Who we are
Low Cost Accounts is a trading name of HiCloud Accounting Ltd (Company Registration No. 11475884) and our registered office is:
Unit 24 Wilford Business Park, Ruddington Lane, Nottingham, NG11 7EP
The General Data Protection Regulation (“GDPR”) impose certain legal obligations in connection with the processing of personal data. Low Cost Accounts are data controllers within the meaning of the GDPR and we process personal data. (Regulation (EU) 2016/679).
Our representative for the purpose of data protection compliance is Thomas Ignatowicz who can be contacted at firstname.lastname@example.org. Alternatively you can write to us at:
Unit 24 Wilford Business Park Ruddington Lane Nottingham NG11 7EP
We do not capture or store any personal information about individuals who access this website, except where you choose to give us your personal details via email, contact form, Facebook Lead Form or by enquiring about any of our services. In these latter cases, the personal information you give us may be used by Low Cost Accounts in providing you with current and future information about products and services described in this website unless you request us not to.
You have the right to know about the personal information Low Cost Accounts holds about you. You also have a right to have your data corrected. Please address your requests and/or queries about your data to email@example.com
What will your information be used for?
We will use the information we collect for analytical purposes, and to assist us in improving our website, processes, products and services.
We will not share your information with any other companies.
Low Cost Accounts is committed to delivering the rights that the Data Protection Legislation* and Privacy and Electronic Communications Regulations provides to individuals.
Amongst these are:
- the right to object to your personal information being used for direct marketing. Where possible we will ensure we obtain your consent before undertaking marketing
- the right to request a copy of the personal information Low Cost Accounts holds about you. To do this, please write to us with full details of what you require enclosing a stamped, self-addressed envelope.
Errors and omissions
If you believe that there may be an error in any of the information that you have submitted via this website, please email: firstname.lastname@example.org. We will review our records as soon as possible.
We do not intentionally collect any information via this website from children under 16 years of age and shall delete the details when a parent or guardian notifies us that details have been obtained from their child.
We will amend this privacy statement from time to time and for this reason, it is valid until the end of the day that you viewed it. We recommend that you read this statement regularly.
*Data Protection Legislation: means the following legislation to the extent applicable from time to time: (a) the Data Protection Act and any other national laws implementing Data Protection Directive (95/46/EC) and the Directive on Privacy and Electronic Communications (2002/58/EC); and (b) with effect from 25 May 2018 the General Data Protection Regulation (2016/679) (GDPR); and (c) any other similar national privacy law as amended from time to time
We may amend this privacy notice from time to time.
We respect your privacy and your rights to control your personal data. We will always protect your data, be clear about the data we collect from you and the reasons why. We do not and will not sell your data to third parties.
We will only use your data where the law allows us to do so. We will use your data in the following circumstances:
• to enable us to supply professional services to you as our client
• to fulfil our obligations under relevant laws in force from time to time
• to comply with professional obligations to which we are subject
• to use in the investigation and/or defence of potential complaints, disciplinary proceedings and legal proceedings
• to enable us to invoice you for our services and investigate/address any attendant fee disputes that may have arisen
• to contact you about other services we provide which may be of interest to you if you have consented to us doing so
Please read this Policy carefully.
Categories of personal data collected
We will only collect personal data from you that we consider to be necessary in the context and purpose in which it’s given.
Through your use of our services we may also collect personal data from you about someone else. If you provide us with personal data about someone else, you must ensure that you are authorised to disclose that data to us and that, without us taking any further steps required by applicable data protection or privacy laws, we may collect, use and disclose such personal data for the purposes described in this Policy. You must, therefore, take reasonable steps to ensure that the third party concerned is aware of and consents to the various matters detailed in this Policy, including: the fact that their personal data is being collected; the purposes for which that data is being collected; the intended recipients of that data; and the third party’s right to obtain access to the data (including details of how to request access). Where requested to do so, you must assist us with any requests by the third party to access or update the personal data you have collected from them and provided in connection with our Services.
You may be required to provide information when:
• Subscribing to Our services
• Learning about Low Cost Accounts
• Purchasing, or enquiring about a product
• Forming a company
• Using our services
• Recommending Low Cost Accounts to Other Businesses
Learning about Low Cost Accounts
In order to gain more information about Low Cost Accounts, you may visit our website or landing pages, or for example speak to one of our advisors, use our calculators or download one of Our guides. At these times you may voluntarily provide personal information about yourself.
The type of personal information collected may include full name; phone numbers; email addresses; business type; income; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.
The data is used to ensure that you find the information you’re looking for and for us to make recommendations to you about our products and services. To follow up your enquiry, provide you with discounts on services, give you access to business guides, to share news about industry and Company updates. Additionally, your IP address helps us to understand geographic information about our website visitors.
Data may be collected through online forms; surveys; email; telephone, live chat or in person.
Purchasing, or Enquiring about Our Services
Depending on the type of service you purchase from us you may be asked to share information so we can provide a quote, respond to your enquiry, determine the product best suited for you and to complete the transaction.
The type of personal information collected may include full name; home/business postal address; phone numbers; email addresses; payment information; business type/trade; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; purchase inquiry and history; products, services or content provided.
This enables us to carry out our obligations to provide services you’ve engaged us to deliver or to perform. To provide a quote, form policy documents, complete the transaction and to follow up your purchase or enquiry.
We do not store any card payment data and only use payment information in connection with the purchase made.
Data may be collected through online forms, email, live chat or telephone.
Incorporating a business
If you have asked us to incorporate a company on your behalf you will be asked to provide personal information, the limited company you want to form and related third parties such as additional directors or shareholders, if you have any. This information is required so your company can be registered with Companies House.
The type of personal information collected may include full name; home/business postal address; phone numbers; email addresses; registered office/service address; date of birth; title; nationality; company details, to include share split, person of significant control; authentication data, for example passport number, national insurance number; place of birth; payment card information; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; purchase inquiry and history; products, services or content provided.
This is conducted to verify company name availability and ensure the company is formed correctly with the correct company officers and company information. To comply with legal and regulatory compliance, to include crime prevention. To provide the right guidance, answer your questions and to complete the transaction.
Data is collected through an online form, email, live chat or telephone.
Subscription to our services
We will require information from you when subscribing to our services. The information requested will depend on the type of service you require. You may also be asked to provide information about third parties i.e. additional employees, directors or shareholders. We may also seek your permission to contact external third parties to gain items such as professional clearance or assignment schedules.
The type of personal information collected may include:
• full name
• home/business postal address
• registered office address
• business name/type
• phone numbers
• email addresses
• job title/title / nationality / marital status
• date of birth/ place of birth
• national insurance number; tax codes; HMRC UTR numbers; government issued identification, including passport numbers; sanction and watch list data; details of any other business involvement including shareholding
• bank account data; usage data and statistics; connection data; other unique identifiers
The reasons for the collection of the above data is as follows:
• To carry out our obligations to provide services you’ve engaged us to deliver or to perform.
• to check your identity for legal/regulatory compliance and crime prevention.
• To conduct our obligations to provide services you’ve engaged us in.
• To process your accounting/payroll software correctly and provide the right support and advice.
• Analysis for management and marketing purposes.
Data may be collected through online forms, surveys, email, live chat, telephone or by post.
You may be asked to provide additional information and to keep us informed of any changes to your circumstances or that of your business. You may also require additional services or products.
The type of personal information collected may include the following:
• changes of home/business postal address
• changes in marital status
• other sources of income
• investment activities
• changes to your company structure, to include changes to company officers
• usage data and statistics
• connection data
• other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.
This is needed for the following reasons
• to fulfill our obligations to provide services on your behalf.
• to support you in managing your affairs
• to provide the right guidance and support at the right time
• to ensure you continue to be subscribed for the right services
• to notify you about changes to our services
• to make suggestions/recommendations to you about other products and services.
• for related purposes such as updating and enhancing our client records, improving our services, troubleshooting, testing, data analysis, research, profiling, statistical and survey purposes.
• analysis for management and marketing purposes and statutory returns, legal and regulatory compliance and crime prevention.
Data may be collected through online forms, surveys, email, live chat, telephone, SMS text message or by post.
Recommending Low Cost Accounts to Other Businesses
We have a recommendation program where you have the opportunity to earn commission for referrals of our products and services. It is important that you obtain permission from your referral before submitting their information to us.
The type of personal information collected may include full name; business name; telephone and mobile numbers and email address
This will enable us to contact your referral to discuss our services as requested
Data is collected through online forms, email, live chat and telephone.
How data is used
Data is collected to provide you with our services and for communication purposes.
Data is used for the following purposes:
• Our products and services
• Safety, Security, and issue resolution
• Business Operations
• Communication, Marketing and Advertising
Data is used to ensure we comply with relevant regulation and law. This includes checking your identity if you subscribe to our accounting services. This verification involves:
a full electoral roll search (your consent is not required for this); and
credit reference agencies placing a soft search footprint on your electronic file and your data being accessed by third parties for the specific purpose of anti-money laundering, credit assessment, ID verification, debt collection, asset reunification, tracing and fraud prevention.
Our products and services
Data is used to provide and improve our services and perform essential business operations. This includes operating our services, maintaining and improving the performance of our services, including developing new features, research, testing and providing client support.
Security, Safety, and Dispute Resolution
Data is used to protect the security and safety of our services and our clients, to detect and prevent fraud, to resolve disputes and enforce our agreements.
Outgoing and incoming telephone calls from and to our advisory or support teams are recorded for training and monitoring purposes. This process helps us to maintain high standards of service and resolve issues.
Data is used to run business operations to provide you with our services, profile our user base and develop anonymised aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions and report on the performance of our business.
Communication, Marketing and Advertising
We use the data we collect to deliver and personalise our communications with you.
For example, we may contact you by email or other means of electronic communication to inform you about our services, invite you to take part in a survey, notify you about promotions, business activities, events and changes to our services.
If you become a member, subscribe to or purchase one of our services you will also receive service-related communications. These will include system and service support communications, policy, security or software updates.
When we may share or disclose your data
We do not sell data about our clients and we only share or disclose your data as authorised in this Policy.
We may share or disclose information with the following types of third parties.
We work with a variety of third party suppliers to perform services such as website hosting, online product purchases and email communications. We share your personal data as necessary to complete any transaction or provide a product or service you have requested. These suppliers work on our behalf for the purposes described in this Policy. We impose strict contractual obligations on suppliers to ensure data is secure, protected and treated in accordance with this Policy and we will take all steps reasonably necessary to maintain compliance with these obligations.
We occasionally subcontract elements of Our service provision to other parties. We will always ensure that we have appropriate contractual arrangements in place.
To the extent that we are duty bound by any applicable legal or regulatory requirement to cooperate with any competent legal or governmental authority or agency, we shall do so in accordance with applicable law. This may involve disclosure of your personal data and we will have no legal liability for such disclosures. Please note that, depending on circumstances, We may be forbidden from advising you of the fact that your personal data has been disclosed to or requested by such third parties.
Under Section 330 of the Proceeds of Crime Act 2002 we have a duty to report to the Serious Organised Crime Agency (SOCA) if we know, or have reasonable cause to suspect, that you or anyone connected with your business are or have been involved in money laundering. Failure on our part to make a report where we have knowledge, or reasonable grounds for suspicion, would constitute a criminal offence. We are obliged by law to undertake this reporting to SOCA, but are under no obligation to make you aware of this reporting. In fact, we may commit the criminal offence of “tipping off” under Section 333 of the Proceeds of Crime Act 2002 if we were to inform you that a report had been made. In consequence, neither Our principals nor staff may enter into any correspondence or discussions with you regarding such matters.
With whom it might be necessary to complete a financial or corporate transaction such as a merger or sale of asset.
How to access and control your data
You can review, edit or delete your personal data by contacting us by email; email@example.com. We will respond to any request to access or delete your personal data as soon as possible, but certainly within 14 days.
Communication, marketing and advertising preferences
You can opt out of receiving certain direct communications from us.
If you wish to stop receiving promotional or marketing related emails from us, you can do so by following the instructions included in every email sent to you via the “unsubscribe” link. We respect your choice, and we will stop sending you emails once you unsubscribe. It may take up to 14 days to process your request.
Please note, if you have become a member, subscribed or purchased any of our services regardless of your preferences we will continue to communicate with you for service emails, software updates, policy updates, or significant information about our services.
Marketing and Advertising
We use several marketing tools in support of our advertising efforts.
To provide this ‘interest-based advertising’, the parties combine non-personal data about your online activities acquired over time which helps cater advertising that we deliver to you.
Examples of this may include a Low Cost Accounts advertisement on a Facebook page, or a Google-owned page such as a search results page or YouTube, or on a site within Google’s advertising network. We do not share your data as part of this process.
If you have opted out of receiving communications from us, we will not use your email for interest-based advertising, although you may still be subject to certain interest based advertising depending upon your browser and device settings.
Where we store and process data
By submitting your personal data, you agree to its transfer, storing and processing.
Most personal data is stored electronically on servers or computer systems with controlled access and controlled environments.
Our servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include monitoring, 24/7 surveillance and on-site security staff.
Other personal data may be kept in paper form within our office, if needed, although in the main copies are destroyed after they have been scanned into computer systems.
We will not transfer personal data outside of the European Economic Area (EEA) without complying with the provisions of the Data Protection Legislation in respect of such transfer.
Keeping your information secure
Protecting the security of your personal data is extremely important to us. A variety of security technologies and procedures are employed to help protect your personal data from unauthorised access, use or disclosure.
Any personal files can be saved on a secure cloud based client portal which is always SSL secured, meaning that your data is encrypted at all levels of data exchange. It utilises CloudFlare for DNS and DDOS protection. It automatically backup our databases multiple times per day and has systems failover to additional servers, to minimise downtime in case of server issues. The powerful servers are currently in a secure ISO 27001 certified data centre in Germany (high bandwidth and 100% emissions free). Users are automatically logged out of the system if inactive for over 6 hours. It also includes two factor authentication – similar technique as banks (required to enter one time code on each login). Means that even if someone knows your password, they still won’t be able to login.
While no Service is completely secure, we take precautionary measures and have strict security standards to help prevent data loss, theft, misuse and unauthorised access, disclosure, alteration and destruction or other like incidents that might affect the security of your personal data.
These measures include encryption, password protection, anti-malware, firewalls, server authentication, user profiles, backup/disaster recovery systems, restriction of access to premises and computer systems, as well as use of relevant third party service providers to provide security.
We impose strict contractual obligations on suppliers, subcontractors and partners to ensure data is secure, protected and treated in accordance with this Policy and we will take all steps reasonably necessary to maintain compliance with these obligations.
However we cannot guarantee the security of your personal data while it is being transmitted to us if you don’t enter or import it from a secure environment or secure mobile device.
If you have any questions about the security of your data, you can contact us at firstname.lastname@example.org
Retention of your information
We retain personal data for as long as necessary to provide our services or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly.
For example, the default standard retention period for accounting records is six years plus current, otherwise known as six years + one. This is defined as six years after the last entry in a record followed by first review and/or destruction to be carried out in the additional current (+ one) accounting year.
If we need to alter, restrict processing of your data, or remove your data we will inform you.
You can find detailed information about your rights under Data Protection legislation on the UK Information Commissioner’s website at ico.org.uk.
The right to be informed – You have the right to obtain confirmation whether your personal data is being processed by us or a third party processor. Through this Policy we explain the data we may gather, how it is used and why.
• The right of access – You have the right to access personal data we hold about you. You can make a request for access to the data we hold about you by emailing email@example.com
There is no charge for this service. However, we can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive and we may also charge a reasonable fee to comply with requests for further copies of the same information.
We will provide copies of the personal data we hold about you without delay and at the latest within one month of receipt. The period of time for response may be extended by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of the receipt of the request and explain why.
- The right to rectification – You have the right to your personal data being corrected if it is inaccurate or incomplete. If you think your personal data needs to be corrected email firstname.lastname@example.org
- The right to erasure (also known as the right to be forgotten). You can withdraw your consent and request the deletion or removal of your personal data where there is no compelling reason for its continued processing. We have in place processes to regularly review the data we hold and ensure that it is removed when it is no longer appropriate to hold it. However if you wish to make a request for Your personal data to be removed, you can do this by emailing email@example.com
- The right to restrict processing. Under certain specific circumstances, such as when you contest the accuracy of your personal data, you have a right to ‘block’ or suppress processing of personal data. If this is requested we are permitted to store your personal data, but not further process it. In the unlikely event that you wish to restrict processing you can do this by emailing firstname.lastname@example.org
- The right to data portability. You have the right to data portability allowing you to obtain and reuse your personal data for your own purposes across different services. To allow you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way without hindrance to usability. We can provide you with a CSV file. Please email email@example.com Please note this right only applies to data subject to automated processing.
- The right to object. You have the right to object to:
- processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
- direct marketing; and
- processing for purposes of scientific/historical research and statistics.
In relation to us, only the direct marketing ground is applicable. If you wish to object to Our direct marketing please email firstname.lastname@example.org
After you have signed up for our services you will receive service related emails from us, which are necessary to enable us to provide our services. You will always have the ability to opt-out of receiving non-service related messages. You can also ask to opt-out of having personal identifiable information used for certain purposes, including promotional communications and newsletters. You can exercise your right to prevent such processing by following the opt-out instructions, which will be clear and obvious on the forms, or emails we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com
- Rights in relation to profiling and automated decision making.
If you exercise any of your rights and your personal data has been shared with third parties, we will notify the third parties that you are exercising your rights as relevant to them.
You have the right to lodge a complaint with the Information Commissioner Officer, details of how to do this are given at their website: ico.org.uk.
Changes to our Policy
We may modify or update this Policy when necessary to reflect feedback and changes in our services. Visiting our website and/or using our services after any modification to this Policy will constitute your acceptance of such modification and updates. It is your responsibility to check this policy for any changes made.