Privacy Policy

Last updated December 2023

At Goff and Company we take the protection of your privacy very seriously. We will only use your personal information to deliver the services you have requested from us, and to meet our legal responsibilities.

How do we collect information from you?

We obtain information about you when, for example:

  • you request a proposal from us in respect of the services we provide
  • you engage us to provide our services and also during the provision of those services
  • you contact us by email, telephone, post or social media or use our website
  • we may record your telephone calls for training and monitoring purposes
  • from third parties and/or publicly available resources such as Companies House

What type of information do we collect from you?

The personal information we collect from you will vary depending on which services you engage us to deliver. The personal information we collect might include your name, address, telephone number, email address, your Unique Tax Reference (UTR) number, your National Insurance number, bank account details, your IP address, which pages you may have visited on our website and when you accessed them.

We will not collect, store or process data that is labelled as sensitive under UK GDPR.

How is your information used?

In general terms, and depending on which services you engage us to deliver, as part of providing our agreed services we may use your information to:

  • contact you by post, email or telephone
  • verify your identity where this is required
  • understand your needs and how they may be met
  • maintain our records in accordance with applicable legal and regulatory obligations
  • process financial transactions
  • prevent and detect crime, fraud or corruption.

We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you.  The period of retention required varies with the applicable legislation but is typically five or six years.  To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.

Who has access to your information?

We will not sell or rent your information to third parties.

We will not share your information with third parties for marketing purposes.

Any staff with access to your information have a duty of confidentiality under the ethical standards that the firm is required to follow.

Third Party Service Providers working on our behalf

We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf.  However, when we use third party service providers, we only disclose the personal information that is necessary to deliver the service and we require them to keep your information secure and not to use it for their own purposes. 

Please note that some of our third party service providers, such as IT and cloud services, may be located outside of the UK.  We will only disclose personal data to a third party including a third party outside of the UK provided that the transfer is undertaken in compliance with the data protection legislation.

Please be assured that we will not release your information to third parties unless you have requested that we do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention and detection of crime, fraud or corruption.

How you can update your information

Keeping your information up to date and accurate is important to us.  We commit to regularly review and correct where necessary, the information that we hold about you.  If any of your information changes, please email or write to us, or call us using the ‘Contact information’ noted below.

Security precautions in place to protect the loss, misuse or alteration of your information

Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. 

Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential.  We ask you not to share your password with anyone.

Your data will usually be processed in our offices in the UK.  However, to allow us to operate efficient digital processes, we sometimes need to store information on servers located outside the UK.  We take the security of your data seriously and so all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.

Your choices

We may occasionally contact you by post, email or telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further.  

Your rights of access, correction, erasure and restriction

Under data protection law, you have rights including:

  • Your right of access – You have the right to ask us for copies of your personal information.
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

Further information can be found on the ICO website.

You are not required to pay any charge for exercising your rights, but we may charge a fee if your request for access is clearly unfounded or excessive. If you make a request, we have one month to respond to you.

Please contact us at if you wish to make a request.

Visiting our website

When you view our website, a cookie may be placed on the hard drive of your computer. Cookies are small files that are used to make websites work or work more efficiently. They allow us to tailor our website operations to your needs by gathering and remembering information about your preferences.

We use traffic log cookies to track information about how visitors come to the website, which pages they visit and what actions they undertake on the site. This helps us analyse data about website usage so that we can identify ways to improve the user experience of the website. We only use this information for statistical analysis purposes and all data collected is anonymous.

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may however limit some functionality and prevent you from taking full advantage of the website.

For more information and a guide to deleting and controlling cookies, please refer to ICO website.

We use Google Analytics to collect data on how our users are using our website, their demographics and interests which enables us to improve our website content. Please visit Google policies to view Google’s privacy policy.

Users can opt-out of Google Analytics by visiting Google optout.

By visiting the Goff and Company website, you consent to the use of cookies as explained above.

Links to other websites

Our website may contain links to other websites of interest. We accept no responsibility for the accuracy of the information contained within third party websites and do not endorse any organisation, or the services provided by any organisation, whose link may be shown on our website. We can accept no responsibility for any loss or damage resulting from following a link on our website.

Once you have used a link to leave our website, we cannot be responsible for the protection and privacy of any information which you provide on the other site as they are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Changes to our privacy notice

We keep this privacy notice under regular review.  Paper copies of the privacy notice will also be provided on request.

Contact information 

Chris Bond
Telephone: 01243 373992


If you have any concerns about our use of your personal information, you can make contact with us as above where we will strive to address your query.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:           

Information Commissioner’s Office
Wycliffe House
Water Lane

Helpline number: 0303 123 1113

ICO Website: