Privacy Notice

Read our Privacy Notice to understand how Baadal Accountancy Ltd collects, uses, and protects your personal data when you use our website or services.

Introduction

Baadal Accountancy Ltd, trading as Baadal, respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, store and share personal data when you use our website, contact us, subscribe to our updates, access subscriber-only website content, or become a client or prospective client.

Please read this Privacy Notice carefully. It should be read together with our Cookie Policy, Website Terms of Use, Disclaimer and any client engagement letter or terms of business that apply if you instruct us to provide professional services.

Who we are

  • Legal company name: Baadal Accountancy Ltd
  • Trading name: Baadal
  • Company number: 14360168
  • Registered office and business address: Premier Business House, 43-45 Sanders Road, Finedon Road Industrial Estate, Wellingborough, Northamptonshire NN8 4NL
  • VAT registration number: GB 424 921 992 *ICO / data protection registration number: ZC140066
  • Website: www.baadal.co.uk
  • Email: webenquiry@baadal.co.uk
  • Telephone: 03333 448890
  • Member of ICPA, the Independent Certified Practising Accountants,membership number ICPA/107530
  • For anti-money laundering supervision, Baadal Accountancy Ltd is supervised by HM Revenue & Customs.

For the purposes of UK data protection law, Baadal Accountancy Ltd is the controller of personal data collected through this website and in connection with enquiries and services provided by Baadal.

Data protection contact

We do not have a formal Data Protection Officer. If you have any questions about this Privacy Notice, or if you wish to exercise your data protection rights, please contact us using:

  • Email: webenquiry@baadal.co.uk
  • Telephone: 03333 448890
  • Postal address: Premier Business House, 43-45 Sanders Road, Finedon Road Industrial Estate, Wellingborough, Northamptonshire NN8 4NL

What this Privacy Notice covers

This Privacy Notice applies to personal data collected through our website and related communications. It may also describe some processing that takes place when a website enquiry becomes a client matter. If you become a client, further details may be included in our engagement letter, terms of business, client onboarding documents or separate privacy information.

Our website may contain links to other websites or external services, including an external client portal, Google Maps, embedded videos, software providers, HMRC, Companies House or other third-party websites. We are not responsible for the privacy practices of those third parties. Please review their privacy notices before providing personal data to them.

Personal data we may collect

  • Identity data: Name, title, job role or similar identifiers.
  • Contact data: Email address, telephone number, postal address and communication preferences.
  • Business data: Business name, business type, sector, role, services required and enquiry details.
  • Website enquiry data: Information submitted through contact forms, email, telephone or other website contact tools.
  • Subscriber data: Email address, name and preferences used for newsletters, email blogs or subscriber-only website content, where you sign up.
  • Technical data: IP address, browser type, device type, operating system, referral source, approximate location and website usage data.
  • Analytics and marketing data: Information about how visitors use the website, subject to cookie consent where required.
  • Client data: Where an enquiry becomes a client matter, we may process accounting, tax, business, AML and identification information provided through secure onboarding or other appropriate channels.

We do not intend to collect special category data, criminal offence data, National Insurance numbers, bank statements, tax records,identification documents or other sensitive/confidential documents through the public website contact form. Please do not send such information through the public website form unless we specifically ask you to do so using an appropriate secure method.

How we collect personal data

  • Directly from you when you complete a contact form, email us, telephone us, subscribe to newsletters or request information.
  • Through website technology such as cookies, analytics tools, spam protection tools, server logs and security tools.
  • Through an external client portal or secure document exchange system, where you are an existing client and choose to use that system.
  • From third parties where relevant to a client matter, such as HMRC, Companies House, professional advisers, banks, bookkeeping platforms, payroll systems or cloud accounting software providers.

How and why we use personal data

  • Responding to enquiries: Legitimate interests in responding to enquiries; steps before entering into a contract where services may be requested.
  • Providing professional services: Performance of a contract, legal obligations and legitimate interests in providing professional services.
  • Client onboarding and AML checks: Legal obligations relating to anti-money laundering, fraud prevention, tax and professional compliance.
  • Sending newsletters and email blogs: Consent. You may unsubscribe at any time using the unsubscribe link or by contacting us.
  • Providing subscriber-only website content: Consent, legitimate interests, or steps to provide the requested website access, depending on how the feature is configured.
  • Website analytics: Consent where required by cookie law; legitimate interests in improving the website where permitted.
  • Marketing pixels and advertising measurement: Consent. These tools should not be active unless appropriate consent settings are in place.
  • Website security and spam prevention: Legitimate interests in protecting the website and preventing misuse; legal obligations where relevant.
  • Legal, regulatory and professional compliance: Legal obligations and legitimate interests in establishing, exercising or defending legal rights and complying with professional obligations.

Marketing and newsletters

We will only send marketing emails, newsletters or email blog updates where you have opted in or where we are otherwise permitted by law to do so. Each marketing email will include an unsubscribe option. You can also opt out by contacting us at any time.

We recommend that any gated blog sign-up and newsletter sign-up be presented clearly so that users understand what they are signing up for. Where possible, separate consent should be requested for newsletter marketing.

Cookies, analytics and similar technologies

We use cookies and similar technologies as described in our Cookie Policy. Some cookies are strictly necessary for the website to work. Analytics, advertising, embedded media and similar non-essential technologies should only be used where appropriate consent has been obtained.

Who we may share personal data with

We may share personal data with third parties where necessary for the purposes described in this Privacy Notice. This may include:

  • website hosting, WordPress, security, spam prevention and technical service providers;
  • email, newsletter, CRM, contact form and communication providers;
  • analytics and advertising providers, where enabled and where consent has been obtained where required;
  • cloud accounting, bookkeeping, payroll, tax, practice management and document management software providers used in connection with services;
  • the external client portal provider, where you use the portal;
  • HMRC, Companies House and other public authorities where required or appropriate;
  • professional advisers, insurers, auditors, legal advisers and debt recovery advisers where relevant;
  • ICPA and HMRC or other bodies where required in connection with professional, regulatory, AML or legal obligations;
  • law enforcement, courts, tribunals or regulators where required by law or to protect our rights.

We do not sell personal data. We do not share personal data with third parties for their own direct marketing unless you have expressly agreed to this or the law permits it.

International transfers

Some technology providers may process personal data outside the United Kingdom. Where personal data is transferred internationally, we will take reasonable steps to ensure appropriate safeguards are in place, such as adequacy regulations, approved contractual protections or other lawful transfer mechanisms recognised under UK data protection law.

How long we keep personal data

  • Website enquiries that do not become client matters: Normally up to 12 months.
  • Newsletter and email blog subscriber data: Until you unsubscribe or ask us to delete it, subject to keeping a suppression record where needed to respect your opt-out.
  • Subscriber-only website access records: For as long as the access remains active and for a reasonable period afterwards for security, audit and dispute purposes.
  • Client records: Normally 6 years, unless a longer period is required or justified by law, tax, professional, insurance or dispute reasons.
  • AML/customer due diligence records: 6 years, unless a longer period is required or justified by law.
  • Technical/security logs: For the period reasonably required for security, fraud prevention, troubleshooting and website administration.
  • Analytics data: For the retention period set in the analytics tool, to be reviewed when the tool is configured.

Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. These measures may include access controls, password protection, secure hosting, software updates, secure client portals, appropriate staff access restrictions and procedures for dealing with suspected data breaches.

Your rights

Subject to conditions and exceptions under data protection law, you may have the right to:

  • be informed about how we use your personal data;
  • request access to your personal data;
  • request correction of inaccurate or incomplete data;
  • request erasure of your data;
  • request restriction of processing;
  • object to processing;
  • withdraw consent where we rely on consent;
  • request data portability in certain circumstances;
  • object to direct marketing at any time;
  • complain to the Information Commissioner’s Office.

Please contact us at webenquiry@baadal.co.uk if you wish to exercise your rights. We may need to verify your identity before responding.

Complaints

If you are concerned about how we use your personal data, please contact us first using webenquiry@baadal.co.uk so that we can try to resolve the issue. You also have the right to complain to the Information Commissioner’s Office.

Changes to this Privacy Notice

We may update this Privacy Notice from time to time, for example where the law changes, our services change, or we introduce new website features such as booking tools, additional analytics, advertising pixels or subscriber-only content. The latest version will be published on our website.

Ready to Get Started?

Tell us what you need help with and we will point you in the right direction.

Book a Free Consultation