Privacy and Personal Data for our bookkeeping service packages

Privacy Policy

Last updated: 29th June 2025

1. Introduction

• Welcome to The Bookkeeping Nest provides bookkeeping packages for small businesses using xero cloud accounting. We are committed to protecting and respecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
  This Privacy Policy explains how we collect, use, and protect your personal data when you use our website, our bookkeeping services, or when you otherwise interact with us.
  Business Name: The Bookkeeping NestBusiness Address: [Your Address]
  ICO Registration Number: ZB919225
  Contact Email: harriet@thebookkeepingnest.co.uk
• 2. What Personal Data We Collect
• We may collect and process the following personal data:
  - Identity Data: Full name, trading name, UTR number (where provided)
  - Contact Data: Email address, phone number, postal/billing address
  - Financial Data: Bank details, transaction history, and payment information
  - Client Data: Bookkeeping records, invoices, receipts, VAT data, payroll information (as needed)
  - Technical Data: IP address, browser type, cookies, operating system
  - Usage Data: Information about how you use our website and services
  We do not intentionally collect special category data (e.g. health or biometric data).
• 3. How We Collect Your Data
• We collect data through:
  - Direct interactions (e.g. emails, phone calls, submitting forms)
  - Use of our website (e.g. contact form, cookies)
  - Third-party integrations (e.g. Xero accounting software)
  - From documents or records you provide (e.g. bank statements, invoices)
• 4. How We Use Your Data
• We use your data to:
  - Provide our bookkeeping and advisory services
  - Use and manage your data in Xero accounting software
  - Send invoices and process payments
  - Comply with legal, tax, and regulatory obligations
  - Communicate with you effectively
  - Improve our services and website
  We process your personal data on the following lawful bases:
  - Performance of a contract
  - Compliance with legal obligations
  - Legitimate interests
  - Consent, where applicable
• 5. Use of Xero
• We use Xero, a third-party cloud accounting platform, to manage client bookkeeping and accounting data.
  When you engage our services:
  - Your financial and transactional data may be input and stored in Xero.
  - Xero is fully GDPR-compliant and processes data securely within the UK and EEA, or in countries with adequate data protection measures.
  Learn more about Xero’s privacy practices: https://www.xero.com/uk/about/legal/privacy/
• 6. Sharing Your Information
• We do not sell your personal data.
  We may share your information with:
  - Xero (accounting platform)
  - HMRC and regulatory bodies (when legally required)
  - Professional advisors (e.g. accountants or legal consultants)
  - Cloud service providers and IT support services
  All third parties are required to respect your data and comply with data protection laws.
• 7. Data Security
• We take appropriate measures to protect your personal data, including:
  - Using secure passwords and encryption
  - Limiting access to your data to only those who need it
  - Using secure third-party platforms like Xero
• 8. Data Retention
• We retain your data only for as long as necessary for:
  - Fulfilling our bookkeeping services
  - Meeting legal and tax obligations (usually 6 years after the end of the relevant tax year)
  We securely delete or anonymise your data after this period.
• 9. Your Rights
• Under UK GDPR, you have the right to:
  - Access the data we hold about you
  - Request correction of your data
  - Request deletion of your data
  - Object to or restrict certain types of processing
  - Withdraw consent (where consent is used)
  - Lodge a complaint with the Information Commissioner’s Office (ICO)
  ICO Website: https://ico.org.uk
  To exercise any of these rights, please contact: [Your Contact Email]
• 10. Cookies
• Our website may use cookies for functionality and analytics. For more information, please review our [Cookie Policy].
• 11. Updates to This Privacy Policy
• We may update this Privacy Policy from time to time. Any significant changes will be communicated on our website or via email.
• 12. Contact Us
• If you have questions about this Privacy Policy or how we process your personal data, please contact:
  [Your Full Name] (Trading as [Your Business Name])
  Email: [Your Contact Email]
  Phone: [Your Phone Number]
  Address: [Your Business Address]We only processes your personal information in compliance with this privacy statement and in accordance with the relevant data protection laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint with the supervisory authority.
• Contact
• please complete the contact form
• Information Commissioner’s Office
• https://ico.org.uk/make-a-complaint/data-protection-complaints/