Privacy Statement

This website, (the “Site”), and all personal information collected from users of this site, is owned solely by Alwyns LLP. In this Privacy Policy references to “Alwyns”, “we”, “us”, “our”, are references to Alwyns LLP. We use the information from our customers and visitors to improve our online service for you. We respect your privacy and legal rights, and we take it very seriously.
This statement provides information about how we collect and use data from visitors to our Site and the persons and organisations we deal with when providing services and administering our business. It should be read in conjunction with our terms of engagement.

This statement (together with our Site Terms & Conditions and any other documents referred to in it) explains how we make use of personal data we collect from or about you or which you provide to us.
Please find below further information regarding our privacy policy.

Our privacy commitment
We promise to keep any data you provide to us safe and private and to treat your information fairly and lawfully. We are committed to protecting your personal privacy.

We will provide you with ways to manage and review the marketing we send to you and we will provide you with an opportunity to opt out from marketing from us in all marketing communications (email or post) that we may send to you. We will not sell the data you provide to us to any other organisation or third party.

Glossary of Terms
This Privacy statement refers to the Data Protection Act 1998 as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (“the GDPR”).

Personal data relates to any information about a living individual that makes it capable of identifying them.

A Data Controller (for general data protection regulation purposes) means the person or organisation who decides the purposes for which and the way in which any personal data is processed.

A Data processor is a person or organisation which processes personal data for the controller.

Data Processing is any operation or set of operations performed on personal data, or sets of it, either by automated systems or not. Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.

What information do we collect about you and how?
Alwyns, as a data controller, is bound by the requirements of the GDPR.

We may obtain personal data from you when you contact us, including when you call us, get in touch with us via our website or when you or your organisation corresponds with us using any means of communication. This includes personal data you provide to us when you contact us with a question or enquiry; contact us or authorise anyone to contact us about employment with us; attend events or provide our staff with business cards or contact details, dealing with us when we are providing services to one of our clients (which may be you, your organisation or a third party); making a complaint, dealing with us in order to provide us with goods or services.

We may also collect and retain personal data obtained from public sources about you or your organisation or from third parties who may include our clients, legal and accountancy professionals and their firms, courts, professional regulators, public bodies, and other entities including credit reference agencies and providers of analysis, screening and database services who have a right to disclose this information to us.

In general, you may visit the Site without telling us who you are or revealing any personally identifiable information about you. Our servers collect the domain names, operating system in use (e.g., Macintosh, Windows) and browser (e.g., Netscape, Internet Explorer). E-mail addresses and other personally identifiable information such as first and last name, telephone number, and other similar information are known only when voluntarily provided by a visitor for registration or other participation of visitors in any available online interactive activities. Certain information about the user, such as IP addresses, navigation through site, software used, time spent and other similar information, may be stored on our servers in small data pieces known as “cookies,” which may also be written to a User’s computer system. These cookies will not specifically identify the User. In addition, we also record your IP address, which is the Internet address of your computer, and information such as your browser type and operating system.

Why do we process this data?
Where data is collected for professional services it is used for a number of purposes, such as;

Where data is collected from our website and mobile app

Where we collect domain names and operating system in use, this information is aggregated to measure the number of visits, average time spent on the Site, pages viewed, etc. We use this information to measure the use of our Site and to improve the content of our Site. This information also helps us learn about the geographical distribution of our website visitors and the technology they use to access our site. This information is never connected with the personal information you supply to us if you register on our website.

Regarding cookies, this information will be used internally only for web site traffic analysis. If the user specifically provides unique identifying information, such as name, address and other information on forms stored on this site, such information will only be used for statistical purposes and will not be published for general access. You can set your browser not to accept cookies and can screen out certain cookies using browser add-ons or other software. Please note in a few cases some of our website features may not function because of this.

How we share your data with other people and organisations
We may provide access to your personal data to our employees, contractors and agents. This will be for the performance of their duties or contractual responsibilities to us and to be used only in a manner which isn’t compatible with the purposes for which we obtained it.

Where we supply other people and organisations with personal data for purposes other than their processing this data for us according to our instructions, we will consider (where allowed by law or our duties to our clients) the security and privacy of that data in the hands of the recipient. However, we won’t be responsible for the security and privacy of data held by third parties where we don’t control their policies and practices.

We may share personal data with other people and organisations for these reasons:

Transferring your information outside of the UK
Where possible, personal data resides within the UK territory but may be transferred to, and stored at, a destination outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. We will take all reasonable steps to ensure that your data is treated securely, in accordance with this privacy statement.

We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the UK are done lawfully. Where we transfer personal data outside of the UK to a country not determined as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the UK requirements for the transfer of personal data outside the UK.

Where you give us your personal data, you consent to the transfer of such personal data out of the UK and acknowledge that this may involve the transfer or personal data to a country or territory which may not be deemed to provide an adequate level of protection for your rights and freedoms as a data subject.

Security of information
We take the security of all the data we hold seriously. Staff are trained on data protection, confidentiality and security, and we maintain a culture of confidentiality.

We have a framework of policies and procedures which ensure that we keep the data we hold secure, and employ a range of technologies to protect the information maintained on our systems from loss, misuse, unauthorized access or disclosure, alteration, or destruction. We do not share the information we collect with any other organisations.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will endeavour to take all reasonable care, in so far as it is possible to do so, to keep all your details secure, we cannot guarantee the security of your data transmitted to our site and in the absence of negligence on our part we cannot be held liable for any loss you may suffer if a third party procures unauthorised access to any data you provide.

Your rights to object to direct marketing
Like other businesses, we will sometimes use your personal data to provide you with information about the services we offer, developments in the law, taxation and finance which may affect you and other topics we think might interest our clients and business contacts. If you ask us to provide accountancy, taxation or financial services to you, the terms of business and engagement letter we provide you will have additional information about how we can use your personal data.

We appreciate that you may decide that you don’t want us to use your personal data in this way and we will respect that choice. We also have a legal obligation under the GDPR to stop sending you marketing communications if you object, so if you don’t want us to use your personal data in this way, just let us know.

You can do this by sending an email to or writing to us care of:

The Data Protection Officer
Alwyns LLP
3rd Floor, Crown House
151 High Road
Essex IG10 4LG

We’ll give you the opportunity to opt out of future marketing whenever we send you marketing material.

How long will we hold your data for?
We retain the personal data processed by us in a live environment for as long as is considered necessary for the purpose(s) for which it was collected (including as required by applicable law or regulation, typically 6 years).

In addition, personal data may be securely archived with restricted access and other appropriate safeguards where there is a need to continue to retain it.

Your rights – access to your information, correction, portability and deletion

Subject Access Request
You have a right to request a copy of the information that we hold about you, called a Subject Access Request. If you would like a copy of some or all of your personal information, please email or write to The Data Protection Officer at the above address: We will respond to your request within one month of receipt of the request.

We want to make sure your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate by emailing or writing to the above address.

Objections to processing of personal data
It is your right to lodge an objection to the processing of your personal data if you feel the “ground relating to your particular situation” apply. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claim.

Data portability
It is also your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if the processing is based on consent or on a contract, and the processing is carried out by automated means.

Your right to be forgotten
Should you wish for us to completely delete all information we hold about you, please email us at or write to us to The Data Protection Officer at the above address.

We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email or write to us with the details of your complaint. We will look into and respond to any complaints we receive.
You also have the right to lodge a complaint with the UK data protection regulator, the Information Commissioner’s Office (“ICO”). For further information on your rights and how to complain to the ICO, please refer to the ICO website

By using our Website you therefore consent to the collection and use of your personal information by us as detailed in this privacy policy.

Other websites
Our Privacy Policy outlines how we treat your personal information, and forms part of the Terms and Conditions of this Site. This Privacy Policy applies only to this Site, and not to the collection and use of personal information by any third party via any website to which there are links on this Site. We are not responsible for the privacy policies of other websites, and encourage you to be aware when you leave our Site, and to read all applicable terms, conditions and privacy policies when using other websites.

Changes to our privacy statement
We keep our privacy policy under regular review and we will place any updates on this web page. This privacy policy was last updated on 16 February 2021 and the version number is 2.0 in line with the new GDPR guidelines.