Skip to main content
DAN AUDITSLIMITED
DAN AUDITS LIMITED

Legal

Privacy Policy

Last updated: Last updated: 04/05/2026

1. Introduction

DAN AUDITS LIMITED (“we”, “us”, “our”) respects your privacy and is committed to handling personal data lawfully, fairly, and transparently.

This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you visit our website, contact us, submit an enquiry, book a call, or otherwise interact with us.

This Policy is intended to comply with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

2. Controller

For the purposes of the UK GDPR, DAN AUDITS LIMITED is the controller of personal data processed under this Policy.

If you have any questions about this Policy or our data handling practices, you may contact us using the details published on our website.

3. Scope of this Policy

This Policy applies only to personal data processed by us in connection with our website, enquiries, communications, engagements, client administration, and related business operations.

It does not apply to third-party websites, platforms, booking tools, email providers, cloud services, or other systems that may be linked to or used in connection with our services, each of which is governed by its own terms and privacy practices.

4. Personal Data We May Collect

We operate a data-minimisation approach. We seek to collect only personal data that is necessary for limited, defined, and legitimate business purposes.

We may collect the following categories of personal data:

  • name;
  • business name;
  • job title or role;
  • email address;
  • telephone number;
  • enquiry content and correspondence;
  • booking details;
  • limited information voluntarily provided by you that is relevant to the nature of your enquiry or engagement;
  • billing and payment-related information where relevant;
  • records of communications and service administration.

We do not seek to collect more data than is reasonably necessary for the stated purpose.

5. Data We Do Not Request

Unless we expressly request it in writing for a defined and lawful purpose, you must not provide:

  • bank statements;
  • full financial records;
  • tax returns;
  • VAT returns;
  • payroll records;
  • employee records;
  • statutory accounts;
  • management accounts;
  • identification documents;
  • special category data;
  • criminal offence data;
  • medical information;
  • any other sensitive or unnecessary personal data.

If you provide information outside scope, we may ignore it, delete it, redact it, or decline to process it, without liability.

We do not intentionally collect special category data. If such data is inadvertently received, we will handle it in accordance with applicable law and may delete it where appropriate.

6. How We Use Personal Data

We process personal data only where necessary for one or more of the following purposes:

  • responding to enquiries;
  • assessing whether we can accept an engagement;
  • arranging and managing calls or meetings;
  • providing our services;
  • communicating with clients or prospective clients;
  • preparing, issuing, and managing documents;
  • maintaining business, accounting, and compliance records;
  • protecting our legal rights and interests;
  • complying with legal, regulatory, tax, accounting, or contractual obligations;
  • detecting, preventing, or investigating misuse, fraud, security incidents, or unlawful activity.

We do not use personal data for automated decision-making that produces legal or similarly significant effects.

7. Lawful Bases for Processing

We process personal data only where we have a lawful basis to do so. Depending on the context, we rely on one or more of the following:

  • Legitimate interests: for example, to respond to enquiries, manage our business, maintain records, protect our rights, and improve our service delivery;
  • Contract: where processing is necessary to enter into or perform a contract with you;
  • Legal obligation: where processing is required to comply with applicable law;
  • Consent: where we rely on consent for a specific purpose, and where applicable law requires it.

Where we rely on legitimate interests, our interests are limited to the proper operation, protection, and administration of our business and services, and we will not process personal data where your rights and freedoms override those interests.

8. Information You Submit

You are responsible for ensuring that any personal data or other information you submit to us is accurate, relevant, and limited to what is necessary for the purpose of your enquiry or engagement.

You should not include unnecessary sensitive data in free-text forms, attachments, or email correspondence.

If you submit personal data relating to another person, you confirm that you have authority to do so and that you have provided that person with any required notice.

9. Sharing of Personal Data

We do not sell, rent, or trade personal data.

We may share personal data only where necessary and proportionate for legitimate business purposes, including with:

  • IT and cloud service providers;
  • email, hosting, and website providers;
  • booking and calendar service providers;
  • document storage and productivity providers;
  • payment processors;
  • professional advisers such as lawyers, accountants, insurers, or compliance advisers;
  • regulators, courts, law enforcement bodies, or other authorities where required or permitted by law;
  • third parties in connection with the protection, exercise, or defence of legal rights.

Where we use processors or service providers, we seek to ensure they are subject to appropriate confidentiality, security, and data protection obligations.

10. International Transfers

Some service providers may process data outside the UK.

Where this occurs, we will take reasonable steps to ensure appropriate safeguards are in place in accordance with applicable data protection law, including where relevant an adequacy regulation or approved transfer mechanism.

11. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes for which it was collected, including to:

  • manage enquiries;
  • provide services;
  • maintain records;
  • comply with legal, accounting, tax, insurance, and regulatory obligations;
  • establish, exercise, or defend legal claims.

Retention periods will vary depending on the type of data and the purpose of processing.

Where data is no longer required, we may delete, anonymise, or securely archive it.

12. Security

We implement reasonable technical and organisational measures designed to protect personal data against unauthorised access, accidental loss, destruction, alteration, disclosure, or misuse.

However, no system is completely secure. Transmission of information by email, web form, cloud service, or other electronic means is not risk-free, and you use such methods at your own risk.

13. Cookies and Similar Technologies

Our website may use strictly necessary cookies to enable core functionality.

Where we use analytics, performance, or other non-essential cookies, we will seek consent where required by law before placing them.

You can usually configure your browser to refuse some or all cookies, but this may affect website functionality.

14. Links to Third-Party Websites

Our website may contain links to third-party websites, platforms, or resources. We are not responsible for the content, security, or privacy practices of those external sites.

You should review the privacy notices and terms of any third-party site before providing information to it.

15. Your Rights

Subject to applicable law, you may have rights in relation to your personal data, including the right to:

  • access your personal data;
  • request rectification of inaccurate personal data;
  • request erasure in certain circumstances;
  • request restriction of processing in certain circumstances;
  • object to processing in certain circumstances;
  • request data portability in certain circumstances;
  • withdraw consent where processing is based on consent.

These rights are not absolute and may be subject to legal exceptions or limitations.

16. How to Exercise Your Rights

To exercise any data protection right, please contact us using the contact details published on our website.

We may need to verify your identity before responding. We may also request additional information to clarify the scope of your request.

We will respond within the time period required by applicable law, subject to any lawful extension.

17. Complaints

If you have concerns about our handling of personal data, please contact us first so that we can try to resolve the issue.

You also have the right to complain to the UK Information Commissioner's Office.

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or technical changes.

The version published on our website at the time of use will apply unless otherwise stated.

19. Contact

DAN AUDITS LIMITED
85 Great Portland Street, First Floor
London W1W 7LT, United Kingdom
Email: info@danaudits.co.uk