Privacy Policy

We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our application ("the Service").

1. Who We Are

TaxPig is a trading name of Tom Lambert.

For inquiries, please contact us.

We act as a data processor when handling data obtained from HMRC on your behalf, and as a data controller for account and service-related data.

2. Information We Collect

We may collect and process the following data:

  • Personal details (name, email address)
  • Account identifiers required to access HMRC services
  • Financial and tax-related data retrieved from HMRC APIs (only with your explicit consent)
  • Usage and technical data (IP address, browser type, device information)

We do not collect data beyond what is necessary to provide the Service.

3. HMRC Data

When you authorise us, we access your HMRC data via HMRC's APIs in accordance with HMRC's terms.

  • HMRC data is used only to provide the functionality you explicitly request
  • We do not sell, share, or reuse HMRC data for marketing or analytics
  • We do not access HMRC data without your consent

4. How We Use Your Data

We use your data to:

  • Provide and operate the Service
  • Retrieve and display HMRC data you request
  • Comply with legal and regulatory obligations
  • Improve reliability and security of the Service

5. Data Sharing

We do not share your data except:

  • With HMRC, as required to deliver the Service
  • With essential service providers (e.g. hosting, security), under strict confidentiality
  • Where required by law

6. Data Retention

  • HMRC data is retained for 7 years from the date it was saved, in accordance with UK tax record retention requirements (HMRC recommends a minimum of 6 years)
  • Data older than 7 years is automatically deleted through our scheduled cleanup process
  • You may request deletion of your data at any time (GDPR right to erasure)
  • We securely delete or anonymise data when no longer required

7. Security

We use appropriate technical and organisational measures to protect your data, including:

  • Encrypted data transmission
  • Secure access controls
  • Regular security reviews

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Withdraw consent for HMRC access

To exercise your rights, please contact us.

9. Changes

We may update this policy from time to time. Any changes will be published on this page.