Zipptax

Privacy Policy

Introduction

ZippTax is committed to ensuring that all personal data handled by us will be processed according to legally compliant standards of the General Data Protection Regulation (GDPR). GDPR requires data controllers such as ourselves to document our lawful basis for processing personal data. It also gives you rights on how your data is processed. This privacy policy documents the data we collect, why and how we process it, and how to exercise your rights. Please take your time to read this Privacy Policy carefully.

The Data Controller

We are the data controller of any personal information you provide to us. This means that we are responsible for complying with data protection laws. This Privacy Policy describes what personal information we may collect from you, why we use your personal information and more generally the practices we maintain and ways in which we use and protect your personal information.

Our full contact details are: ZippTax Telephone: 0203 900 2350 Email: info@refundmate.co.uk

This website contains links to third-party websites, which have their own data controllers and privacy policies. This privacy policy applies only to this website.

Applicable Data Protection Law

ZippTax is a registered entity in the UK and Republic of Ireland, as Pay Reclaim Solutions Ltd and therefore subject to the Regulations of the General Data Protection Regulation (GDPR) & UK GDPR as tailored by the Data Protection Act 2018.

Personal Data / What Data Do We Need

Personal data includes particulars of personal information gathered relating to a specific or determinable individual person. This includes information such as name, address, telephone number, email address, National Insurance number, Unique Taxpayer Reference number, bank account details, employment / business information. Information that cannot be linked to a specific or determinable individual is not considered as personal data.

We will collect personal identification information from Users only if they voluntarily submit such information to us. We only collect the personal data about you that is needed to proceed with claim management services on your behalf, which we have categorised as follows:

  • Identity Data: Includes first name, maiden name, last name, marital status, title, date of birth and gender.
  • Contact Data: Includes email address and telephone numbers.
  • Financial Data: Includes bank account information, employment, and payment details.
  • Compliance Data: Includes recorded calls for quality checks and staff training. Such recordings may also be used to help us combat fraud.
  • Technical Data: Includes IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on devices used to access the website.
  • Usage Data: Includes information about how you use our website services.
  • Marketing and Communications Data: Includes your preferences in receiving marketing and your communication preferences.
  • Special Categories of Personal Data: Includes health and vulnerability-related data voluntarily shared. We will always ask for your explicit consent to record and share Special Category Data.
  • Sensitive Personal Information: Includes criminal history (offences and alleged offences, cautions, convictions) as required for insurance services.

All the personal data we hold is processed by our staff in the UK.

``Your information is held on our server, based here in the UK.

Responsibility

Compliance with the applicable statutory regulations on data protection is an original duty of ZippTax. The submission and transfer of data by a client to ZippTax is the responsibility of the client, to which ZippTax will have responsibility once received. ZippTax will adhere to all responsibilities under GDPR to protect such uploaded data and will process this data in line with GDPR when transferring any required data to the HMRC in fulfilment of its contractual obligations with the client.

Cookies

A cookie consists of information sent by a web server to a web browser and is stored by the browser. This enables the web server to identify and track the web browser. For usage of the ZippTax website only, it may be necessary for the ZippTax servers to use cookies. These cookies are used by the technical administrators of the website. Every visitor can configure their browser to personalise the cookies collected or refuse cookies completely. Unless the consent of the user is given, no cookie data will be saved on the computer of the visitor. Functionality of specific areas of the website may be inaccessible with cookies disabled.

Why We Require Your Data

To carry out the service of Tax Agent on behalf of our clients and communicate with HMRC to obtain tax refunds in the fulfilment of the contract with our clients, under GDPR. We obtain personal information from you through our website and during business communications, with your consent.

During the provision of our services, you agree for us to process your personal information through signing our Letter of Authority which means you agree to our Terms of Engagement. This allows us to:

  • Contact you via your provided methods (text, telephone, email, post)
  • Supply services under your contract
  • Send general commercial communications
  • Contact third parties on your behalf, with your instruction
  • Send email notifications you've requested
  • Send statements and invoices to you and collect payments

Failure To Provide Data to Us

We require certain personal information to complete our services. Without it, we may be unable to fulfil our contract with you. We will explain what is needed and why. If you decline, we may terminate your contract in line with our Terms of Engagement.

Data Security

ZippTax has implemented technical and organisational measures to protect personal data from unauthorised access, loss, or misuse. Data is processed through ZippTax-operated or third-party systems with appropriate safeguards. We will upgrade security measures as technology evolves.

We do not specifically transfer your data outside the EU, but if a third party does, we ensure appropriate safeguards such as encryption, restricted access, and contractual clauses. Your data remains under our control. Contact us if you need more information.

Data Sharing

ZippTax generally receives and shares client data only with HMRC to fulfil contractual obligations.

However, to provide our services, the following third parties process your data under our direction and strict security terms:

  • Professional Services: Legal, consultancy, accountancy
  • Advertising: Analytics providers (anonymised data)
  • Systems & IT: Storage, software, call recording services
  • Post & Printing: Outsourced print-house
  • Regulators: Such as Claims Management Regulator, Legal Ombudsman, ICO

All third parties are selected for their data protection standards and are located in the EU, subject to the same legal framework. If you request us to stop processing your data, we will notify relevant third parties processing on our behalf.

We do not sell, assign, disclose, or rent your data to third parties unless required by law or regulatory obligation.

Data Retention, Storage, and Erasure

ZippTax processes data as long as necessary for its original purpose. Retention decisions are based on:

  • Operational requirements: e.g., ongoing services
  • Legal requirements: e.g., retaining records for 7 years

Archived data is stored securely and deleted after the legal retention period.

Data Subject Rights

Under GDPR, you have the right to:

  • Be informed and access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Receive your data (data portability)

Withdrawal of Consent

You may withdraw consent at any time. However, in some cases (e.g., during an ongoing claim), this may not be possible. We will advise you if that applies.

Right to Lodge a Complaint

You have the right to complain to your national data protection authority if your rights are violated. Contact us for support in doing so.

Third Party Websites

Our website may contain links to external sites. We are not responsible for their privacy policies or practices.

Policy Amendments

We may update this privacy policy by posting a new version on our site. Check back periodically. If changes affect you directly, we will inform you.

Questions

If you have any questions about this Privacy Policy, contact us at: ZippTax Email: info@zipp.tax

Data Protection

We use your data to carry out our tax claim services. You agree to us storing this data in paper and/or electronic form. Your data will be stored and processed in accordance with UK data protection laws.

We monitor some telephone calls for training and quality purposes. We may contact you using any details you provide. You can update preferences anytime.

If we need to transfer data to third-party partners (some outside the EEU), we have agreements in place to safeguard your data.

You may request a copy of your data by submitting a Subject Access Request by email or post. For more on SARs, visit: https://ico.org.uk/for-the-public/your-right-to-get-copies-of-your-data/preparing-and-submitting-your-subject-access-request/