GDPR & Data Protection
Britvex Advisory’s approach to UK GDPR compliance and data protection — what data we collect, why we collect it, how we store it, how long we keep it and your rights as a data subject.
UK GDPR & Data Protection at Britvex
Britvex Advisory is fully compliant with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take our data protection responsibilities seriously — your personal and financial information is treated with the utmost care and security.
The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 are the primary pieces of legislation governing how organisations must collect, process, store and protect personal data in the United Kingdom. As a firm handling sensitive financial information about individuals and businesses, Britvex Advisory takes its obligations under this framework extremely seriously.
We collect only the personal data we genuinely need to provide our services. This typically includes contact information, financial records, tax data and identity verification documents. We do not collect personal data for marketing purposes without your explicit consent, and we do not sell, rent or exchange personal data with third parties for their own commercial use.
All personal data held by Britvex is stored on secure, encrypted systems. Our document management system uses bank-grade encryption and multi-factor authentication. Access to client data within Britvex is restricted on a need-to-know basis — only the team members actively working on your account can access your data.
We are registered with the Information Commissioner’s Office (ICO) as a data controller. Our registration details are publicly accessible on the ICO register. If you have a concern about how we have handled your personal data that we have been unable to resolve, you have the right to refer it to the ICO.
We retain personal data for as long as necessary to fulfil the purpose for which it was collected, plus any legally required retention period. For tax and accounting records, HMRC requires us to retain records for a minimum of six years. AML regulations require a minimum of five years after the end of the client relationship. We delete data beyond these periods in accordance with our documented retention schedule.
✅ Your Data Protection Rights
- ✓ Right of Access — request a copy of your personal data
- ✓ Right to Rectification — correct inaccurate data
- ✓ Right to Erasure — request deletion where applicable
- ✓ Right to Restrict Processing — limit how we use your data
- ✓ Right to Data Portability — receive your data in machine-readable format
- ✓ Right to Object — object to certain processing activities
- ✓ Rights relating to automated decision-making
- ✓ Right to Withdraw Consent — where processing is consent-based
What to Expect
Why Choose Britvex
Encrypted and Secure
All client data is stored using bank-grade encryption on secure, compliant servers — accessible only to authorised Britvex personnel on a need-to-know basis.
Fully ICO Registered
Britvex is registered with the Information Commissioner’s Office as a data controller — our registration is publicly verifiable on the ICO register.
Clear Rights Process
Exercising your data subject rights is straightforward — contact us via the Britvex Hub or by email and we will respond within the statutory one-month timeframe.
No Data Selling
We never sell, rent or exchange your personal data with third parties for their own commercial use — ever, under any circumstances.
By the Numbers
4 Mistakes to Avoid
Not Reading the Privacy Notice
Our Privacy Notice sets out exactly what data we collect, why, how we process it and your rights. Reading it before engaging any accountant — including Britvex — is important.
Assuming Your Data is Automatically Deleted
Data is not deleted simply because you stop using a service. Legal retention periods mean we must keep certain records for years after your account closes. We are transparent about these periods in our Privacy Notice.
Not Knowing Your Rights
UK GDPR gives you eight specific data subject rights. Many people do not know these rights exist, let alone how to exercise them. Contact us at any time to discuss your rights or make a request.
Sharing Sensitive Data via Unsecured Email
Always use the Britvex Hub secure portal to share financial documents, identity documents and other sensitive information — not standard email, which is not encrypted.
Transparent Fixed Fees
Data protection compliance is part of our standard service. There is no additional charge for exercising your data subject rights.
No setup charges. Fixed fee agreed upfront before you commit.
All-inclusive fixed monthly pricing — no hourly rates, ever.
Free no-obligation consultation. No pressure, no commitment.
Frequently Asked Questions
Questions About Your Data & Privacy Rights?
Join over 1,200 UK businesses who trust Britvex Advisory. Book a free consultation — no commitment required.