PRIVACY POLICY
Last updated: Friday 1st May 2026
This Privacy Policy explains how The Uncommon Accountants Limited (“we”, “us”, “our”) collects, uses, stores, and protects personal data when you use our website.
We are committed to protecting your privacy and handling your personal data in a transparent and lawful way, in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable UK privacy laws.
1. Who We Are
Company name: The Uncommon Accountants Ltd trading as The Uncommon Practice
Registered address: Unit 2G, Redwither Tower, Redwither Business Park, Wrexham, Wales, LL13 9XT
Company type: Limited Company
Company number: 12785684
Email (privacy enquiries): support@theuncommonpractice.com
2. Data Protection Officer (DPO)
We have appointed Heather Cheetham, Company Director, as our Data Protection Officer.
If you have any questions about this Privacy Policy or how we handle your personal data, please contact:
support@theuncommonpractice.com
3. How We Collect Personal Data
We collect personal data in the following ways:
Direct interactions - when you complete forms, contact us, register for events, download resources, or communicate with us
Automated technologies - through cookies, server logs, and analytics tools when you browse our website
Third-party sources - where permitted, such as CRM systems, marketing platforms, or publicly available business information
4. Categories of Personal Data We Collect
Depending on how you interact with us, we may collect:
a) Identity & Contact Data
Name
Email address
Telephone number
Company name
Job title
b) Technical Data
IP address
Browser type and version
Device type and operating system
Time zone and location data
c) Usage Data
Pages visited
Time spent on the website
Interaction behaviour
d) Marketing & Communications Data
Marketing preferences
Records of consent or opt-outs
e) Recruitment Data (where applicable)
CVs
Employment history
Qualifications
5. How We Use Your Personal Data
We use your personal data to:
Respond to enquiries and requests
Provide and improve our services
Manage relationships with clients and prospects
Send marketing communications (where permitted)
Register and manage events
Analyse website performance
Comply with legal and regulatory obligations
6. Lawful Bases for Processing
We rely on the following lawful bases under UK GDPR:
Consent
Contractual necessity
Legitimate interests
Legal obligation
Where we rely on consent, you may withdraw it at any time.
7. Marketing Communications
We may send marketing emails where:
You have explicitly opted in; or
We have a legitimate business interest and are permitted to do so by law
You can unsubscribe at any time using the link in our emails or by contacting us.
We do not send SMS or text-message marketing.
8. Children’s Data
Our website is not intended for children under the age of 13, and we do not knowingly collect personal data from children.
If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
9. Who We Share Data With
We do not sell personal data.
We may share data with trusted third parties acting as data processors, including:
Website hosting and management providers (e.g. Wix)
CRM and marketing automation providers (e.g. Zymplify)
Analytics and advertising platforms
Professional advisers and regulators where required
All processors are bound by contractual obligations to protect your data.
10. International Data Transfers
Some of our service providers may process personal data outside the UK.
Where this occurs, we ensure appropriate safeguards are in place, including:
UK International Data Transfer Agreements (IDTA)
UK Addendum to EU Standard Contractual Clauses
Adequacy decisions issued by the UK government
11. Cookies and Tracking Technologies
We use cookies and similar technologies to operate and improve our website.
Details of the cookies we use, their purpose, and how to control them are set out in our Cookie Policy, available via our website footer.
12. Data Retention
We retain personal data only for as long as necessary, including:
Enquiry data: typically up to 24 months
Marketing data: until consent is withdrawn
Client or contractual data: up to 6 years for legal and accounting purposes
Recruitment data: typically up to 12 months
Retention periods may vary depending on legal or operational requirements.
13. Data Security
We use appropriate technical and organisational measures to protect personal data, including:
Access controls and authentication
Secure hosting environments
Encryption where appropriate
Staff confidentiality obligations
Procedures for identifying and responding to data breaches
14. Automated Decision-Making and Profiling
We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on individuals.
If this changes, we will update this Privacy Policy accordingly.
15. Links to Third-Party Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites.
We encourage you to read their privacy policies.
16. Your Data Protection Rights
You have the right to:
Access your personal data
Rectify inaccurate data
Request erasure
Restrict processing
Object to processing
Data portability
Withdraw consent
To exercise your rights, contact: support@theuncommonpractice.com
17. Complaints
You have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)
18. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
Changes will be posted on this page and reflected in the “Last updated” date.
Continued use of our website indicates acceptance of the updated policy.