1. Purpose

This policy is a summary of our internal policy. It provides an overview of how Britannia Advisory protects personal data and respects the rights of individuals whose data we process. It should be read alongside our Privacy Policy, Information Security Policy, and Data Retention Policy, available on our website. A copy of our full General Data Protection Policy is available upon request to admin@britanniaadvisory.com.

 

2. About us

Britannia Advisory is the trading name of PG&E Professional Services Ltd (“we”, “us”, “the Company”). We act as a data controller for personal data processed in connection with our services and business operations. Details about Britannia Advisory can be found here. 

 

3. Data protection law

We comply with UK data protection legislation, including the UK GDPR, the Data Protection Act 2018, and (where applicable) the Privacy and Electronic Communications Regulations (PECR).

 

4. Our commitment

We handle personal data lawfully, fairly and transparently. We follow the key principles of data protection, including data minimisation, accuracy, storage limitation, security, and accountability.

 

5. What personal data we collect

Depending on the relationship, we may collect and use personal data such as:

• identity and contact details;

• financial and tax information;

• payroll and employment-related information;

• verification and due diligence information (e.g. ID documents) where required for AML/KYC; and

• correspondence and communications.

Full detail is set out in our Privacy Policy.

 

6. Why we use personal data and our lawful bases

We process personal data to:

• provide accounting, tax, payroll, audit, and related professional services;

• meet legal and regulatory obligations (including AML requirements);

• manage our business operations, relationships, and enquiries; and

• protect our legal rights and comply with professional and regulatory requirements.

We rely on one or more lawful bases under UK GDPR, typically:

• performance of a contract;

• legal obligation; and/or

• legitimate interests (balanced against individual rights).
  Where we rely on consent (e.g. certain marketing), it can be withdrawn at any time.

 

7. Sharing personal data

We may share personal data where necessary with:

• HMRC, Companies House, and other regulators or authorities;

• professional advisers and service providers acting on our instructions; and

• third parties where required by law or with your instruction/authorisation.

Where service providers act for us, we require appropriate contractual protections.

 

8. International transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as UK adequacy regulations or approved contractual mechanisms (e.g. the UK International Data Transfer Agreement), as applicable.

 

9. Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. Further detail is set out in our Information Security Policy.

 

10. Retention

We keep personal data only for as long as necessary for the purposes described above, including to meet legal, regulatory, and professional obligations. Further detail is set out in our Data Retention Policy.

 

11. Your rights

Individuals have rights under UK GDPR, including the right to:

• be informed and access their data;

• request correction of inaccurate data;

• request deletion (where applicable);

• restrict or object to certain processing; and

• data portability in some circumstances.

Requests can be made by contacting us (see below). We may need to verify identity before responding.

 

12. Cookies and marketing

Our use of cookies and similar technologies, and how you can manage preferences, is explained in our Privacy Policy (and/or Cookie Policy, if applicable). Marketing communications will be sent only where permitted by law, and you can opt out at any time.

 

13. Complaints and contact details

If you have questions or wish to exercise your rights, please contact our Data Protection Officer using the details provided on our website.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

 

14. Updates to this policy

We may update this policy from time to time. The latest version is available on our website.

Last updated: 14 January 2026

​

​