Skip to main content

Legal

Privacy Policy

This Privacy Policy explains how ACCOUNTUP LIMITED trading as AccountUp (AccountUp, we, us or our) collects and uses personal data when you use our website, contact us, or interact with our business communications and tools.

This website and our services are intended for business use. We do not knowingly target or collect personal data from children.

Last updated: 08/04/26UK GDPR / DPA 2018

1. Who we are

For the purposes of UK data protection law, AccountUp is the data controller for personal data we process for our own business operations (for example, our website, marketing, sales, supplier management and compliance).

Data controller

ACCOUNTUP LIMITED (trading as AccountUp)
124 City Road, London, England, EC1V 2NX
Company Number: 16306344
Email: prashant@accountup.co

2. When this policy applies

This policy applies to personal data relating to:

  • visitors to our website;
  • people who contact us or request information;
  • prospective customers and business leads;
  • customers and their employees, directors or representatives;
  • people who interact with our content, events, tools or marketing; and
  • service providers, partners and other business contacts.

3. Controller and processor roles

We may act as either a controller or a processor, depending on the context:

  • Controller: where we decide how and why personal data is processed for our own purposes (for example, website operations, marketing, sales, and business administration).
  • Processor: where we process personal data on behalf of a customer to provide services under a written services agreement (for example, personal data contained in accounting records, payroll data, tax records, or communications).

Where we act as a processor, the customer is responsible for having an appropriate lawful basis to share personal data with us and for issuing privacy information to relevant individuals where required.

4. Personal data we collect

4.1 Information you provide directly

Depending on how you interact with us, you may provide:

  • name, business email address, phone number, company name, job title and business address;
  • information submitted through forms, emails, calls, chats or meetings;
  • details when booking a consultation, downloading resources or using our tools; and
  • business onboarding, billing, instructions, approvals, support requests and feedback.

4.2 Information we collect automatically

When you use our website, we may collect:

  • IP address, browser type/version, device information;
  • pages viewed, referring URLs, date/time of access, and interaction data; and
  • cookie and similar tracking data (see section 9).

4.3 Information we receive from third parties

We may receive personal data from:

  • your employer, colleagues or introducers;
  • platforms you authorise us to access (for example accounting, payroll, banking, invoicing or tax platforms) when delivering services;
  • event/webinar platforms, CRM/analytics/lead providers; and
  • public sources (for example company websites or LinkedIn).

5. Categories of personal data

Depending on the interaction or services provided, we may process:

  • identity and contact data;
  • professional/employment data (role, employer, business contact details);
  • communications data;
  • customer account and billing data; and
  • website and usage data, including marketing preference data.

Where we are delivering services, we may also process personal data contained in customer records, which can include financial, payroll, tax or compliance-related data relating to founders, directors, employees, contractors or other individuals connected with the customer’s business.

6. How we use personal data (purposes)

We use personal data for the purposes below:

  • Enquiries and relationships: responding to enquiries, scheduling calls, providing proposals, and managing customer/supplier/partner relationships.
  • Marketing and content: sending business communications, insights, event information, and understanding which content is relevant (see section 8).
  • Service delivery: delivering agreed services under a Services Agreement, which may require access to customer systems, documents and records.
  • Website and tool operations: maintaining functionality, measuring usage, troubleshooting, improving performance/user experience, and protecting against misuse or fraud.
  • Compliance and protection: meeting legal/regulatory obligations, keeping records, responding to lawful requests, and establishing/exercising/defending legal claims.

7. Lawful bases for processing

We rely on one or more lawful bases under UK GDPR, depending on the purpose and context:

  • Legitimate interests: for operating and improving our business, dealing with enquiries, B2B marketing to relevant contacts, managing relationships, and keeping our website and systems secure. Where we rely on legitimate interests, we consider the impact on individuals and balance our interests against their rights and freedoms.
  • Contract: where processing is necessary to take steps before entering into a contract, or to perform a contract with a customer/supplier/partner.
  • Legal obligation: where we must comply with a legal or regulatory duty.
  • Consent: where required, particularly for certain cookies/tracking technologies and (in some cases) specific marketing activities.

8. Marketing communications (B2B)

If you are a business contact, we may send you marketing communications about services, resources, events, tools or updates we believe may be relevant to your business.

You can opt out at any time by using the unsubscribe link in our emails or by contacting prashant@accountup.co. We may retain limited information (for example your email address and opt-out status) to ensure we respect your preferences.

9. Cookies and similar technologies

We use cookies and similar technologies to operate the website, understand usage and improve performance, and (where applicable) support marketing. You can manage your cookie choices via our cookie banner and your browser settings. Disabling certain cookies may affect website functionality.

10. Sharing personal data

We do not sell personal data.

We may share personal data where necessary with:

  • hosting and infrastructure providers;
  • CRM, communications, email and calendar providers;
  • analytics and website tooling providers;
  • accounting, payroll and finance software providers (where relevant);
  • document storage and workflow providers;
  • professional advisers (legal, accounting, audit, insurance);
  • payment and billing providers; and
  • regulators, courts, law enforcement or authorities where required.

Where we use suppliers to process personal data on our behalf, we use appropriate contractual protections and require appropriate security measures.

11. International transfers

Some suppliers may process personal data outside the UK (and potentially outside the EEA). Where personal data is transferred internationally, we take steps to ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or other lawful transfer mechanisms, along with additional measures where appropriate.

12. Data retention

We keep personal data only for as long as reasonably necessary for the purposes described in this policy. Retention depends on factors including the nature of the data, why we hold it, and any legal, regulatory, accounting, tax, or dispute-resolution requirements.

As a general guide:

  • enquiry and prospect data is kept as needed to manage the relationship and maintain appropriate business records;
  • service delivery data is kept for the duration of the engagement and afterwards as required for professional recordkeeping, compliance and resolving disputes; and
  • marketing preference data is kept to maintain suppression records and respect opt-out requests.

13. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. Measures may include access controls, secure storage, encryption where appropriate, staff confidentiality obligations, and supplier due diligence.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to maintain safeguards appropriate to the nature of the data we handle.

14. Your rights

Subject to applicable law, individuals may have rights including to access, correct or erase personal data, restrict processing, object to processing, and (where relevant) data portability. Where processing is based on consent, you can withdraw consent at any time.

To exercise your rights, contact prashant@accountup.co. We may need to verify your identity before responding.

15. Complaints

If you have a concern about how we handle personal data, please contact us and we will try to resolve it. You also have the right to complain to the UK Information Commissioner’s Office (ICO).

ICO details: ico.org.uk.

16. Third-party websites

Our website may contain links to third-party websites, tools or services. Their privacy practices are governed by their own policies, not this policy. We encourage you to review their privacy notices before sharing personal data with them.

17. Changes to this policy

We may update this policy from time to time to reflect changes in our services, systems, legal requirements or business practices. When we do, we will update the “Last updated” date at the top of this page.

18. Related documents

For website usage terms, see our Terms of Service.