flow Optimisation

Processes and Controls

Other Services