Vookeeper respects your privacy and is committed to protecting personal information. This Privacy Policy explains how we collect, use, share and protect personal information when you use our website, client portal, onboarding process, payment process or bookkeeping services.
This Privacy Policy should be read together with our Terms and Conditions and Cookie Policy.
1. Who we are
Vookeeper is operated by Vookeeper Ltd.
Registered office: 85 Great Portland Street, London, United Kingdom, W1W 7LT
Company number: 14351855
ICO registration number: ZB536037
Email: contact@vookeeper.co.uk
Website: vookeeper.co.uk
In this Privacy Policy, “Vookeeper”, “we”, “us” and “our” mean the Vookeeper business named above.
2. Our role under data protection law
For personal information collected through our website, onboarding process, billing process, marketing activities, client relationship management and general business administration, Vookeeper is usually the controller. This means we decide why and how that personal information is used.
For personal information contained in a client’s business records, bookkeeping records, invoices, receipts, bank transactions, supplier records, customer records or similar client-provided documents, Vookeeper may act as a processor on behalf of the client business. In those cases, the client business is usually the controller and Vookeeper processes the information to provide bookkeeping services.
Where required, we may agree separate data processing terms with clients.
3. Personal information we collect
We may collect and use the following types of personal information.
Contact and account information
This may include names, business names, job titles, email addresses, phone numbers, postal addresses, login details, communication preferences and account settings.
Business and bookkeeping information
This may include information contained in invoices, receipts, bank transactions, supplier records, customer records, payroll-related documents, accounting software, financial reports, bookkeeping queries and uploaded documents.
This information may include personal information about business owners, directors, employees, contractors, suppliers, customers or other individuals connected to your business.
Billing and payment information
We may collect billing contact details, plan details, invoices, payment status, transaction references and limited payment information. Card, direct debit or payment method details are usually handled by our payment provider and not stored directly by us.
Website, portal and technical information
When you use our website or client portal, we may collect technical information such as IP address, browser type, device information, pages viewed, referring website, usage data, log data and cookie identifiers.
Communications
We may keep records of emails, portal messages, support requests, feedback, complaints, calls, meeting notes and other communications with you.
Marketing information
If you subscribe to updates or interact with our marketing, we may collect information such as email address, preferences, campaign engagement and unsubscribe status.
4. How we collect personal information
We collect personal information:
- directly from you when you contact us, create an account, purchase a plan, complete onboarding, upload documents or use the client portal
- from your business representatives, employees, directors, contractors or authorised users
- from accounting software, bank feeds, bookkeeping platforms or other systems you connect or give us access to
- from payment providers
- from public sources such as Companies House, sanctions lists, business websites and professional registers
- automatically through cookies, analytics tools, server logs and similar technologies.
5. Why we use personal information
We use personal information for the following purposes:
- to provide bookkeeping and related services
- to onboard clients and assess service suitability
- to create and manage client accounts and portal access
- to process payments, subscriptions, invoices and billing records
- to communicate with clients and respond to enquiries
- to review documents, transactions and bookkeeping queries
- to comply with legal, regulatory, tax, accounting and professional obligations
- to improve our website, portal, services, processes and client experience
- to keep our systems secure and prevent misuse
- to send service updates and administrative messages
- to send marketing where permitted by law
- to manage complaints, disputes, claims and legal rights.
6. Lawful bases for using personal information
We rely on one or more lawful bases under UK data protection law, depending on the purpose.
Contract
We use personal information where necessary to take steps before entering into a contract with you or to perform our contract with you, such as providing bookkeeping services, managing your account and sending service-related communications.
Legal obligation
We use personal information where necessary to comply with legal obligations, such as AML checks, tax records, accounting records, sanctions screening, fraud prevention duties, regulatory obligations and responding to lawful requests from authorities.
Legitimate interests
We use personal information where necessary for our legitimate interests or those of a client or third party, provided those interests are not overridden by individual rights. This may include running and improving our business, securing our systems, managing client relationships, preventing fraud, handling disputes, keeping internal records and sending limited business-to-business marketing.
Consent
We may rely on consent for certain optional marketing communications, non-essential cookies or other activities where consent is required. You can withdraw consent at any time.
Vital interests or public task
These are unlikely to apply to our ordinary services but may apply in rare circumstances where necessary to protect someone’s life or where required by a public authority.
7. Subcontracted bookkeepers
Vookeeper provides bookkeeping services through trained subcontracted bookkeepers engaged by Vookeeper.
These subcontracted bookkeepers carry out bookkeeping work on behalf of Vookeeper. They are not independent service providers chosen by the client. They work under Vookeeper’s processes, instructions, confidentiality requirements, data protection standards and service quality expectations.
Our bookkeepers are currently based in the Philippines. This means that personal information contained in your business records and bookkeeping documents may be accessed from the Philippines for the purpose of providing bookkeeping services.
Vookeeper remains responsible to clients for the services provided under the relevant plan or engagement, including work carried out by subcontracted bookkeepers.
We take reasonable steps to ensure that subcontracted bookkeepers:
- only access information needed to carry out their work
- are subject to confidentiality obligations
- follow Vookeeper’s processes and security requirements
- use approved systems and communication channels where required
- do not use client information for their own purposes
- do not share client information with unauthorised people.
8. Sharing personal information
We may share personal information with:
- Vookeeper staff and authorised team members
- Vookeeper’s Philippines-based subcontracted bookkeepers, for the purpose of providing bookkeeping services
- accounting software providers
- payment processors and subscription billing providers
- cloud hosting, storage, email, analytics, security and IT service providers
- customer support, form, workflow and document management providers
- professional advisers, including accountants, lawyers, insurers and compliance consultants
- HMRC, Companies House, regulators, law enforcement agencies, courts or other authorities where required or permitted by law
- a buyer, investor or successor if we restructure, sell or transfer all or part of our business
- other third parties where you instruct us or give permission.
We do not sell personal information.
9. Overseas access and international transfers
Some personal information may be accessed from, stored in or transferred to countries outside the United Kingdom.
In particular, Vookeeper’s subcontracted bookkeepers are currently based in the Philippines and may access client bookkeeping records and related personal information from the Philippines in order to provide bookkeeping services.
Some of our technology providers may also process personal information outside the United Kingdom, depending on their systems, hosting locations and support arrangements.
Where personal information is transferred or accessed outside the UK, we will take steps intended to protect it in accordance with applicable data protection law. Depending on the destination and circumstances, this may include:
- using UK adequacy regulations where available
- using the UK International Data Transfer Agreement
- using the UK Addendum to EU Standard Contractual Clauses
- carrying out a transfer risk assessment where required
- applying confidentiality obligations
- using access controls and role-based permissions
- limiting access to what is needed for the relevant work
- requiring appropriate technical and organisational security measures.
10. Email, portal and secure communications
We may communicate with you by email, client portal and other ordinary business communication methods. Email is a common and accepted way to communicate with clients, and we may use it for general service messages, bookkeeping queries, updates, invoices, payment notices and routine document requests.
For particularly sensitive documents, such as identity documents, payroll records, bank statements, large data exports or documents containing substantial personal or financial information, we may ask you to use the client portal or another secure method we provide.
If you choose to send sensitive documents by email, ordinary email may carry some security risks, including misdirection, unauthorised access, phishing or interception. We will use reasonable care when handling emails and attachments we receive, but you are responsible for checking recipient details before sending sensitive information to us.
We may refuse to open links, attachments or files that we reasonably consider suspicious, unsafe or unrelated to the services.
11. How long we keep personal information
We keep personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide services, comply with legal obligations, resolve disputes and protect our rights.
Typical retention periods include:
- client account and contact records: for the client relationship and up to 6 years afterwards
- bookkeeping records and related business documents: generally up to 6 years after the relevant financial year or longer if required by law, dispute, investigation or client instruction
- billing and payment records: generally up to 6 years for tax and accounting purposes
- support messages and client communications: generally up to 6 years after the relationship ends, unless no longer needed
- website analytics and cookie data: for the period stated in our Cookie Policy, cookie tool or cookie settings
- marketing records: until you unsubscribe or we no longer need to keep the record, although we may keep a suppression record to respect your opt-out.
We may keep limited information for longer where necessary for legal claims, regulatory obligations, fraud prevention, security, audit trails or to respect opt-out preferences.
12. Security
We use reasonable technical and organisational measures to protect personal information. These may include access controls, secure systems, password protection, multi-factor authentication where appropriate, encryption where suitable, staff and subcontractor confidentiality obligations, role-based permissions, monitoring and secure document handling processes.
We also aim to limit access to client information to those who need it to provide services, support the client relationship, maintain systems, comply with legal obligations or protect Vookeeper’s legitimate interests.
No system can be guaranteed to be completely secure. You should also take care to protect your own systems, devices, passwords, accounting software access and portal login details.
Please contact us promptly if you believe information shared with Vookeeper has been lost, accessed without permission, sent to the wrong person or otherwise compromised.
13. Your responsibilities when sharing other people’s data
If you provide us with personal information about other people, such as employees, customers, suppliers, directors, shareholders or contractors, you must ensure you are allowed to share it with us.
You should provide appropriate privacy information to those individuals explaining that their information may be shared with your bookkeeping provider and used for bookkeeping, accounting, compliance and related business purposes.
This is especially important where your records include payroll information, customer lists, supplier information, employee information, contact details, bank details or other personal information.
14. Cookies and similar technologies
Our website may use cookies and similar technologies to:
- make the website work properly
- remember preferences
- improve performance and user experience
- understand website traffic and usage
- support security
- assist with marketing and analytics, where permitted.
Some cookies are essential. Others, such as analytics or marketing cookies, may require your consent.
Where required, we will ask for your consent before placing non-essential cookies. You can change your cookie preferences through our cookie banner, cookie settings tool or browser settings.
More information is available in our Cookie Policy.
15. Marketing
We may send marketing communications to business contacts where permitted by law. This may include updates about our services, bookkeeping tips, offers, product updates or relevant business information.
You can opt out of marketing at any time by using the unsubscribe link in our emails or contacting us directly.
Even if you opt out of marketing, we may still send service, billing, security, legal or administrative messages.
16. Your data protection rights
Depending on the circumstances, you may have the right to:
- access personal information we hold about you
- ask us to correct inaccurate or incomplete information
- ask us to delete personal information
- ask us to restrict how we use personal information
- object to certain uses of personal information
- request transfer of your personal information to another provider
- withdraw consent where we rely on consent
- complain about how we handle personal information.
These rights are not absolute and may be subject to legal limits, exemptions or competing obligations.
To exercise your rights, contact us at [insert privacy email]. We may need to verify your identity before responding.
If your personal information is contained in the records of one of our clients, we may need to refer your request to that client or work with that client to respond, depending on whether Vookeeper is acting as controller or processor for that information.
17. Data protection complaints
If you are concerned about how we handle personal information, please contact us first at [insert privacy complaints email].
We will take appropriate steps to investigate and respond to data protection complaints.
You also have the right to complain to the Information Commissioner’s Office. The ICO is the UK regulator for data protection matters.
18. Links to other websites
Our website may link to third-party websites, tools or platforms. We are not responsible for the privacy practices, security or content of third-party websites. You should read their privacy policies before providing information to them.
19. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The latest version will be posted on our website.
If we make material changes, we will take reasonable steps to notify active clients or website users where appropriate.
20. Contact us
Questions about this Privacy Policy or how we handle personal information should be sent to:
Vookeeper Ltd
Email: contact@vookeeper.co.uk
Address: 85 Great Portland Street, London, United Kingdom, W1W 7LT
Last updated: 7 July 2026