Ostoya Bookkeeping logo

Privacy Policy

Last updated: 2025-09-07

This Privacy Policy explains how Ostoya Business Solutions (trading as Ostoya Bookkeeping) collects and processes personal data when you use our website or services. We act as a controller for our own business operations and as a processor when handling personal data on behalf of clients.

1. Who We Are

Controller: Ostoya Business Solutions, 32 Mayfly Road , Swaffham . PE37 8JF. Company number: []. ICO registration: [].

Contact: info@ostoya.co.uk

2. Data We Collect

Website data: contact form details, device and usage data (e.g., cookies, analytics).

Client data: names, contact details, financial records needed for bookkeeping (e.g., invoices, bank feeds where authorised).

We do not intentionally collect special category data.

3. How We Use Data (Purposes & Legal Bases)

Service delivery and client management (contract).

Responding to enquiries and providing quotes (legitimate interests / pre‑contract).

Accounting, taxation, and legal compliance (legal obligation).

Marketing our services to existing or prospective clients (consent where required; otherwise legitimate interests).

4. Sharing & International Transfers

We share data with trusted vendors (hosting, email, accounting software) under contracts and with appropriate safeguards.

If data is transferred outside the UK, we rely on adequacy decisions or Standard Contractual Clauses.

5. Data Retention

We keep records for as long as necessary for the purposes set out above, including statutory retention (typically 6 years after the end of a financial year), unless a longer period is required by law.

6. Your Rights

You have rights to access, rectify, erase, restrict or object to processing, and data portability. You may withdraw consent at any time where processing is based on consent.

To exercise rights, contact info@ostoya.co.uk. You also have the right to complain to the ICO (ico.org.uk).

7. Security

We implement technical and organisational measures appropriate to the risk, including access controls, encryption in transit, and regular reviews.

8. Cookies & Analytics

Our site uses cookies and similar technologies for essential functionality, performance, and analytics. Where required, we will request your consent via a banner. You can manage preferences in your browser settings.

We recommend reviewing our separate Cookie Policy for detailed categories and retention.

9. Sub‑processing as a Processor

When acting as a processor for clients, we follow documented instructions, ensure confidentiality, use sub‑processors only with appropriate safeguards, assist with data subject requests, and delete or return data at contract end.

10. Updates

We may update this policy. Material changes will be posted here with a new ‘Last updated’ date and, where appropriate, notified to you.

Need help?

Message us on WhatsApp and we’ll reply promptly.

WhatsApp
Privacy Policy | Ostoya Bookkeeping | Ostoya Business Solutions