Privacy Policy

Last updated: March 2026

Privacy Notice

This Privacy Notice explains how KG McGahan Consulting Limited collects, uses and protects personal data in accordance with UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

KG McGahan Consulting Limited is an accountancy and business advisory practice providing accounting, tax and related support services.

For the purposes of data protection law, KG McGahan Consulting Limited is the data controller in relation to the personal data you provide to us.

KG McGahan Consulting Limited
Company number: 07506979
Email: admin@kgmcgahanconsulting.com
Registered office: 40 Severn Road, Maidenbower, Crawley, West Sussex, RH10 7ZF

2. The Personal Data We Collect

We may collect, use and store personal data including:

  • Name, home address, business address, email address and telephone number
  • Date of birth and identification documents
  • Financial information, accounting records and transaction data
  • Tax information and government identifiers, such as National Insurance numbers and Unique Taxpayer References
  • Business information, including details of directors, shareholders, employees and subcontractors where relevant
  • Correspondence, records of meetings and other communications with you
  • Information obtained as part of client due diligence, identity checks and anti-money laundering compliance

3. How We Collect Your Data

We collect personal data directly from you, from records and documents you provide, from third parties acting on your behalf, and from publicly available sources where appropriate.

We may also receive information from software platforms and service providers used in delivering our services, including bookkeeping, payroll, document capture and identity verification systems.

4. How We Use Your Personal Data

We use your personal data to:

  • Provide accounting, tax, bookkeeping, payroll and business advisory services
  • Maintain our client records and manage the professional relationship
  • Verify identity and comply with anti-money laundering legislation
  • Prepare and submit returns, accounts and other documents on your behalf
  • Communicate with you and with third parties authorised by you
  • Meet our legal, regulatory and professional obligations
  • Establish, exercise or defend legal claims
  • Improve our internal systems, procedures and service delivery

5. Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

  • Performance of a contract with you
  • Compliance with a legal obligation
  • Legitimate interests in operating and protecting our business and providing our services effectively
  • Consent, where this is specifically required

6. Who We May Share Your Data With

We may share your personal data where necessary with:

  • HM Revenue & Customs, Companies House and other government or regulatory bodies
  • Our professional advisers, consultants and subcontractors
  • Cloud software providers and other technology providers used in delivering our services
  • Identity verification and anti-money laundering service providers
  • Third parties authorised by you
  • Any other party where disclosure is required or permitted by law

Where third-party service providers process data on our behalf, they do so as data processors and are required to keep your information secure and confidential.

7. International Transfers

Some of the software and technology providers we use may process or store data outside the UK.

Where personal data is transferred outside the UK, we will take reasonable steps to ensure that appropriate safeguards are in place in accordance with UK data protection law.

8. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage.

These measures include secure systems, restricted access, appropriate password controls and the use of reputable software providers.

However, no method of transmission or storage is completely secure and we cannot guarantee the absolute security of electronic communications.

9. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, regulatory, professional and insurance requirements.

In most cases, we will retain client records for at least six years after the end of the relevant accounting period, tax year or business relationship, and longer where required by law or where it is reasonable to do so.

Anti-money laundering records will generally be retained for at least five years after the end of the business relationship, unless a longer retention period is required or permitted.

10. Your Rights

You may have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete personal data
  • Request erasure of personal data in certain circumstances
  • Request restriction of processing in certain circumstances
  • Object to processing carried out on the basis of legitimate interests
  • Request transfer of your personal data where applicable
  • Withdraw consent where processing is based on consent

These rights are subject to certain legal restrictions and exemptions. To exercise any of these rights, please contact us using the details above.

11. Marketing

We do not send marketing emails unless you have asked to receive them or we are otherwise permitted to do so.

You can ask us to stop sending marketing communications at any time.

12. Cookies and Website Use

Our website may use cookies and similar technologies to support the operation of the site, improve user experience and help us understand website usage.

You can control cookie settings through your browser or through any cookie preferences tool made available on our website.

13. Complaints

If you have any concerns about how we handle your personal data, please contact us in the first instance and we will try to resolve the matter promptly.

You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters. Further information is available on the ICO website.

14. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. Any updates will be posted on this page and the revised version will take effect from the date shown above.