Privacy Policy


Subtilis Accountancy is the trading name of Subtilis Accountancy Limited having the company number 11410828. Based in Innovation House at 39 Mark Road, Hemel Hempstead, Subtilis Accountancy is an accountancy firm that is registered to conduct the financial management services of businesses, firms and industries. To get in touch with our Head of Privacy, you can contact us at

This privacy policy states on how we take and make use of the personal information that we collect from you, as a customer of Subtilis Accountancy.
View the Glossary of Terms at the end of the document stated.

Glossary of Terms

What is the personal data?

According to the GDPR, personal data is the information related to the identified data subject that is related directly or indirectly to the person. This includes

Contact Details
Employment History
Employee Numbers
Credit History
Personal Taxes
Payroll and Accounting Information

What is sensitive personal data?

The details mentioned above are all part of the sensitive personal data but it also includes genetic data and biometric data. The data might also include convictions.

What is a Data Controller?

As per the General Data Protection Regulation (GDPR), Data Controller means or rather to the person organization that who has the right to decide what data is required and in which way the data needs to be processed.

For Subtilis Accountancy,

The data controller is Subtilis Accountancy Ltd, Innovation House at 39 Mark Road, Hemel Hempstead, Herts HP2 7DN.

The data protection officer is Shareen Khan who can be contacted through the above address or can be emailed at or can even be available through calling at 07928793228.

What is the Data Processor?

A data processor is a person or an organization which processes personal data for the data controller.

What is Data Processing?

Any operation or set of operations performed upon personal data both manually or via automated systems is known as data processing. This might include as stated in the GDPR are – collection, structuring, recording, organising, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.

What is a Subject Access Request?

Subject Access Request or a SAR is the legal right for requesting a copy of the information regarding you conducted by the data controller. You can seek the information from the data controller, and through them, the data processor, to change the personal data or any data that is needed to be omitted. (but this is only within the constraints of the legal requirements of the said data)

How we use your personal information?

Subtilis Accountancy, as a data controller, is bound to abide by the requirements of the General Data Protection Regulations (GDPR).

It is after your agreement that we are entitled to attain, use and process the personal information or the data that you have provided to us to endow us the discharge of the services. This is according to the state defined in the Letter of Engagement and Supporting Schedule. Being a client of Subtilis Accountancy, we always strive to assure you of the fact that all your personal data will be highly secured and protected. It is protected by organisational and technical measures and the data that we have collected from you will only be used for the financial management of your organisation.

There is information that falls under the category of sensitive personal data that is required for the completion of money laundering checks. This information will only be used for prevention against money laundering and terrorist financing.

What personal information we might collect from you?

Subtilis Accountancy is bound by the requirements of the General Data Protection Regulations (GDPR). Being the client of Subtilis Accountancy, we might require some sort of personal information about you, your family, partners, employees and partners. According to the services agreed in the Letter of Engagement, this information or the data might include –

Personal information that includes, address, DOB, national insurance number, marital status and tax references.
Sensitive personal data for the requirement of the prevent of the money laundering requirements.
Accounting details
Payroll data
Pension details


What Are The Proceedings Of The Data?

The proceedings of the data will only be conducted by Subtilis Accountancy relatable to the services that were previously in agreement in the Letter of Engagement and supporting Schedules too. The might bear the involvement of the –

Tax Returns
Company Budget Planning
Workplace Benefits
Cash flow Forecast

Please be sure that we might also process some of the personal information due to the following –

Updating Client’s records
Conducting analysis for management purposes
Statutory returns
Legal and regulatory compliance
Crime prevention

For How Long, Will You Data Be With Us?

Typically, we will secure your data with us for 7 years after the closure of your account in accordance with the regulatory data retention requirements. Data might be retained for more than 7 years due to legal proceedings or on-going litigation or if requested by you.

Sharing And Transmitting Of The Data

Subtilis Accountancy will NEVER EVER sell, rent and share any of the controller’s information or the data to the third party. It can only be done for the places where it is required for receiving the services agreed in the Letter of Engagement.

The only personal data that might be transferred to appropriate third parties on the following grounds –

HMRC for the purpose of complying with the statutory requirements that including VAT returns, tax filing, CIS returns.
Companies house for the functioning of statutory company reporting
Your payroll pension provider
To and from any of your cloud computing software systems for accounting and invoicing platforms.
Any other financial management services but only with your due consent.


We might need to transfer your data to our software providers, where the data has become damaged and need repairing. During this time, we will seek your permission and assure you that your data will remain safe and secured in encrypted form.

How Will We Communicate With You?

Subtilis Accountancy will be able to contact you through your telephone numbers, email addresses, or the addresses provided by you as part of the initial conversation with us or on terms of the agreement in the Letter of Engagement.

We might also occasionally send text messages to your mobile number but that is only restricted to the relation of the services you are in collaboration with us. In these texts, there will be no involvement of the personal details or information or for any marketing purposes.

The texts messages will only be forwarded to you if you agree on the grounds of receiving the same.

We might need your personal details to forward you related information or details about the third parties that we think you will show interest in.

These sort of communication will only be forwarded to you if you agree on the grounds of receiving the same.

Security of the Data

Subtilis Accountancy is solely committed to assuring you of the security of the data and your personal information. For the prevention of unauthorized access, we put the data in various physical, electronic and managerial procedures to protect, safeguard and secure the information.

The right of Access to data about you

GDPR give the right to you to access personal data about you that is conducted by Subtilis Accountancy. You are allowed to seek the information of the lawfulness of the data processing, to ask for the correction of the incorrect data, and for the information related to you to be erased (with legal or regulatory constraints).

To receive a copy of the data, make sure to make a Subject Access Request (SAR) to the data protection officer at Subtilis Accountancy. We are here to make you a copy of the required data as soon as possible, and that will be within a month of the receipt of the SAR.

Subject Access Requests should be made in writing to:

Shareen Khan, Director, Subtilis Accountancy,

Innovation House at 39 Mark Road, Hemel Hempstead, Herts HP2 7DN.

Subtilis Accountancy Website

We at Subtilis Accountancy, do no access to any information from our website. We will not monitor IP addresses from your computer, nor do we perform any analysis. The website contains some cookies which are completely responsible for the basic functioning of the site. No monitoring, tracking or sharing of information is conducted by the cookies.

We do use social networking sites. Though there is no sort of personal client information involved, there are sharing contents uploaded by us, visitors view and their likes and reviews are monitored.

Changes to our privacy policy

We regularly update according to the GDPR policy. Any changes that occur in the GDPR policy or sections will be on our website, the changes will be directly communicated to you in the next phase.

How can you get in touch with us

Please feel free to contact us for any information or queries regarding the privacy policy or about any other information we have about you:

Email us at –
Call us at –07928793228
By post to –
Innovation House
39 Mark Road
Hemel Hempstead
Herts HP2 7DN