Privacy

How do you use my data?

  • When you create and log into your account we will collect your name, email address, phone number, company name and address (if applicable) and your payment details. We collect this in order to take steps to enter into a contract with you and allow you to purchase our services.
  • When you sign up to receive our news updates. We will collect your name and email address to provide you with our news updates in line with any preferences you have told us about. When we send you our news updates because you have opted-in to receive them, we rely on your consent to contact you.

You can unsubscribe from our updates at any time by responding to any email you receive from us to tell us you wish to unsubscribe.

  • When you contact us either by phone, email, via our 'contact us' page or via social media, we will usually collect your name and contact details, because it’s in our legitimate interest to make sure we can properly respond to your query.
  • When you use our website and consent to our use of cookies we will collect information about how you use our website. We use this information to improve our website and to better understand how people use it. More detail on the information we collect and how we do this is set out in our Cookie Policy.
  • If our business is sold. We process your personal information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you.

Who do you share my data with?

  • Business partners, suppliers and subcontractors for the performance of the contract we enter into with them or you.
  • Regulators/ Authorities/ Enforcement Agencies if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our clients or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
  • Prospective buyers of our business under our legitimate interest to ensure our business can be continued by the buyer.

Google Sheets Integration - How do you use my data?


For the Live Sheets app, we use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

We require the following the permissions:

  • See your primary Google Account email address, your personal info, including any personal info you've made publicly available and to associate you with your personal info on Google so that we can identify you
  • See, edit, create and delete all your Google Sheets spreadsheets so that we can create, edit and keep your spreadsheets up to date.
  • Allow this application to run when you are not present so that we can sync the reports automatically based on your settings
  • Display and run third-party web content in prompts and sidebars inside Google applications to open up a sidebar for you to configure your report filters and settings
  • Connect to an external service so we can bring in the data from the accounting platforms you have connected

Where do you store my data?

We store your data on third party servers which are based both in the UK and outside of the UK.

When working with third parties we may need to transfer your personal data outside of the UK and / or EU.

Whenever we transfer your personal information outside of the UK and the EU, we ensure it receives additional protection as required by law. To keep this policy as short and easy to understand as possible, we haven’t set out the specific circumstances when each of these protection measures are used. You can contact us using the details above for more information on this.

How long do you keep my data for?

We will only retain your personal information for as long as we need it unless we are required to keep it for longer to comply with our legal, accounting or regulatory requirements.

In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to improve the way we work and our services.

What communication policy do you have in place in the event of a data breach?

1. Notification Process: Upon discovery of a data breach, we will promptly initiate an internal investigation to assess the scope and impact of the breach. Once the necessary information is gathered, affected clients will be notified in accordance with applicable laws and regulations.

2. Timing of Notification: We will strive to provide prompt notification to affected clients. The timing of notification will be determined based on the nature and severity of the breach, as well as the availability of relevant information. However, it is understood that delays may occur due to the need for a thorough investigation or external legal requirements.

3. Content of Notification: The notification to affected clients will include information such as the nature of the breach, the types of data that were compromised, the potential risks or harm posed to the clients, and the steps being taken to mitigate the breach and prevent future incidents. The notification will be clear, concise, and written in a manner that is easily understandable to the clients.

4. Communication Channels: We will utilize appropriate communication channels to notify affected clients, such as email, direct mail, or secure online portals. The chosen channels will prioritize the security and confidentiality of the information being shared.

5. Assistance and Support: We will provide affected clients with appropriate resources and support to help them understand the breach and mitigate any potential harm. This may include providing guidance on how to protect their personal information, offering credit monitoring services, or facilitating access to identity theft resolution services.

6. Regulatory Reporting: In compliance with applicable laws and regulations, we will promptly report the data breach to the relevant regulatory authorities. This will be done in accordance with the required timeframes and procedures outlined by the applicable regulatory bodies.

What are my rights under data protection law?

You have various other rights under applicable data protection laws, including the right to:

  • access your personal data (also known as a “subject access request”);
  • correct incomplete or inaccurate data we hold about you;
  • ask us to erase the personal data we hold about you;
  • ask us to restrict our handling of your personal data;
  • ask us to transfer your personal data to a third party;
  • object to how we are using your personal data; and
  • withdraw your consent to us handling your personal data.

You also have the right to lodge a complaint with us or the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales. If you are based in the EU you can find your relevant supervisory authority here.

Please keep in mind that privacy law is complicated, and these rights will not always be available to you all of the time.

If you have any questions about this policy, including any requests to exercise your legal rights, please contact us at [email protected].

This policy was last updated on 20 February 2024.