£Taxio

Privacy Policy

Last Updated: 1 January 2025Effective Date: 1 January 2025Version: 2.0

This Privacy Policy explains how Techseria Ltd ("we", "us", "our", "Techseria") collects, uses, stores, and protects personal data when you use Taxio, our UK payroll and business management software ("the Service").

We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

1. Who We Are

Data Controller:
Techseria Ltd, 123 Business Park, London, EC1A 1BB, United Kingdom
Company Registration Number: 12345678
ICO Registration Number: ZA123456

Data Protection Officer:
Email: [email protected]
Address: Data Protection Officer, Techseria Ltd, 123 Business Park, London, EC1A 1BB

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, contact details, company name, job title, and billing information.
  • Employee Data (Processed on Your Behalf): Full name, NI number, tax code, bank details, and payment information. For this data, your organisation is the Data Controller, and we act as the Data Processor.

2.2 Information Collected Automatically

  • Usage Data: Pages visited, time spent, and actions taken (e.g., payroll runs).
  • Technical Data: Browser type, IP address, and device information.

2.3 Information from Third Parties

  • HMRC Data: Submission confirmations, tax code notifications, and error messages.
  • Payment Processors: Confirmation of payment transactions.

3. How We Use Your Information

PurposeLegal Basis
Providing the Service (payroll, RTI, support)Contract performance
Improving security and featuresLegitimate interest
Legal compliance (tax, records)Legal obligation

4. Data Sharing

We share data with:

  • HMRC: For RTI submissions required by law.
  • Sub-Processors: Trusted providers for hosting (AWS London), payments (Stripe), and emails. All are UK-based or have adequate safeguards.
  • Pension Providers: Only upon your instruction.

We DO NOT sell your personal data to third parties.

5. Data Security

  • Encryption: AES-256 for data at rest, TLS 1.3 for transit.
  • Access Control: Role-based access, 2FA, and strict staff protocols.
  • Infrastructure: UK-based ISO 27001 certified data centres.

6. Data Retention

We retain data for as long as necessary for legal and business purposes. Generally:

  • Account Data: Duration of contract + 7 years (tax laws).
  • Payroll/Employee Data: 6 years from end of tax year.
  • Upon Termination: You have 30 days to export data; strictly deleted thereafter.

7. Your Rights

Under UK GDPR, you have the right to access, rectify, erase, restrict processing, and port your data. To exercise these rights, contact [email protected].

8. Cookies

We use essential cookies for security and analytics cookies for improvement. You can manage preferences via our cookie banner.

9. Contact Us

Data Protection Officer: [email protected]
General Privacy: [email protected]

If unsatisfied, you may complain to the ICO (ico.org.uk).