Privacy Policy

Effective date: 18 June 2026

Introduction

This website and accountancy practice are operated by Elisander Doraci, a sole trader trading as SwiftLedger Accounting (“we”, “our”, “us”). We are committed to protecting your privacy and handling your personal data responsibly.

This Privacy Policy explains how we collect, use, store and protect your personal information when you visit our website at https://swiftledger.co.uk or use our bookkeeping and accountancy services.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are a licensed member in practice of the Association of Accounting Technicians (AAT), licence number 1008116, and are registered with the Information Commissioner’s Office (ICO) under registration number [INSERT ICO REGISTRATION NUMBER — application C1962747].

Who is responsible for your data

The data controller is:

Elisander Doraci, trading as SwiftLedger Accounting 20–30a Abington Street, Northampton, NN1 2AJ Email: info@swiftledger.co.uk Telephone: +44 1604 385145

Information we collect

Depending on your relationship with us, we may collect and process the following types of personal data:

  • Identification and contact data: name, date of birth, email address, telephone number, postal address, and (where relevant to our services) National Insurance number and Unique Taxpayer Reference.
  • Financial and tax data: information required to provide our services, such as income and expense records, bank statements, payroll information, VAT details and tax records.
  • Business data: for clients who operate companies, information such as company registration details and director/shareholder information.
  • Technical data: IP address, browser type, device information and pages visited, collected via cookies when you use our website.
  • Communication data: the content of enquiries and correspondence you send us by email, telephone or our website contact form.

How we use your information

We use your personal data to:

  • provide our bookkeeping, accountancy, payroll, VAT and tax services;
  • prepare and submit returns and filings to HMRC and Companies House on your behalf;
  • verify business and client details as part of our onboarding and due diligence (including checking VAT registration numbers via HMRC’s “Check a UK VAT Number” service);
  • respond to your enquiries and provide ongoing client support;
  • comply with our legal, regulatory and professional obligations, including anti-money-laundering and HMRC requirements;
  • maintain our business records and manage payments; and
  • operate and improve our website.

Lawful bases for processing

We rely on the following lawful bases under UK GDPR:

  • Contract — to deliver the services you have engaged us to provide.
  • Legal obligation — to meet our obligations under tax, anti-money-laundering and company law.
  • Legitimate interests — to administer our practice, communicate with clients, and keep proper records, in a way that does not override your rights.
  • Consent — where required, for example certain website cookies.

We do not sell your data, and we do not share it for third-party marketing.

How we collect data

We collect data directly from you (for example, during onboarding or in the course of providing services), automatically through our website cookies, and occasionally from third parties such as HMRC, Companies House or a previous adviser where you have authorised this.

Who we share your data with

We share personal data only where necessary to deliver our services and meet our obligations. This may include:

  • HMRC and Companies House — for filings, returns and statutory submissions made on your behalf.
  • Software and service providers acting as our processors, who are bound by data protection obligations and process data only on our instructions. These currently include:
    • Xero — bookkeeping and accounting software;
    • Moneysoft — payroll processing;
    • TaxCalc — tax return preparation and submission;
    • Supabase and Vercel — the secure hosting and database platform for our practice-management system;
    • Resend — for sending service-related emails to clients.
  • Professional and regulatory bodies — where we are required to do so, for example the AAT or in connection with anti-money-laundering supervision.

We may also disclose information where required by law, court order, or to protect our legal rights.

Where your data is stored

Our practice-management data is hosted on infrastructure provided by Supabase and Vercel. Personal data is encrypted in transit and at rest. Where any provider stores or processes data outside the UK, we ensure appropriate safeguards are in place as required by UK data protection law.

Cookies and analytics

Our website uses cookies to help it function and to understand how visitors use it. We use Google Analytics to collect anonymous statistical information about website traffic, such as pages visited and approximate location. We do not display advertising on our website and do not use your data for advertising purposes.

You can manage or disable cookies through your browser settings. Disabling some cookies may affect how the website works.

Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, accounting and tax requirements. In practice, this usually means retaining client records for at least six years after the end of our engagement, in line with HMRC and professional requirements, after which data is securely deleted or anonymised.

Data security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse or disclosure. These include encryption of data in transit and at rest, access controls restricting data to those who need it, secure authentication, and the use of reputable, security-compliant service providers.

Your rights

Under UK GDPR, you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request erasure of your data where there is no overriding legal reason for us to keep it;
  • object to, or request restriction of, our processing in certain circumstances;
  • request a copy of your data in a portable format; and
  • withdraw consent where we rely on consent to process your data.

To exercise any of these rights, please contact us at info@swiftledger.co.uk. We will respond within one month.

If you are unhappy with how we have handled your data, you have the right to complain to the Information Commissioner’s Office (ICO) at https://ico.org.uk or by calling 0303 123 1113.

Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised effective date.

Contact us

If you have any questions about this Privacy Policy or how we handle your data, please contact:

Elisander Doraci — SwiftLedger Accounting 20–30a Abington Street, Northampton, NN1 2AJ Email: info@swiftledger.co.uk Telephone: +44 1604 385145