Privacy Notice

Mill Scott Ltd takes the protection of your privacy very seriously. We will only use your personal information to deliver the services you have requested from us, and to meet our legal responsibilities.  We are registered with the Information Commissioners Office (“ICO”) under reference Z2497427.

As well as this Privacy Policy, your privacy is protected by law. The General Data Protection Regulation (‘GDPR’) that comes into force on 25 May 2018 ensures that we use your personal information only if we have a proper reason to do so.

What type of information do we collect from you?

The personal information we collect might include your name, address, telephone number, email address, date of birth, your Unique Tax Reference (UTR) number, and your National Insurance number.

We will also collect personal data from you in relation to the provision of our services to you, including details relating to your tax affairs, bank accounts, investments, payroll information, accounting records and other statutory returns.

We may require documentary details from you such as a driving licence, passport or birth certificate, in order to comply with our obligations under identification, money laundering and anti-terrorism legislation.

How is your information used?

In general terms, and depending on which services you engage us to deliver, we may use your information to:

  • contact you by post, email or telephone
  • provide services to you, as set out in the engagement letter between us;
  • fulfil our legal obligations including money laundering and identification checks
  • maintain our records in accordance with applicable legal and regulatory obligations
  • use in the investigation and/or defence of potential complaints, disciplinary proceedings and legal proceedings; and
  • enable us to invoice you for our services and investigate/address any fee disputes that may have arisen.

If you refuse to provide us with certain information when requested, we may not be able to perform the services you have requested from us.

Data retention

We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically up to six years. To ensure compliance with all such requirements it is our policy to retain all data for a period of eight years from the end of the period concerned.

How we share your data

We will not sell or rent your information to third parties, and we will not share your information with third parties for marketing purposes.

We do however use third party service providers such as agents, subcontractors and other organisations to help us provide services to you, such as tax, accounting and payroll providers, email and secure document storage/exchange system providers and fee protection insurance providers.

We may also pass your data to third party external organisations where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.

However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service.   All of our third party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data.

Security precautions in place to protect the loss, misuse or alteration of your information

Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.  Once we receive your information, make our best effort to ensure its security on our systems. We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.


 Access to your information: You have the right to request a copy of the personal information about you that we hold.

Correcting your information: We are obliged to correct or update your details.   Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you.

Deletion of your information: You have the right to ask us to delete personal information about you, where you consider that we no longer require the information for the purposes for which it was obtained, or our use of your personal information is contrary to law or our other legal obligations.

Restricting how we may use your information: In some cases, you may ask us to restrict how we use your personal information. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.

Objecting to how we may use your information: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.

Withdrawal of consent: Where you have consented to our processing of your personal data, you have the right to withdraw that consent at any time. Please note:

  1. The withdrawal of consent does not affect the lawfulness of earlier processing.
  2. If you withdraw your consent, we may not be able to continue to provide services to you.
  3. Even if you withdraw your consent, it may remain lawful for us to process your data on another legal basis (e.g. because we have a legal obligation to continue to process your data)


 You have the right to complain about the processing of your personal data. Please contact us in the first instance to see how we can resolve the issue.  If you are still unsatisfied, you have the right to complain to the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Telephone – 0303 123 1113.



Comments are closed.