01983 614108

Privacy and Cookie Policy

This Content Was Last Updated on January 22, 2026 by Jessica Garbett

 

Whitefield Tax takes the protection of your privacy very seriously. Our privacy statement explains why and how we collect and use your personal data. It also provides information about your personal rights.

Whitefield Tax is registered with the Information Commissioners Office: Registration Number Z3213692.

 

How do we collect personal data from you?

We obtain personal data about you for example when:

  • You complete any forms via our website.
  • You sign up to our mailing list.
  • You engage us to provide services and throughout the provision of those services.
  • You contact us by email, telephone, post or social media.
  • From third parties , for example from your employer for payroll services or from companies’ house, HMRC or any other publicly available resource.
  • If we engage you as a supplier.
  • If you apply to us for employment or are an employee of Whitefield Tax.

 

What type of personal data do we collect?

The personal data we hold will depend on the reasons for processing that data and may include the following.

  • Your personal information : name , date of birth, address and contact details.
  • Your financial information : tax references, national insurance number, bank details.
  • Details from enquiry forms and the information you have sent us.
  • Details of any services you have received from us and any communications with you.
  • Anti Money Laundering Information : copies of identification , third party searches.
  • Suppliers’ information: details of goods and services you have provided us with.

 

How is your data used?

We may process your personal data for the purposes necessary to fulfil our contract with you or your employer and to comply with necessary legislation.

This may include .

  • Processing your personal information where you are an employee, client, supplier or customer of our client.
  • Processing data for our own legitimate interests, providing these do not override any of your own interests , rights or protection of personal data.
  • Processing your data for more than one lawful basis.
  • Processing your data for additional limited circumstances with your consent.
  • Processing your personal data without your knowledge or consent where we are legally required to do so.

 

Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

We usually hold your data for 7 years in line with our regulatory requirements. However, there may be valid reasons why we have to retain the information for longer for legitimate or contractual interests. For example, we may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

Where data is being held but no longer processed in a live environment you have the right to request erasure (see your rights section below) . This right does not apply if processing/retention is necessary to comply with a legal obligation or for the establishment/defence of legal claims.

 

Who has access to your information?

We do not share data with third parties or sell contact lists for the purpose of marketing.

Third parties we may share information with by law may include:

  • Law enforcement agencies.
  • Agencies with law enforcement powers.
  • Professional regulators.

Third parties we may share information with for some processing tasks may include:

  • Payment processing , for example Stripe and Go Cardless.
  • Mail list management , for example Mailchimp and Brevo.

Third party service providers.

We may pass you information on the third-party providers, agents, subcontractors and other associated organisations for the purpose of completing tasks and providing services on your behalf. For example, accounting software providers – to maintain your accounting records.

When we use third party service providers, we disclose only the information necessary to deliver the service and have contracts in place that requires them to keep the information secure and not use it for their own purposes.

Contractors may have access to your personal data whilst undertaking work for us, for example IT contractors who need to access our servers to perform their jobs . Contracts and security precautions are in place to limit the access to only those staff who require it for their job function. All contractors are subject to confidentiality and accountability.

Our staff who have access to your information have a duty of confidentially under the ethical standards Whitefield Tax are required to follow.

Staff who work remotely the risks are managed by  strong technical measures and regular employee training to protect personal data. We have established clear protocols for handling and storing sensitive data outside the traditional office setting.

 

How you can access and update your information

Keeping your information up to date and accurate is important. If your personal information changes then please let us know by completing the online form via our website or in writing by email.

 

How we store your personal data

We have in place reasonable and appropriate security measures in place to keep your personal data secure.

Your personal data is usually held on our own secure servers and processed within that environment.

Where data is stored by a third-party software suppliers on their servers or a cloud-based application , we undertake initial due diligence before entering into a contract with that supplier,  ensure that the minimum amount of personal data necessary is shared and that there are robust security and confidentiality measures in place.

We limit access to your personal data to those employees and limited third parties who have a business need to know.

A limited amount of  paper based personal data may be held at our office from time to time . This  is stored securely and either returned to you or shredded once it is processed depending on the nature of the data.

 

Transmission of Data

You acknowledge that data sent by email is unencrypted and our email communications may contain some personal data. Where you provide us with an email address for communications you are responsible for the security access of that email address.

 

Website Data – How we use cookies

We use traffic log cookies to identify which pages are being used on our  website. This helps us analyse data about webpage traffic and improve our website services. We only use this information for statistical analysis purposes and then the data is removed.

Cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. We do not have access to your computer or any information about you; other than the data you choose to share with us.

You can choose to accept or decline cookies, usually by modifying your browser settings.

We are not in control of the delivery of cookies from service providers and any comments or questions that you may have should be raised with the originator of those cookies.

 

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.

 

Your Rights

  • Right to be informed: You have the right to know what is happening with your personal data.
  • Right to access: You have the right to request a copy of the data we hold by making a data subject access request.
  • Right to rectification: You have the right to request that we correct any personal information we hold that you believe to be inaccurate.
  • Right to object: You have the right to object to processing based on either public or legitimate interests. Processing will stop unless we demonstrate grounds for continuing or it is required in connection with our legal rights and obligations.
  • Right to erasure: You have the right to be forgotten , you may ask us to delete personal information about you when the information is no longer necessary for the purpose for which it was obtained.
  • Right to restrict processing: You have the right to request a temporary limit on how your data is used , for example if you want to establish the accuracy of the information before we process it. The data can be stored but not used until this is established.

Further information can be found at the ICO website https://ico.org.uk/for-the-public

Contact Us

If you have any questions regarding this privacy notice, please contact us

 

Whitefield Tax - Isle of Wight Accountants - IR35 specialists
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

To review our full Privacy and Cookie Policy please click here