Our terms & privacy

terms & conditions

Terms of website use 

This site has been developed to enable us at Acey Bookkeeping to share our services with you. The content of this site including all imagery and text is the sole property of Acey Bookkeeping and as such should not be copied, downloaded or changed in any way.

Please read these terms of use carefully before you start to use the site. By using our site, you indicate that you accept these terms of use and that you agree to abide by them. If you do not agree to these terms of use, please refrain from using our site.

Reliance on information posted and disclaimer

The materials contained on our site are provided for general information purposes only and do not claim to be or constitute legal or other professional advice and shall not be relied upon as such. We do not accept any responsibility for any loss which may arise from accessing or reliance on the information on this site and to the fullest extent permitted by English law, we exclude all liability for loss or damages direct or indirect arising from the use of this site.

Intellectual property rights

We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.

You may print off one copy and may download extracts, of any page(s) from our site for your personal reference and you may draw the attention of others within your organisation to material posted on our site.

You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences, or any graphics separately from any accompanying text.

Our status (and that of any identified contributors) as the authors of material on our site must always be acknowledged. You must not use any part of the materials on our site for commercial purposes without obtaining a license to do so from us or our licensors.

If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.



We reserve the right to make alterations to our website at any time and while we will, of course, endeavour to keep the site updated please be aware that there may be times when the site is not current and we are under no obligation to update this information.


Virus, hacking and other offences

You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful.

You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site.

You must not attack our site via a denial-of-service attack or a distributed denial-of-service attack. By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990.

We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them.

In the event of such a breach, your right to use our site will cease immediately. We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any material posted on it, or on any website linked to it.


  1. Our fees shall be calculated according to the time spent completing your instruction and may be charged separately for each area of work we carry out. We will bill you at reasonable and frequent intervals through out the year and you will be liable for payment of our fees within 30 days of receipt of any of our invoices.

2. It is agreed that you shall pay us via BACS by the 25th day of every month, and that such payments are to be partial payments and/or contributions to the work we carry out.

3. If you do not accept that an invoiced fee is fair and reasonable you must notify us within 21 days of receipt, failing which you will be deemed to have accepted that payment is due.

4. Should a fixed fee be agreed for the provision of a specific service, the fee and service must be clearly and explicitly stated in writing and signed by both parties.  The fixed fee shall apply only to the exact work specified in the quote and should it become apparent that the fixed fee is not tenable, we reserve the right to contact you and provide a revised figure on which we shall seek your written agreement.

5. Any previous estimate we have provided concerning our likely fees will not be contractually binding unless we explicitly stated, in writing, that that will be the case.


ICB Regulations

1. We observe and act in accordance with the Professional Conduct Regulations of the Institute of Certified Bookkeepers (“ICB”) and accept your instructions on the basis that we shall abide by those Regulations.  We are not liable for any loss and/or damage and/or cost arising from our compliance with statute or the ICB Regulations.

2. We are obliged by law and by ICB to undertake checks to ensure that you and your business are operating lawfully. The checks require us to obtain and retain proof of your beneficial owner’s, officer’s and manager’s identity and residence. By agreeing to our terms of engagement you accept that we are authorised to complete such checks as necessary.

Client Identification

1. As bookkeepers we are obliged to comply with the duties laid out by the Bribery Act 2010, Fraud Act 2006, Criminal Finances Act 2017, Terrorism Act 2000, Proceeds of Crime Act 2002 and the Money Laundering Terrorist Financing and Transfer of Funds Regulations 2017 as well as other UK law.

2. Part of those duties requires us to obtain documentary evidence to confirm the identity, addresses and business details of you and your beneficial owners, officers and managers, which we will require before accepting your instruction.

3. We will accept your instructions on the assumption that you are honest and law abiding, however, should suspicions arise concerning criminal activity, terrorism and/or money laundering we will be obliged to make a report to the appropriate authorities and may be prohibited from telling you we have done so.

4. We will not be liable for any loss and/or costs which result from our compliance with the Bribery Act 2010, Fraud Act 2006, Criminal Finances Act 2017, Terrorism Act 2000, Proceeds of Crime Act 2002, the Money Laundering Terrorist Financing and Transfer of Funds Regulations 2017 

Privacy Policy

Who we are

Our website address is https://www.aceybookkeeping.co.uk


This notice outlines the data protection policies and procedures we have adopted and to which we abide to ensure we are GDPR compliant.  The purpose of this notice and any other documents referred to in it, is to list clearly and identify the legal requirements, procedures and rights which must be established when we obtain, process, transfer and/or store your personal data. This Notice will assist you in understanding the obligations, responsibilities and rights which arise from the Data Protection Laws.


Everyone has rights with regard to the way in which their personal data is handled. In order to operate efficiently we need to collate and use information about the people with whom we work. This includes current, past and prospective employees, clients, and others with whom we communicate.  

We regard the lawful and correct treatment of personal information as integral to successful operation and to maintaining the confidence of the people we work and communicate with. To this end we fully endorse and adhere to the principles of the relevant laws. 

We are registered as a Data Controller on the Register kept by the Information Commissioner’s Office.

Definitions in this Privacy Notice 


Information stored electronically, on a computer, server or in certain paper-based filing systems.

Data Controller:

Acey Bookkeeping Ltd has determined the purposes for which, and the manner in which, your Personal Data is processed. The Data Controller has overall responsibility for compliance with the Data Protection Laws.  Any questions about the operation of this notice or any concerns that the notice has not been followed should be referred in the first instance to The Data Protection Office at Acey Bookkeeping Ltd.

Data Processor:

Any person or organisation that is not a Data User that processes personal data on our behalf and in accordance with our specific instructions. Our staff will be excluded from this definition but the definition could include suppliers who handle personal data on our behalf.

Data Subjects:

All living individuals about whom we hold personal data. All Data Subjects have legal rights concerning the processing and storage of their personal information.

Data Users:   

Our employees whose work involves processing your Personal Data. Data users are responsible for the proper use of the data they process and must protect the data they handle in accordance with this notice. 

The Enactments:

The Data Protection Act 1998 (the Act) up to and until 25 May 2018 after which The General Data Protection Regulations 2017 (GDPR) apply, both of which regulate the way in which all personal data is held and processed.

Personal Data:

Information which can be used to directly or indirectly identify a living individual.


Any activity in which the data is used, including (but not limited to) obtaining, recording, organising, amending, retrieving, using, disclosing, erasing, destroying and/or holding the data. The term “processing” also includes transferring personal data to third parties.

Supervisory Authority:

The authorised body which is empowered to govern and manage how the GDPR is implemented and abided by in a particular EU state.  In the case of the UK the supervisory authority is the: Information Commissioner’s Office.  

Notice Statement

In accordance with the GDPR anyone processing personal data must comply with the six principles of good practice.

These provide that personal data must:

  1. Be processed fairly, lawfully and transparently.
  2. Only be used for the purpose for which it was collected.
  3. Be adequate, relevant and not excessive for the purpose for which it is being processed.
  4. Be accurate and kept up-to-date.
  5. Not be kept longer than necessary to fulfil the purpose of its collection.
  6. Be kept secure and protected from unauthorised processing, loss, damage or destruction [which includes the data not being transferred to a country or territory outside the European Economic Area unless the Personal Data is adequately protected and/or consent of the Data Subject has been provided.
  7. Fair, Lawful and Transparent Processing.


For personal data to be processed lawfully, the basis for the processing must be one of the legal grounds set out in the Enactments. These include, among other things, your written consent to the processing, or that the processing is necessary for the performance of our bookkeeping contract with you.

In the event we collect personal data directly from you, this notice should assist in informing you about:

  1.  The purpose or purposes for which we intend to process your personal data.
  2. The types of third parties, if any, with which we may share or disclose your personal data.
  3. The means with which you can limit our processing and disclosure of your personal data.

If we receive personal data about you from other sources, we will provide you with this information as soon as possible thereafter. When sensitive personal data is being processed, additional conditions and securities must be in place to ensure protection.

Processing for Limited Purposes

In the course of our business, we shall process the personal data we receive directly from you (for example, by you completing forms, sending us papers or from you corresponding with us by mail, phone, email or otherwise) and your personal data which we receive from any other source. 

We shall only process your personal data to fulfil and/or enable us to satisfy the terms of our obligations and responsibilities in our role as your bookkeeper or for any other specific purposes permitted by the Enactments.  

Adequate, Relevant Non-Excessive Processing

We will only collect and process your personal data as required to fulfil the specific purpose/s of our contract and agreements with you.

Accurate and up to Date Data 

We shall ensure that all personal data held is accurate and up to date and will check the accuracy of any personal data at the point of collection and at regular intervals afterwards. If you become aware that any of your personal data is inaccurate, you are entitled to contact us and request that your personal data is amended. We will take all reasonable steps to destroy or amend inaccurate or out-of-date data.  

The Timely Processing of the Data 

We will not keep personal data longer than is necessary for the purpose or purposes for which it was collected. Once personal data is no longer required, we will take all reasonable steps to destroy and erase it.   

Keeping Your Personal Data Secure

Our employees and contracted personnel are bound to our privacy policies, procedures and technologies which maintain the security of all your personal data from the point of collection to the point of destruction. 

We maintain data security by protecting the confidentiality, integrity and availability of your personal data, and when we do so we abide by the following definitions:

  1.  Confidentiality: We ensure that only people authorised to use your personal data can access it. 
  2. Integrity: We will make certain that your personal data is accurate and suitable for the purpose for which it is processed.
  3. Availability: We have established procedures which mean only our authorised data users should be able to access your personal data if they need to for authorised purposes. 

We also maintain security procedures which include, but are not limited to:

  1.  Methods of disposal. Paper documents containing personal data are shredded and digital storage devices shall be physically destroyed when they are no longer required.
  2. Data Users shall be appropriately trained and supervised in accordance with this notice which include requirements that computer monitors do not show confidential information to passers-by and that data users log off from or lock their PC/electronic device when it is left unattended.
  3. Our computers have appropriate password security, boundary firewalls and effective anti-malware defences. We routinely back-up electronic information to assist in restoring information in the event of disaster and our software is kept up-to-date with the latest security patches.
  4. We shall take appropriate security measures against unlawful and/or unauthorised processing of personal data, and against the accidental loss of, or damage to, your personal data.

How We Will Use Your Personal Data

We only collect and process your personal data to the extent that it is needed to fulfil our operational and contractual needs or to comply with any legal requirements.

We shall access and use your personal data in accordance with your instructions and as is reasonably necessary:

  1.  To fulfil our contractual obligations and responsibilities to you.
  2. To provide, maintain and improve our bookkeeping services.
  3. To respond to your requests, queries and problems. 
  4. To inform you about any changes to our services and related notices, such as security and fraud notices.


Your Rights and Requests Concerning Your Personal Data

We will process and manage all your personal data in line with your rights; in particular your rights to:

  1.  Request access to any data we hold about you.
  2. Prevent the processing of your personal data for direct-marketing purposes, if so instructed.
  3. Ask to have inaccurate personal data amended.
  4. Be forgotten, and have all relevant personal data erased (subject to our overriding legal obligations).
  5. Prevent processing which is likely to cause damage or distress to you or anyone else.
  6. Request certain restrictions on the processing of your Personal Data;.
  7. Receive a copy of your personal data and/or request a transfer of your personal data to another data controller.
  8. Not be subject to automated decision making;.
  9. Be notified of a data security breach which affects your rights and freedoms, without undue delay.
  10. Make certain requests to us concerning how your personal data is managed.  

Access and Portability Requests

You are entitled to request access to your personal data unless providing a copy would adversely affect the rights and freedoms of others.

You can also request information about the different categories and purposes of data processing; recipients or categories of recipients who receive your personal data, details on how long your personal data is stored for, information on your personal data’s source and whether the data controller uses automated decision-making.

You also have “Data Portability” rights which includes the right to request a copy of your personal data be sent to you or transmitted to another data controller.

Correction requests

You are entitled to request we correct or complete your inaccurate or incomplete personal data without undue delay and we will update the information and erase or correct any inaccuracies as required.

Erasure Requests

You can exercise your “right to be forgotten” and can request we erase your personal data. Once receiving a request we must erase the personal data without delay, unless an exception applies that permits us to continue processing your data.  Details of such exceptions are contained in the Enactments and include situations where we might need to retain the information to carry out our official duties and/or comply with legal obligations and/or for the establishment of exercising or defending legal claims, or it is in the public interest to retain your personal data.

Restriction Requests 

You may request restrictions be applied to the processing of your personal data for some specific reasons such as you contest the accuracy of the data, the processing is unlawful or if we no longer need to process your personal data.  You can also request restrictions be applied if the processing is being done for public interest or third party reasons

If such a request is received we can continue to store your personal data, but may only process it under certain circumstances, such as: you give consent for us to continue processing your data, we need to establish, exercise, or defend legal claims or we need to protect the rights of another individual or legal entity or for important public interest reasons.

Your Complaints

If you feel that your questions or concerns regarding your personal data have not been dealt with adequately or that your request has not been fulfilled by us, you can use our complaints procedure, by emailing us at info@aceybookkeeping.co.uk.

If, at the conclusion of our complaints procedure you do not feel that we have adequately dealt with your complaint you may make a complaint directly to ICO: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow Cheshire SK9 5AF (Tel: 0303 123 1113) (email. casework@ico.org.uk).

Changes to our Data Protection Policy 

We keep our privacy policy under regular review and reserve the right to amend and update the policy as required. Where appropriate, we will notify you of those changes by mail, email and/or by placing an updated version of the policy on our website.