02087718661 ts@thorntonspringer.co.uk

Privacy Statement and Cookie Policy


Privacy Policy


Thornton Springer's Group of Companies is a firm of chartered accountants and business advisers who are bound by our professional body’s relevant professional codes and regulations, including client confidentiality and the protection of client data.


We have adopted a risk-based approach to data protection, whereby our policies and procedures only cover those areas which apply to our use of personal information.


This privacy policy explains how we use any personal information we collect about you when you use our services.


It is your responsibility to share this policy with your employees whose information we hold as part of our service to you.




- What information do we collect?

- How do we collect your information?

- How do we use your personal information?

- Who we share your personal information with.

- How long we keep your information.

- Transferring your information overseas.

- Marketing.

- Updating, correcting and accessing your personal information.

- Security.

- Communication with you via email.

- Changes to our privacy policy.


What information do we collect?


We collect only the information necessary to perform the services that you have requested from us as agreed in the signed engagement letter.


The information we collect may include:

Your name, date of birth, NI number, passport number, address, email address, telephone number, job title, personal financial details and any other information we need in order to provide you with the services you require from us.


In some circumstances depending on the service we are providing to you, we may need more sensitive personal data like information about your physical or mental health, the commission or alleged commission of any offence by you, any proceedings for an offence committed or alleged offence committed by you, your membership of a Trade Union, etc.


You do not have to provide us with any personal information and you may at any time ask us to restrict or stop processing the personal information which you have supplied to us.


If however you decide not to supply us with the personal information we require or to restrict or stop us from further processing your personal information, we may not be able to provide you with the services that you have requested us to do.


How do we collect your information?


We collect your personal information directly from you or a third party acting under your instruction or on your behalf.


We collect your information in line with relevant regulations and law. This may relate to any of our services you apply for, currently use or have used in the past.


Where we perform payroll services for your company, we usually collect employee information that you as the employer make available to us. We only collect employee information to the extent that is needed in order to perform the services you require from us.


How do we use your personal information?


We use the personal information you give us to perform services that you request from us. These services are stipulated in the letter of engagement that you agree to.


We cannot do any processing outside of the engagement letter without separate instruction from you.


We have no automated decision-making procedures in place. All decision-making is done by actual people.


Who we share your personal information with


We may share your information with third parties in order to provide our agreed service to you. These third parties include, but are not restricted to HM Revenue & Customs for taxation purposes, Companies House, pension companies regarding auto-enrolment, credit and identity check agencies as part of law enforcement and our regulators and supervisory authorities like the Financial Conduct Authorities (FCA) and The Institute of Chartered Accountants in England and Wales (ICAEW).


You may request that we share your personal information with a specific third party.


How long we keep your information


We may keep your information for as long as you have a relationship with us. After the relationship ends, we continue to keep it only where we may need it for our legitimate purposes e.g. our legal obligation under HMRC or responding to requests from regulators.


You may at any time request from us to destroy your personal information before or after the end of your relationship with us. Keep in mind that we will no longer be able to supply the services you requested from us once your personal information has been destroyed. We can only comply with this request where there is no overriding legal obligation that we are bound by.


Documents and records relevant to your tax affairs are required by law to be retained for a period of 6 years.


Although certain documents may legally belong to you, we may destroy correspondence and other papers that we store electronically or otherwise that are more than six years old, except documents we think may be of continuing significance.


You have a legal responsibility to retain documents and records relevant to your financial affairs, so we will return any original documents to you if requested.


Transferring your information overseas


We may export personal information you supply to us outside the EU/EEA/UK for the purposes of storage and data processing as we do not have control over the location where certain cloud based accounting and other systems store data. We will ensure all such information exports is compliant with relevant data protection legislation. Where cloud based services are to be used you may be subject to cloud services terms and conditions.




Generally we do not send any marketing information to you unless you registered on our website where you have explicitly selected to receive marketing and other information from us.


If you are registered on our website you may change your personal preferences regarding the information you receive from us, at any time. It is your responsibility to review and update these preferences on your profile.


Updating, correcting and accessing your personal information.


It is your responsibility to make sure the personal information we have is up to date and accurate at all times. You can update or correct your personal information at any time by informing us to do so and supplying us with the corrections and updates.


At any point in time you may access your data and supplementary information that is in our possession. We will do our best to provide your personal information to you within 30 days at no charge.


You may at any time ask us to restrict or stop processing your personal information in order to update or correct the information. Keep in mind that such an action may prevent us from performing the service that you have requested from us.




We follow strict security procedures (including appropriate technical and organisational measures) regarding the storage and disclosure of your personal information to safeguard against unauthorised or unlawful processing, destruction, damage, access or loss. We store electronic information you provide to us on secure servers and take appropriate measures to ensure that information disclosed to us is kept accurate and safe.


Physical paperwork is stored on our premises where we have put appropriate security measures in place to ensure the safety of your personal information. These measures include a state of the art security system, key code access, etc.


Security relating to your use of our website is contained in a separate Privacy Notice on the website itself under the Privacy Statement. You can find our web address in this document under ‘Changes to our privacy policy’.


All our security measures are reviewed and updated on a regular basis.


Communication with you via email


Communicating with you via email has always involved risk. There is a risk that emails sent over the internet may be intercepted, there is no guarantee that an email received over an insecure network has not been altered during transit and attachments could contain a virus or malicious code.


You may prefer that we discontinue using emails for communication and information exchange with you. If so, we are happy to respond by an alternative method. We will agree this with you in person, by telephone or in writing via post.


Keep in mind that such an action could prevent us from performing the service that you have requested from us effectively and efficiently.


Changes to our privacy policy


We keep our privacy policy under regular review and we will place any updates to this policy on our web page. This privacy policy was last updated in 2018.


Our website policy follows below:


Our Privacy Statement

By using our site, you consent to us processing your data and you warrant that all data provided by you is accurate.

Information about us

We are Thornton Springer 67 Westow Street London SE19 3RW United Kingdom VAT No 220 1247 28 Company Registration No OC311705 Registered in England and Wales

For more information, please see our Contact Us page and/or the footer of this website.

This Website is designed and hosted on behalf of Thornton Springer by PracticeWeb a trading division of Sift Media Limited (company registration number 05923499) a subsidiary of Sift Limited (company registration number 03230061) who provide some of the information which is on this Website. This Website may have links to another website hosted by Sift Limited ("Sift Website") which enables you to access third party services.

In these terms and conditions: "Sift Limited" means Sift Limited (company registration number 03230061) whose registered office is Bridge House, Baldwin Street, Bristol BS1 1QP and any company which is at the relevant time a subsidiary or holding company of Sift Limited and any subsidiary of any such holding company (and "subsidiary" and "holding company" shall have the meanings set out in sections 736 and 736A of the Companies Act 1985).

Personal information

We do not collect any personal information about website users other than:

  • information provided by Users when completing forms on the website including but not limited to the contact and website registration form.
  • that facilitated by the use of "cookie" technology. "Cookies" are designed to enhance your online visit and permit you to access the full service within the website.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as your postcode) the User can update or remove that user’s personal data provided to us in the User's personal profile page or by sending an email to ts@thorntonspringer.co.uk.

Log Files

We use IP addresses to analyse trends, administer the site, track user's movement, and gather broad demographic information for aggregate use.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how Users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected both online and offline.

When our registration form asks users to enter information, that information is encrypted and is protected with the best encryption software in the industry - SSL. While on a secure page, such as the user profile page, the lock icon in the address bar of Web browsers such as Internet Explorer, Chrome and Firefox becomes locked, as opposed to un-locked or open, as will be the case for most of the time that a user is browsing the web.

If you have any questions about the security at our website, you can send an email to ts@thorntonspringer.co.uk.

Notification of Changes

If we decide to change our privacy policy, we will post those changes on this page so our users are always aware of the information we collect and how we use it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

If you register as a user of the website you will be asked for some basic information. Please note that registration is not required for all areas of the website, however we do encourage you to register in order to gain full access to the website content/information and online services. There are technological and operational security systems in place that provide protection for personally identifiable information from loss or misuse.

Where links are provided to other websites it should be noted that they are not and cannot be governed by our Privacy Statement. We cannot guarantee your privacy when you access other websites through any link provided on this  website.

Notices and Disclaimers

These disclaimers also extend the above rights to our website provider - see service agreement, terms and conditions.


A cookie is a small text file written to your hard drive that contains information about you. Cookies do not contain any personal information about users.

The website provider (PracticeWeb) uses cookies to personalise your experience of the Website. Most web browsers allow you to control how cookies are accepted by adjusting your web browsers settings. If you set up your browser to reject the cookie, you may still use the Website.

Services delivered via the website such as video or embedded content from external providers may also place cookies on your machine (computer).

By continuing to use this site you are deemed to be accepting the terms and conditions and consenting to the website placing cookies on your machine (computer) as set out in the Cookies information page.

ICAEW Badge      ACCA