01635 48200

Privacy Policy

HCA Business Support Services (“HCA”, “we”, “our”, or “us”) respects your privacy and is committed to protecting the personal information you share with us. This policy explains how we collect, use, store, and protect your information when you use our website hcabusiness.co.uk, contact us, or engage our services.

1. Information We Collect

We may collect and process the following types of personal data:

  • Contact information: name, email address, phone number, and business details when you contact us or complete a form on our site.
  • Client information: financial and business records you share with us when using our services (e.g. bookkeeping, payroll, tax).
  • Technical information: IP address, browser type, and usage data through cookies when you visit our website.
  • Communication records: correspondence by email, phone, or post.

2. How We Use Your Information

We use your personal data for the following purposes:

  • To respond to enquiries and provide our services.
  • To manage bookkeeping, payroll, tax, and related accountancy services.
  • To meet our legal and regulatory obligations.
  • To improve our website and services.
  • To keep you informed about updates or changes relevant to our services (where you have consented).

3. Legal Basis for Processing

We process personal data under the following lawful bases, as defined by UK GDPR:

  • Contractual necessity – to deliver the services you engage us for.
  • Legal obligation – to comply with HMRC and other statutory requirements.
  • Legitimate interests – to operate and improve our business in ways that do not override your rights.
  • Consent – where we send marketing communications (you may withdraw consent at any time).

4. Data Sharing and Third Parties

We will never sell your data. We may share personal data with:

  • Trusted third-party providers (e.g. secure cloud accounting platforms such as Xero).
  • Regulatory authorities, HMRC, or other bodies where required by law.
  • Professional advisers such as auditors or insurers.

All third parties are required to handle your data securely and in compliance with GDPR.

5. Data Storage and Retention

  • Your personal data is stored securely using encrypted systems and password protection.
  • We only retain personal data for as long as necessary to fulfil the purposes we collected it for, including legal, accounting, or reporting obligations.
  • Financial records are generally retained for six years in line with HMRC requirements.

6. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request erasure of your personal data where there is no legal basis for us to retain it.
  • Restrict or object to processing in certain circumstances.
  • Request transfer of your data to another provider (data portability).
  • Withdraw consent for marketing communications at any time.

To exercise these rights, please contact us using the details below.

7. Cookies

Our website currently doesn’t collect any user cookies.

8. Security

We take data protection seriously and use appropriate technical and organisational measures to safeguard your information against unauthorised access, loss, or misuse.

9. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at:

HCA Business Support Services
45 Bartholomew Street, Newbury, Berkshire RG14 5QA
Email: office@hcabusiness.co.uk
Phone: 01635 48200

If you are not satisfied with our response, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.