Privacy policy.

This Privacy Policy outlines how Joshua Ferguson (“we”, “our”, “us”) collects, uses, and protects personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable ICAEW standards.

1. Who We Are

Joshua Ferguson is a UK-based sole practitioner providing accountancy, fractional finance, and consultancy services. We are registered with the Information Commissioner’s Office (ICO) as a data controller.

Data Controller: Joshua Ferguson
ICO Registration Number: [Insert ICO Registration Number]

2. What Information We Collect

We may collect and process the following types of personal data:

  • Your name, contact details, and company information

  • Financial records and documents

  • Tax references, UTRs, and Companies House data

  • Payroll and employee details (if applicable)

  • Identification documents for KYC/AML compliance

  • Communications and engagement history

We collect this data directly from you or from authorised third parties (e.g. HMRC, Companies House).

3. How We Use Your Information

We use your personal data to:

  • Provide accountancy, tax, and advisory services

  • Fulfil our contractual and legal obligations

  • Communicate with you effectively

  • Maintain records in accordance with ICAEW and HMRC regulations

  • Improve and manage our business operations

We do not use your data for unsolicited marketing, nor do we sell it to third parties.

4. Legal Basis for Processing

We rely on the following lawful bases to process personal data:

  • Contractual necessity – to deliver the agreed services

  • Legal obligation – to meet our statutory responsibilities

  • Legitimate interests – to operate efficiently and deliver quality service

  • Consent – for optional communications, where applicable

5. Data Sharing

We may share your information with:

  • HMRC, Companies House, and other government bodies

  • Software providers such as Xero, QuickBooks, Dext, etc.

  • Professional advisers, subcontractors, or consultants acting under our instruction

  • ICAEW or regulatory authorities if required

  • Our insurers or legal advisers where necessary

All third parties are subject to strict confidentiality and data protection requirements.

6. Data Retention

We retain personal data only for as long as necessary:

  • Typically 6–7 years to comply with legal and tax requirements

  • Longer if legally required or for active engagements

  • Data is securely deleted or anonymised when no longer required

7. Your Rights

You have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate or outdated information

  • Request erasure of your data (where legally permissible)

  • Object to or restrict processing in certain circumstances

  • Withdraw consent (where applicable)

  • Lodge a complaint with the Information Commissioner’s Office

To exercise these rights, contact: info@ferguson-accounting.co.uk

8. Data Security

We implement robust technical and organisational safeguards including:

  • Encrypted storage and cloud-based software

  • Access controls and password protection

  • Regular data reviews and access audits

  • Confidentiality clauses in all contracts

9. International Transfers

Your data is stored in the UK or with providers offering equivalent protection. We do not routinely transfer data outside the UK. If international transfers occur, appropriate safeguards will be applied.

10. Website and Cookies

Our website may use cookies for functionality and performance. We do not use cookies for advertising or profiling. You can manage cookie settings via your browser.

11. Updates to This Policy

We may update this policy periodically. The latest version will always be available on our website. Significant changes will be communicated where appropriate.

12. Contact

If you have any questions about this Privacy Policy or how your data is handled:

Joshua Ferguson ACA
Joshua@Ferguson-Accounting.co.uk
www.ferguson-accounting.co.uk