1. Introduction
Figurs Ltd ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our accounting and company secretarial SaaS platform ("Service").
We are the data controller for the personal information we process, unless otherwise stated.
2. Data Controller Details
Figurs Ltd
Company Registration Number: 14986547
Registered Office: 15 Brook Road, Rayleigh, Essex, England, SS6 7UT
Email: privacy@figurs.co.uk
Data Protection Officer: dpo@figurs.co.uk
3. Information We Collect
3.1 Information You Provide
Name, email address, password, phone number
Company name, registration number, registered address, VAT details
Bank transactions, invoices, purchases, expenses, VAT returns
Director details, shareholder information, PSC records, filings
3.2 Information Automatically Collected
- Usage Data: Pages visited, features used, time spent, actions taken
- Device Information: IP address, browser type, operating system, device identifiers
- Cookies: See our Cookie Policy for details
3.3 Information from Third Parties
HMRC
VAT obligations, tax data
Companies House
Company details, filings
Finexer
Open Banking feeds
Payment Providers
Transaction confirmations
4. How We Use Your Information
4.1 Legal Basis for Processing (UK GDPR)
Contract Performance
Providing our accounting and company secretarial services
Legal Obligation
Compliance with HMRC, Companies House, and regulatory requirements
Legitimate Interests
Improving services, fraud prevention, security
Consent
Marketing communications, optional analytics
4.2 Purposes
- Provide, maintain, and improve our Service
- Process transactions and manage your account
- Submit VAT returns and statutory filings
- Sync bank transactions and reconcile accounts
- Generate financial reports and insights
- Communicate about your account and services
- Comply with legal obligations
- Detect, prevent, and address fraud
5. Data Sharing and Disclosure
5.1 Third-Party Service Providers
We share data with the following processors under Data Processing Agreements:
| Provider | Purpose | Basis |
|---|---|---|
| HMRC | VAT returns, corporation tax, PAYE | Statutory |
| Companies House | Statutory filings, company updates | Statutory |
| Finexer | Open Banking connection | Contract |
| Stripe | Payment processing | Contract |
| GoCardless | Direct debit payments | Contract |
| AWS | Cloud hosting and storage | Contract |
6. Data Retention
We retain your data for as long as necessary to provide our services and comply with legal obligations:
6 years
From end of financial year (UK legal requirement)
6 years
HMRC requirement
10 years
Companies Act 2006
7 years
Tax and AML requirements
7. Your Rights (UK GDPR)
You have the following rights regarding your personal data:
Right of Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your data (subject to legal requirements)
Right to Data Portability
Receive your data in a machine-readable format
To exercise these rights, contact us at:
privacy@figurs.co.uk
8. Security
We implement appropriate technical and organisational measures to protect your data:
Encryption
TLS/SSL in transit, AES-256 at rest
Multi-Factor Auth
MFA for enhanced account security
Access Controls
Role-based permissions
9. Cookies and Tracking
We use cookies and similar technologies to provide, protect, and improve our Service. For detailed information, see our Cookie Policy.
10. Contact Us & Complaints
Contact Information
- privacy@figurs.co.uk
- dpo@figurs.co.uk
- 15 Brook Road, Rayleigh, Essex, England, SS6 7UT
Information Commissioner's Office
If you are not satisfied with our response, you have the right to lodge a complaint with the ICO:
Information Commissioner's OfficeWycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
ico.org.uk