Back to home
Legal

Privacy Policy

Last Updated: 4 May 2026

1. Introduction

By accessing or using the EasyTaxer software ("the Service"), provided by Agile Release Limited, a company registered in England and Wales under company number 13237670 with its registered office at 7 Larkshall Road, London, E4 7HS ("the Company", "we", "us", or "our"), we are committed to protecting the privacy and security of your personal and financial data. This policy explains how we handle your data when you use our Making Tax Digital (MTD) Income Tax software.

2. Data We Collect

We collect the following types of information to provide our tax submission services:

  • Identity Data: Name, business name, email address, and contact details.
  • HMRC Identifiers: Your National Insurance Number (NINO), Unique Taxpayer Reference (UTR), and Government Gateway credentials (processed securely via OAuth).
  • Financial Data: Income records, expense receipts, bank transaction details, and tax liability calculations.
  • User Content: Supporting documents (PDFs, images) you upload via our secure messaging or storage features.

3. Legal Basis for Processing

Under Article 6 of the UK GDPR we must have a lawful basis for processing your personal data. The bases we rely on are:

  • Performance of a contract (Art. 6(1)(b)) — for the data we need to provide the Service to you, including your account details, HMRC identifiers (NINO, UTR), bank transaction records, and financial data used to prepare and submit your tax obligations.
  • Compliance with a legal obligation (Art. 6(1)(c)) — for retaining your tax records for 6 years plus the current year, in line with HMRC record-keeping requirements.
  • Consent (Art. 6(1)(a)) — for non-essential cookies and any future analytics or marketing communications. You can withdraw consent at any time via our cookie banner or your account settings.
  • Legitimate interests (Art. 6(1)(f)) — for security monitoring, fraud prevention, and service improvement, where these do not override your rights and freedoms.

4. How We Use HMRC Data

Our software integrates directly with HMRC APIs to help you comply with UK tax law. We use this connection to:

  • Retrieve your current tax obligations and liabilities.
  • Submit quarterly updates and end-of-period statements on your behalf.
  • View your tax calculation and payment history.

Authorization: We only access your HMRC data after you provide explicit authority via the official HMRC OAuth 2.0 authentication process. We do not view or store your Government Gateway password.

5. Data Storage and Security

We take the security of your data seriously and employ multiple layers of protection:

  • Encryption in Transit: All data transmitted between your browser, our servers, and HMRC is encrypted using TLS 1.2/1.3 (HTTPS).
  • Encryption at Rest: All personal data, financial records, and uploaded files are stored on encrypted storage volumes using AES-256 standard encryption (LUKS).
  • Data Location: Your data is hosted on IONOS Cloud infrastructure located in the United Kingdom or the European Economic Area (EEA). Both the UK and the EEA recognise each other under reciprocal adequacy decisions, so data may move between them without additional safeguards. We do not transfer your personal data outside the UK or EEA.

6. Data Sharing and Sub-processors

6.1 HMRC

We share your financial data with HM Revenue & Customs (HMRC) solely to fulfil your Making Tax Digital obligations. Submissions are made via HMRC's official APIs after your explicit OAuth 2.0 authorisation.

6.2 Sub-processors

To deliver our service we engage a small number of trusted third-party processors. Each is bound by a data processing agreement and may only use your data on our documented instructions.

  • IONOS Cloud — Hosting and encrypted data storage. Location: UK / EEA.
  • Hostinger — Transactional and account email delivery (registration, password reset, submission confirmations, etc.). Location: EU (Lithuania).

This list will be kept current. If we add a new sub-processor or materially change how an existing one is used, we will update this policy and, where required, obtain your consent before the change takes effect.

6.3 No sale of personal data

We do not sell, trade, or rent your personal information to any third party. Data is shared only with the parties listed above, and only for the purposes described.

7. Data Retention

We retain your tax records and user account data for a period of 6 years plus the current year, in alignment with UK tax record-keeping requirements. You may request the deletion of your account and associated data at any time by contacting support.

8. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("Right to be forgotten").
  • Object to or restrict certain processing.
  • Receive your data in a portable format.
  • Withdraw your consent for HMRC integration, analytics, or any other consent-based processing at any time.

To exercise any of these rights, contact us at info@easytaxer.com. We will respond within one month.

9. Right to Lodge a Complaint

You have the right to lodge a complaint with the UK supervisory authority for data protection, the Information Commissioner's Office (ICO), if you believe we have not handled your personal data in accordance with the law:

We would, however, appreciate the chance to address your concerns first — please contact us before approaching the ICO.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us via the support feature within the application or email us at: info@easytaxer.com