LIDERTAX LTD PRIVACY POLICY
Version 1.0 | Updated 29 December 2025 | Next review: December 2026
ICO Registration: ZA696273
Lidertax Ltd (Company No. 08106831, VAT No. 332385412), registered office: 22 Railway Street, Chatham ME4 4JT, is the controller of personal data under UK GDPR. Our Data Protection Officer is:
Przemyslaw Mackojc
Contact: pm@lidertax.co.uk
Tel: 01634 819771| Mobile: +44 7933 069001
Types of Information We Collect, Why and How
Lidertax collects only data necessary for comprehensive tax, accounting and compliance services, HMRC statutory requirements and Money Laundering Regulations 2017 (MLR 2017). Certain statutory data such as National Insurance numbers and Unique Taxpayer References (UTRs) are legally required – failure to provide this information prevents us from completing HMRC filings and may result in regulatory penalties for you.
Website Enquiries and Contact Forms:
When you submit enquiries through our website forms, we collect your name, email address, phone number, IP address, company name and any information you voluntarily provide. This enables us to respond to your queries, provide tax advice and follow up on service requests. Data is collected via online forms and cookies for legitimate interests.
Self-Assessment, VAT Returns and PAYE Services:
For tax return preparation and submission, we collect National Insurance numbers, UTRs, HMRC tax codes and references, bank details, Self-Assessment forms, P60s, P45s, payslips, rental income details, Capital Gains Tax calculations, expense receipts and supporting documentation. This information is essential for preparing and submitting accurate returns to HMRC. National Insurance numbers and UTRs are statutory requirements – without them, we cannot file returns on your behalf.
Limited Company Services:
For LTD company registration, annual accounts, CT600 Corporation Tax returns and Confirmation Statements, we collect director and shareholder details including full names, dates of birth, nationalities, passport numbers, service addresses, share splits and Companies House data. This information is required for statutory filings.
AML/KYC Compliance:
Under MLR 2017, we collect identity documents (passports, driving licences), proof of address, Politically Exposed Persons (PEP) status and sanctions screening data through our AMLCC compliance platform. This enables customer due diligence, risk assessment and suspicious activity reporting where required.
Payroll Services:
We collect employee details, PAYE references, National Insurance details, payslip information, P60/P45 data and RTI submissions for HMRC compliance.
Marketing Communications:
Email addresses collected only with explicit consent for sending tax updates, newsletters and service information.
Statutory Requirements Notice:
National Insurance numbers, UTRs and HMRC references are mandatory for Self-Assessment, VAT returns and Corporation Tax filings. Non-provision will prevent HMRC submissions and may result in penalties from HMRC.
How We Use Your Personal Data
We process your data for the following specific purposes:
Tax Services:
Prepare and submit Self-Assessment returns, VAT returns, CT600 Corporation Tax returns, RTI submissions to HMRC and Companies House filings including Confirmation Statements.
AML Compliance:
Conduct customer due diligence through AMLCC platform, perform risk assessments, sanctions/PEP screening and report suspicious activities to National Crime Agency (NCA) as required by MLR 2017.
Company Services:
Complete LTD company registrations, prepare annual financial statements, file CT600 returns and Confirmation Statements with Companies House.
Payroll Services:
Generate P60s, P45s, payslips and submit Real Time Information (RTI) to HMRC.
Administrative Services:
Handle HMRC correspondence, manage Government Gateway access, obtain authorisation codes, archive documents and support during HMRC inspections.
Marketing:
Send tax updates and newsletters (consent basis only).
Service Improvement:
Analyse feedback, monitor compliance and improve service delivery.
Legal Compliance:
Maintain records for HMRC inspections, fraud prevention and regulatory reporting.
Lawful Bases for Processing
Legal obligation:
HMRC statutory filings (Self-Assessment, VAT returns, CT600, RTI) and MLR 2017 AML compliance requirements. Consent is not required for these mandatory processes.
Contract: Performance of tax services agreement including Self-Assessment preparation, company accounts and VAT compliance.
Legitimate interests:
Fraud prevention, service improvement, compliance monitoring. Full legitimate interests balancing test available from our DPO upon request.
Consent:
Marketing emails and newsletters. Consent can be withdrawn easily at any time.
Sharing Your Data (Recipients)
We share personal data only with authorised processors bound by strict Data Processing Agreements (DPAs) under Article 28 UK GDPR. We never sell your data.
Public authorities: HMRC and Companies House for statutory disclosures (legally required).
Data processors:
– AMLCC (AML/KYC compliance platform)
– Xero and QuickBooks (accounting software)
– Bitrix24 (CRM and document management)
– Google Workspace (cloud email and storage)
Fraud/AML services:
Experian or LexisNexis where used for MLR 2017 due diligence (no marketing use).
All processors act only on our instructions and maintain equivalent security standards.
International Transfers of Personal Data
We do not routinely transfer data outside the UK. Where US-based processors are used (Google Workspace, potential AI tools), we rely on UK adequacy decisions or Standard Contractual Clauses (SCCs) under Article 46 UK GDPR.
You have the right to request copies of transfer safeguards. Contact pm@lidertax.co.uk.
How Long We Keep Your Data
Tax records (Self-Assessment, VAT, CT600, payroll):
6 years plus current year (6+1 years) – HMRC statutory requirement.
AML records:
5 years after client relationship ends – MLR 2017 requirement.
Marketing data:
3 years or until consent withdrawal.
Website enquiries:
2 years for service delivery.
After retention periods expire, data is securely deleted or irreversibly anonymised in accordance with UK GDPR Article 17.
How We Keep Your Data Secure
Lidertax implements comprehensive security measures:
– SSL/TLS encryption for data in transit
– Access controls and multi-factor authentication
– Secure cloud infrastructure (Google Workspace, Bitrix24, AMLCC)
– Regular security audits and staff training
– Data breach procedures (72-hour notification if high risk)
– Disaster recovery and backup systems
For security enquiries: pm@lidertax.co.uk.
Your Rights Under UK GDPR
You have the following rights free of charge:
Right to be informed:
Clear information about data processing (this Privacy Policy).
Right of access: Request copy of personal data held about you. Email pm@lidertax.co.uk. Response within one month (extendable by 2 months for complex requests).
Right to rectification:
Correct inaccurate or incomplete data. Email pm@lidertax.co.uk.
Right to erasure (‘right to be forgotten’):
Request deletion where no compelling legal reason to retain. Note: Statutory/contract data cannot be deleted if required by HMRC/MLR 2017.
Right to restrict processing:
Block processing in certain circumstances (e.g., accuracy disputes).
Right to data portability:
Receive data in structured CSV format for transfer to another service.
Right to object:
Object to processing at any time, particularly:
Direct marketing: office@lidertax.co.uk or reply STOP
Legitimate interests: pm@lidertax.co.uk with reasons
Right to withdraw consent: As easy as giving consent. Use unsubscribe links, email office@lidertax.co.uk or pm@lidertax.co.uk.
Artificial Intelligence Tools
Lidertax uses AI tools internally for efficiency:
– Tools: ChatGPT, Perplexity.ai, Claude.ai, NotebookLM
– Purpose: Document drafting, research, internal analysis
– Client data: No client personal data processed through AI
– Decisions: No automated decisions affecting individuals
Cookies and Similar Technologies
Our website uses cookies and tracking technologies:
Google Analytics** (GA4):
_ga (2 years), _gid (24 hours) for website usage analysis.
Facebook Pixel:
fbp (90 days) for retargeting advertisements.
Session cookies:
Contact forms and login persistence (deleted on browser close).
Cookie choices:
Consent banner on first visit. Adjust via browser settings. Google Analytics opt-out browser extension available.
Contact forms:
Process name, email, phone for legitimate interests (responding to enquiries).
Third-party services:
See individual privacy policies for Google Analytics and Facebook.
Marketing Communications
Marketing emails sent only with explicit consent.
How to unsubscribe:
– Click unsubscribe link at bottom of every email
– Email office@lidertax.co.uk with STOP in subject line
– SMS: Reply STOP / 0044 / 07933069001
– Phone: 0208 8350012
Service-related emails (tax deadlines, filing confirmations, account updates) continue as necessary for contract performance.
Changes to This Privacy Policy
Lidertax reviews this policy annually (next: December 2026). Material changes notified by:
– Email to all users
– Website notice with new version date
Continued use of services constitutes acceptance of updates.
Contact Us
For data protection queries:
Przemyslaw Mackojc, Data Protection Officer
Email: pm@lidertax.co.uk
Phone: +44 7933 069001
For general enquiries:
Email: office@lidertax.co.uk
Phone: 0208 8350012
Address: Lidertax Ltd, 22 Railway Street, Chatham ME4 4JT
To make a complaint:
Information Commissioner’s Office (ICO)
Website: ico.org.uk/make-a-complaint
Phone: 0303 123 1113
Email: helpline@ico.org.uk
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Responsible Disclosure Policy
Lidertax takes security seriously. Report vulnerabilities responsibly:
Report to: office@lidertax.co.uk
In scope: www.lidertax.co.uk and associated services
Out of scope: Phishing, denial-of-service attacks, social engineering
Recognition: Hall of Fame acknowledgement for valid disclosures
—
Document Control
Version: 1.0 | Created: 29 December 2025 | Last Updated: 29 December 2025 | Next Review: December 2026
Company Registration: 08106831 | ICO Registration: ZA696273