Privacy Policy

Introduction

By signing up to MTDsorted.co.uk, you are giving us permission to collect and store your details in line with our privacy policy. We may update this privacy policy at any time, it is your responsibility to review periodically to ensure that you still agree to it.

Last updated: 27th April 2025

Cookies

We use cookies to provide you with a better experience when using MTDsorted. These include first-party cookies that get set during login to let us know who you are.

Data Collection & Storage

We collect some personal information during the sign-up process including first name, last name and business details. We also collect your email address at sign up, this is to send marketing and operational emails to you. You are able to opt-out of marketing emails at any time. Any user content uploaded to MTDsorted such as files and receipts will be kept until you either delete the file or closing your account.

For the Scam Email Verification tool, we will keep a copy of the email content and email sender information to help us improve the service. This will be for a maximum of 30 days after uploading the information to the tool.

We use Cloudflare to help keep our website secure and running smoothly. Cloudflare checks that traffic coming to the site looks safe and behaves as expected. If something unusual is spotted, Cloudflare may block that traffic to protect the site. To do this, Cloudflare processes visitors’ IP addresses as part of its service.

Some technical data (such as your IP address) may be processed outside of the UK through Cloudflare's global network. We rely on standard contractual clauses approved by the UK Information Commissioner's Office (ICO) to safeguard any transfers of personal data outside of the UK.

MTDsorted stores all details in a dedicated cloud environment hosted in the United Kingdom. The server is secured with access only being given to directors of the business. The system is also backed up daily to another secure location, also hosted in the United Kingdom.

HMRC Link

In order for MTDsorted to connect to HMRC on your behalf, we ask that you login with your Government Gateway account. The system will take you to the government gateway sign in screen to allow you to authorise MTDsorted. We do not get access to your username or password, nor do we require it. By signing in, you grant MTDsorted access to view, submit and perform actions on your behalf.

Authorisation from HMRC lasts for 18 months however you can revoke it here: Manage permissions for tax software.

Data Sharing

There are certain circumstances that we will share your account details with other parties, these are listed below.

• If we are legally required to, we will share the minimum necessary information.
• When you make a payment to MTDsorted, we securely send your payment details to our payment processor.
• To send emails (like account updates or password resets), we pass your details to our email service provider.
• We use Fathom Analytics to help us understand how people use our website — without tracking you personally.
• We use Cloudflare to protect our website and keep it running smoothly, which involves processing visitor IP addresses for security purposes.
• We use Stripe for any process invoice payments securely and transfer funds directly to your account

We do not sell, share, rent or trade any of your personal details with other third parties.

Email Marketing

We may occasionally send you marketing emails, you are able to opt-out of these emails by unsubscribing through the footer of any of the emails you receive, or by unsubscribing through your Account Settings.

You are not able to unsubscribe from operational emails such as VAT return submission notifications.

Fraud Prevention

In order to comply with HMRC and help prevent fraud, we collect details about your current browser and session. These details are not stored against your record, however are sent alongside any submission to HMRC.

You are not able to opt-out of the collection of this data.

• Timezone - The timezone your device is currently set to.
• Screen Details - This includes width, height, scaling factor and colour depth of all screens connected to your device.
• Window Size - The width and height of the current browser window.
• User Agent - Your browser user agent, identifying the current browser you are using.
• Browser Plugins - The names of all plugins that have access to the current browser window.
• Do Not Track setting - If the 'Do Not Track' header is currently set.

Stripe (Payment Processing)

We use Stripe to process payments made through MTDsorted invoice features. When you create or send an invoice with payment enabled, certain information may be shared with Stripe in order to facilitate the transaction.
This includes:

• Your Stripe account ID
• Invoice details (amounts, descriptions)

Stripe processes this information in accordance with their own privacy policy: https://stripe.com/gb/privacy

Our Legal Bases for Processing

Under data protection law, we need to tell you the legal reasons we collect and use your information. These are:

• Contract: We process your details to provide the services you have signed up for.
• Consent: We send marketing emails only if you have agreed (you can opt out any time).
• Legal obligation: In some cases, we need to keep records to meet legal requirements (for example, fraud prevention and HMRC reporting).
• Legitimate interests: We use basic analytics to help us improve our website without tracking you personally.

Your Rights

Under data protection law, you have rights over your personal information, including the right to:

• Access the personal information we hold about you.
• Correct any mistakes in your information.
• Ask for your information to be deleted.
• Object to certain uses of your information (like direct marketing).
• Request a copy of your information in a portable format.

If you’d like to exercise any of these rights, please contact our support team.

Contact Us

If you have any questions or concerns regarding anything detailed within our privacy policy, please contact our support team.