Privacy and Cookies

English | Cymraeg | Gàidhlig | Gaeilge | login | for help email:

Your information (Privacy Notice)

  1. The website uses 'just in time' privacy notices which explain how your information is handled as you type data into an input box.
  2. In the future a summary of all of the privacy notices will be provided on this page, but for now you need to see the notices as you put information in.
  3. The Data Controller is Cirrostratus Exedra Ltd (11540441) (trading as Cirrostratus). ICO Registration ZA305898
  4. The Data Processor is Cirrostratus Exedra Ltd (11540441) (trading as Cirrostratus)
  5. Our Data Protection Officer is Marion Hemming. and you can contact them at
  6. All data is processed in the UK.
  7. No 3rd parties have access to your personal data unless the law allows them to do so. Information may be sent from this website to the authorities to prevent fraud. If you are using the HMRC Apis they require information to be sent to them to prevent fraud. Such information will include details about the device you are using.
  8. Logging: We keep records of all visitors to the site. This includes the IP Address, browser and the pages of our site that you visit as well as the time and dates of the visit.
  9. If you use the facilities to manage teams then we will record the location of those team members.
  10. If you use the facility to record audio and video calls then those calls will be recorded. We also record all telephone calls in order to improve our service.
  11. Any data may be erased at our discretion subject to any contracts we may have with our clients.
  12. We may change our privacy policy from time to time and your use of the site indicates consent to those changes. Substantial changes will be communicated to our clients using their contact details.
  13. We may make use of contact information to contact people for a wide range of purposes including marketing.

Cookies and Local Storage.

The website asks your computer to store information on your storage. These explain what is done.

  1. Cookies. A session cookie is essential to use an account on the website. We assume if you use the system that you consent to this. You can tell your browser not to use cookies, but most of this website then won't work.
      The system uses these cookies:
    • JSESSION is a session cookie which expires when you close your browser (although some browsers maintain this). This is used to remember if you are logged in or not.
    • expires some time after you last use it. This cookie is used to recognise your device so that support questions and other similar comments are not lost.
    • expires when the user exclusivity expires for your device.
    • tells the root domain (used for authorisation of external APIs) what your domain is.

    These cookies are strictly necessary for the operation of the website which is why we use implied consent rather than explicit consent. You can see the cookies (and local storage) by clicking here

  2. The website also sometimes uses local storage. This is where information is stored on your computer to make things run more reliably.
Click here to find out more about cookies

HMRC Notice