Who are we

When we refer to ‘we’ (or ‘our’ or ‘us’), that means Black Cat Accounting Ltd.
We provide general accounting services to small and medium sized businesses.

What we believe

We take a human approach to how we process personal data by being open, honest and transparent. Your information is precious to us and we treat it as we treat our own (and hope others would treat ours). We do not and will not sell your data to third parties.

How we collect your data

When you visit our websites or use our services, we collect personal data. The ways we collect it can be broadly categorised into the following:

Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. If you don’t want to provide us with personal data, you don’t have to, but it might mean we can’t perform services for you. If you provide us with personal data about someone else, you must ensure that you are authorised to disclose that data to us and that, without us taking any further steps required by applicable data protection or privacy laws, we may collect, use and disclose such personal data for the purposes described in this Policy. You must, therefore, take reasonable steps to ensure that the third party concerned is aware of and consents to the various matters detailed in this Policy, including: the fact that their personal data is being collected; the purposes for which that data is being collected; the intended recipients of that data; and the third party’s right to obtain access to the data (including details of how to request access). Where requested to do so, you must assist us with any requests by the third party to access or update the personal data you have collected from them and provided in connection with our Services.

Information we collect automatically: We can collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cookie notice.

Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as HMRC or trusted third parties like our Money Laundering Controller. We use this information to supplement the personal data we already hold about you, in order to better inform our services and meet out legislative requirements.

Examples Of Information We Collect

The type of personal information collected may include full name; home/business postal address; registered office address; business name/type; phone numbers; email addresses; job title; date of birth; place of birth; title; nationality; marital status; national insurance number; tax codes; HMRC UTR numbers; government issued identification, including passport numbers; sanction and watch list data; details of any other business involvement including shareholding; payment card information; bank account data; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; username and passwords for accessing and using our services, purchase inquiry and history; products, services or content provided.

What we do with your data

We use your information to perform a contract with you, or where we have legitimate interests to process the personal data and they’re not overridden by your rights, or in accordance with a legal obligation, or where we have your consent.

How we use your data

First and foremost, we use your personal data to provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:

To communicate with you. This may include:
  • Providing you with information you’ve requested from us (like HMRC payment details) or information we are required to send to you.
  • Operational communications, like letters and emails to you regarding changes to our websites and services, security updates, or assistance with using our websites and services.
  • Marketing communications on new services from ourselves (not third parties).
To support you. This may include:
  • Matters which may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, in-app support or otherwise.
To Verify You. This may include:

To verify your identity for legal/regulatory compliance and crime prevention. To carry out our obligations to provide services you’ve engaged us to deliver or to perform. To configure your accounting/payroll software correctly and provide the right support and advice.

How we can share your data

There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:

  • Other companies in the Black Cat family.
  • Third party service providers and partners who assist and enable us to use and safeguard the personal data to, for example, to backup your data.
  • Regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure.
  • Companies house and HMRC in relation to performing our contracted services.
  • Other people where we have your consent.

Under Section 330 of the Proceeds of Crime Act 2002 we have a duty to report to the Serious Organised Crime Agency (SOCA) if we know, or have reasonable cause to suspect, that you or anyone connected with your business are or have been involved in money laundering. Failure on our part to make a report where we have knowledge, or reasonable grounds for suspicion, would constitute a criminal offence. We are obliged by law to undertake this reporting to SOCA, but are under no obligation to make you aware of this reporting. In fact, we may commit the criminal offence of “tipping off” under Section 333 of the Proceeds of Crime Act 2002 if we were to inform you that a report had been made. In consequence, neither Black Cat Accounting principals nor staff may enter into any correspondence or discussions with you regarding such matters.

International Data Transfers

If we share your data, it may be transferred to, and processed in, countries other than the country you live in. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.

For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties). For further information, please contact us.


Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens.


The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements).

We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.

Your rights

It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just get in touch and we will remove you from our lists.

You also have rights to:
  • Know what personal data we hold about you, and to make sure it’s correct and up to date.
  • Request a copy of your personal data, or ask us to restrict processing your personal data or delete it.
  • Object to our continued processing of your personal data.

You can exercise these rights at any time just get in touch.

How to contact us

We’re always keen to hear from you. If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch.