Privacy Policy

GDPR compliance statement

Gilberts takes the privacy of its clients and employees very seriously. We have been working hard to ensure full compliance with the GDPR in every area of our operations. We have looked at the keys areas of the legislation and put systems, procedures, training and policies in place. This is to ensure that any personal data that we process is secure and protected in line with data protection principles, individuals' rights, best practice and the state of the art data security by design. We have documented our data protection work and have no doubt that we can demonstrate compliance with the GDPR.

Our privacy policy

Information you provide to us

Information provided by clients: As part of our contracted services with clients we will collect, store and process personal data such as contact details, bank account details, email addresses, dates of birth, national insurance numbers, passport numbers and payroll information. We will only collect information necessary for the performance of our contracted services provided.

Information provided on our website: By providing personal information such as your name and e-mail address via the forms on this website, you agree to us contacting you with regard to the information you request. We will not email you with marketing information.

Sharing your information

Under no circumstances will your personal information be sold for use by any other organisation.

As part of our contracted services with clients, we may share your personal information with third parties such as HMRC and Companies House. You may request for your information to be forwarded to other third parties and we will only do so with your express permission.

We may, as a matter of law, and without requiring notice or consent, use your personal information for crime and fraud prevention and to monitor and/or enforce our compliance with any regulatory rules and codes.

Retention of information

We regularly review our personal and private data storage and use data minimisation at all times to limit the data we hold. We keep data only as long as is necessary and in accordance with UK law.

Where information has been collected in connection with an expression of interest in working for Gilberts, we may use, hold and destroy personal data supplied in this connection in accordance with the firm's standard recruitment procedures and details may be retained for up to the next twelve months for the purpose of notification of suitable vacancies that might arise.

Access to your information and correction

You have the right to request a copy of the information that we hold on you and you may ask us to correct information that is inaccurate. You have the right to request that the information is fully deleted from our system (although we may be required to keep some records to ensure that you are not contacted in future, or to comply with any legal obligations).

Security of information

Gilberts’ personnel are required to keep personal information confidential and only authorised persons have access to such information. We are strongly committed to data security and we take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard and secure the information you provide to us.

Your personal information may be transferred outside the European Economic Area (the EEA), for example if Dropbox is being used. We only transfer your personal information outside of the EEA where we are satisfied that the transfer is in accordance with applicable data protection and privacy laws.

Data breach

Despite all our best efforts, should the unthinkable happen and we suffer a significant data breach that puts your personal data at risk, we have a legal duty to report this to the ICO within 72 hours of discovery. Our data breach policy includes mandatory notification requirements, both with the ICO and publicly with you, our clients.


Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.

You can set your browser not to accept cookies however, in a few cases, some of our website features may not function as a result.

Google Analytics

Our site also uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets cookies in order to evaluate your use of our site and to compile reports for us on visitor activity.

Google stores the information they collect on servers in the United States. They may also transfer this information to third parties where required to do so by law, or where such third parties process the information on their behalf. By accepting cookies, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Google’s privacy policy, and information on rejecting or deleting their cookies can be found at

How to contact us

Gilberts Chartered Accountants are the Data Controller. If you have any questions about our privacy policy or information we hold about you please contact us at:

If you are unsatisfied with the way we have processed your data please do let us know immediately, we take your feedback seriously and will do everything we can to help. You also have the right to lodge a complaint with the data supervisory authority the Information Commissioners Office:

Updating this privacy policy

We keep our privacy policy under regular review and we will place any updates on this web page.