Hunter Gee Holroyd are committed to protecting and respecting your privacy. We will only use your personal information to deliver the accountancy, taxation, audit and/or business advice services you have requested from us, and to meet our legal responsibilities to HM Revenue & Customs and Companies House.
We may change this Policy from time to time so please check this page occasionally to ensure that you are happy with any changes. By using our website, you are agreeing to be bound by this Policy.
The Data Protection officer is Nigel Everard, who can be contacted about anything to do with your personal data and data protection, including to make a subject access request, using the following details:
Email address: Nigel.Everard@hghyork.co.uk
Address: Club Chambers, Museum Street, York, YO1 7DN
Telephone number: 01904 655202
The Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR) requires organisations that process personal data to meet certain legal obligations. We are a data controller within the meaning of the Act and we process personal data. We are committed to complying with the requirements of the DPA and GDPR. As a result we confirm that personal information we process will only be held (or otherwise processed) to the extent necessary in order to provide the agreed professional services and for any other purpose specifically agreed.
Who are we?
Hunter Gee Holroyd are Chartered Accountants whose aim is to make a difference to small and medium sized businesses and individuals. We are a registered company: Hunter Gee Holroyd Limited Company Registration No: 02218208 (England & Wales)
How do we collect information from you?
We obtain information about you when you engage us to deliver our accountancy, taxation, audit and/or business advice services and when you use our website. For example, when you contact us about products and services, or if you register to receive one of our newsletters or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our service, participate in social media functions on our site, enter a competition or survey and when you report a problem with our site.
What type of information is collected from you?
The personal information we collect from you will vary depending on which accountancy, taxation, audit and/or business advice services you engage us to deliver. The personal information we collect might include your name, address, telephone number, email address, your Unique Tax Reference (UTR) number, your National Insurance number, bank account details, your IP address, which pages you may have visited on our website and when you accessed them.
How is your information used?
In general terms, and depending on which accountancy, taxation, audit and/or business advice services you engage us to deliver, as part of providing our agreed services we may use your information to:
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically five or six years. To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.
We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Where we use subcontractors they will comply with General Data Protection Regulation (GDPR) requirements.
Information which may be given to others
In order for us to provide the agreed services, we may provide personal data about you to:
We need to give information to these other parties in order to fulfil our contractual obligations to you and therefore it is not possible to opt out of the provision of information to these parties. If you ask us not to provide information we may need to cease to act. If the law allows or requires during the period of our contractual arrangements or after we have ceased to act we may give information about you to:
In addition, after we have ceased to act we may give information about you to:
Retention of information
When acting as a data controller and in accordance with recognised good practice within the tax and accountancy sector we will retain all of records relating to you as follows:
Who has access to your information?
We may share your information with selected third parties including:
Third Party Service Providers working on our behalf:
We may pass your information to our third party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf for example to process payroll or basic bookkeeping. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Third Party Service Providers we work in association with:
How you can access and update your information:
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email or write to us, or call us using the ‘Contact information’ noted below.
You have the right to ask for a copy of the information Hunter Gee Holroyd holds about you.
We have put in place appropriate and proportionate security measures to address the risk of personal data being lost, used, altered or accessed in an unauthorised way. We limit access to personal data to those who have a business need to access it, and who will only process the personal data on our instructions.
Whilst we strive to protect your personal information, we take steps to ensure that it’s treated securely. Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. We cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Use of 'cookies'
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies off may result in a loss of functionality when using our website.
Links to other websites
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of the UK
Your data will usually be processed in our offices in the UK. However, to allow us to operate efficient digital processes, we may transfer personal data that we collect about you to servers located outside the UK, within the European Economic Area (EEA) or the United States. We take the security of your data seriously and so all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.
Before agreeing to transfer data outside of the UK, we check to ensure there are adequacy regulations under the Data Protection Act 2018 in relation to each country. This ensures that their regulations will be deemed to provide an adequate level of protection for your personal information for the purpose of the UK Data Protection Legislation.
Where there are no adequacy regulations, we have binding contractual agreement with the relevant third parties to ensure that your personal data is treated by those third parties in a way that is consistent with and which respects the UK Data Protection Legislation.
We may occasionally contact you by post / email / telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated under ‘Contact information’ below.
We will not contact you for marketing purposes by email, phone, post or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us by email: email@example.com or telephone on 01904 655202.
Requesting information held about you (the right to access)
Requests to see records and other related information that the firm holds about you are known as ‘subject access requests’ (SAR). We have set out further details on SARs below.
Please provide all requests in writing to the individual at the top of this notice. To help provide the information on a timely basis you may need to provide copies of id and proof of address.
Asking someone else to make a subject access request on your behalf: You can ask someone else to request information on your behalf – for example, a friend, relative or solicitor. We must have your authority to do this. This is usually a letter signed by you stating that you authorise the person concerned to write to for information about you, and/or receive our reply.
The law allows us to refuse your request for information in certain circumstances – for example, if you have previously made a similar request and there has been little or no change to the data since the original request.
The law also allows us to withhold information where, for example, release would be likely to:
Where we are unable to consent to your request we will set out the reasons in writing.
Should information you have previously supplied to us be incorrect, please inform us immediately so we canupdate and amend the information we hold.
In certain circumstances it is possible for you to request us to erase your records and further information is available on the ICO website (www.ico.org.uk). If you would like your records to be erased, please inform us immediately and we will consider your request. In certain circumstances we have the right to refuse to comply with a request for erasure and if applicable we will supply you with the reasons for refusing your request.
In certain circumstances you have the right to ‘block’ or suppress the processing of personal data or to object to the processing of that information. For further information refer to the ICO website (www.ico.org.uk). Please inform us immediately if you want us to cease to process your information or you object to processing so that we can take the appropriate action.
Where you have consented for us to contact you with details of other services we provide we may continue to process your data and contact you for that purpose after our contractual relationship ends. You may withdraw consent for the firm to contact you in relation to details of other services we provide at any time during the performance of the contract or thereafter. We will then cease to process your data but only in connection with contacting you with details of other services we provide. Note that the withdrawal of consent does not make the other bases on which we are processing your data unlawful. We will therefore still continue to process your data under the terms of our contract and for other reasons set out in this privacy notice.
The right to data portability only applies:
You may be able to request your personal data in a format which enables it to be provided to another organisation. We will respond to any requests made without undue delay and within one month. We may extend the period by a further two months where the request is complex or a number of requests are received but we will inform you within one month of the receipt of the request and explain why the extension is necessary.
Please contact us in any of the ways set out in ‘Contact information’ below if you wish to exercise any of these rights.
Changes to our privacy notice
We keep this privacy notice under regular review and will place any updates on www.hghyork.co.uk
Paper copies of the privacy notice may also be obtained from
This privacy notice was last updated on 31 March 2021.
The accuracy of your information is important to us.
If you change email address, or any of the other information we hold is inaccurate or out of date, please
email us at: firstname.lastname@example.org
or write to us at:
Hunter Gee Holroyd
Alternatively, you can telephone us on 01904 655202.
We seek to resolve directly all complaints about how we handle your personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office at
Information Commissioner’s Office
Telephone – 0303 123 1113 (local rate) or 01625 545 745
You can also complain to our professional body – Institute of Chartered Accountants in England and Wales (ICAEW) as set out in the terms and conditions.