Privacy Policy

1. Data Controller

MMK Accountants Ltd (“we”, “us”) is the data controller responsible for your personal data. We are registered in England and Wales with our principal office in Luton, United Kingdom.

2. Data We Collect

We collect the following categories of personal data:

• Account information: name, email address, password (hashed)
• Business details: company name, CRN, registered address, SIC code, incorporation date, director information
• Payment data: payment method, transaction records (card details are processed by Stripe and never stored by us)
• Agreement data: signature type, signature data, IP address, timestamp
• Technical data: IP address, browser type, device information, login timestamps
• Communication data: support ticket messages, email correspondence

3. Legal Basis for Processing

We process your data under the following legal bases:

• Contract performance: to provide the registered office service you have subscribed to
• Legal obligation: to comply with Companies House regulations, HMRC requirements, and anti-money laundering legislation
• Legitimate interests: to improve our services, prevent fraud, and communicate with you about your account
• Consent: for marketing communications (where applicable)

4. How We Use Your Data

• To provide and manage your registered office address service
• To process payments and manage subscriptions
• To notify you of received mail and service updates
• To generate and store signed agreements
• To respond to support enquiries
• To comply with legal and regulatory obligations

5. Data Sharing

We may share your data with:

• Payment processors: Stripe, for processing card payments
• Cloud providers: for secure data hosting and storage
• Companies House: as required for registered office address filings
• Legal authorities: where required by law or court order

We do not sell your personal data to third parties. We do not share your data for marketing purposes without your explicit consent.

6. Data Retention

We retain your personal data for as long as your account is active and for a period of 6 years after termination, in accordance with our legal and regulatory obligations. Payment records are retained for 7 years as required by HMRC.

7. Data Security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit (TLS) and at rest, secure password hashing, access controls, and regular security reviews.

8. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate or incomplete data
• Erase your data (subject to legal retention requirements)
• Restrict processing in certain circumstances
• Data portability — receive your data in a structured format
• Object to processing based on legitimate interests
• Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at info@mmkaccountants.co.uk.

9. Complaints

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

10. Contact

For privacy-related enquiries, contact us at info@mmkaccountants.co.uk.