Privacy Policy
TaxBridge — Making Tax Digital Services
Version 1.0
Effective Date: 01/02/2026
Last Reviewed: March 2026
Neuro-Symbolic Ltd
Company Registration Number: 16780511
Registered Address: 3rd Floor, 86-90 Paul Street, London EC2A 4NE
ICO Registration Number: 234252305
1. Introduction
Neuro-Symbolic Ltd (“we”, “our”, “us”) is a company registered in England and Wales. We are the data controller responsible for the personal data we collect and process through our TaxBridge product suite, including any services related to HM Revenue & Customs (“HMRC”) Making Tax Digital (“MTD”) submissions.
This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use TaxBridge to manage your tax obligations, including the submission of quarterly updates and final declarations to HMRC under the MTD for Income Tax Self Assessment programme.
We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable data protection legislation.
By using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, you should not use our services.
1.1 About TaxBridge and HMRC MTD
TaxBridge is a workflow automation platform that, among other functions, enables self-employed individuals (sole traders) to capture their income and expense data, prepare quarterly updates, and submit those updates directly to HMRC via HMRC’s Making Tax Digital APIs. TaxBridge is seeking HMRC recognition as a software provider under the MTD for Income Tax Self Assessment programme. The current release supports quarterly updates for self-employed sole traders; final declaration and property/landlord features (referred to elsewhere in this Policy) are planned for a future release.
When you use TaxBridge, we act as an independent data controller for the personal data we process to provide the Service — including your financial data, account information, usage data, and the fraud-prevention data required by HMRC. Where we provide the Service to a business client under arrangements that require us to act as a data processor on their behalf, separate data-processing terms will apply.
2. Data We Collect
2.1 Data You Provide Directly
When you register for and use TaxBridge, you may provide us with the following personal data:
Account Information
- Full name
- Email address
- Business name and trading name (if applicable)
- Business address
Tax-Related Information
- Unique Taxpayer Reference (UTR)
- National Insurance number
- HMRC Government Gateway credentials (we never store these; they are used solely during the OAuth 2.0 authorisation flow with HMRC)
- Income and expense records for each reporting period
- Details of self-employment income sources
- Details of UK and foreign property income
- Allowances and reliefs claimed
- Year-end adjustment figures
Payment Information
We use Stripe as our payment processor. We do not store your full credit or debit card details. Stripe processes and stores your payment information in accordance with PCI DSS Level 1 standards. We retain only the last four digits of your card number and the card expiry date for your reference.
2.2 Data We Collect Automatically
When you use TaxBridge, we automatically collect certain technical and usage data:
Device and Browser Data (Fraud Prevention Headers)
HMRC requires all MTD-compatible software to collect and transmit fraud prevention data with every API request. This is a legal requirement under the MTD regulations. The data we collect for this purpose includes:
| Header | Data Collected | Purpose |
|---|---|---|
| Gov-Client-Connection-Method | How your device connected (web application via our server) | Fraud detection |
| Gov-Client-Browser-JS-User-Agent | Browser user agent string | Device identification |
| Gov-Client-Device-ID | A persistent unique device identifier (UUID) | Device continuity tracking |
| Gov-Client-Screens | Screen dimensions, colour depth, scaling factor | Device fingerprinting |
| Gov-Client-Timezone | Your device’s local timezone | Fraud detection |
| Gov-Client-Window-Size | Browser window dimensions | Device fingerprinting |
| Gov-Client-Local-IPs | Local network IP addresses (may include mDNS addresses) | Network identification |
| Gov-Client-Public-IP | Your public IP address as seen by our server | Network identification |
| Gov-Client-Public-IP-Timestamp | The time at which your public IP was captured | Audit trail |
| Gov-Client-Public-Port | Your TCP source port | Session identification |
| Gov-Client-User-IDs | A pseudonymous identifier linking the request to your TaxBridge account | Account linkage |
| Gov-Client-Multi-Factor | Multi-factor authentication details (if used) | Authentication verification |
This data is collected at the point of submission and transmitted to HMRC as HTTP headers alongside your tax data. We do not use this data for any purpose other than HMRC compliance, and we do not retain a separate server-side copy of these header values after they have been transmitted to HMRC.
Usage Data
- Pages visited and features used within TaxBridge
- Workflow creation and completion events
- Timestamps of interactions
- Error logs and diagnostic data
Where we retain data to improve spreadsheet parsing or layout detection, we limit that retained data to anonymised structural metadata, such as sheet layout, header patterns, data-type patterns, row and column counts, formatting markers, and parser diagnostics. We do not intentionally retain transaction amounts, payee names, descriptions, or other financial content for parser training or model improvement.
For our free spreadsheet check, we instantly discard all financial figures, names, and personal data immediately after analysis. We securely retain only anonymised structural data, such as derived header signatures, layout patterns, file formats, and parser diagnostics, strictly to improve our software’s parsing algorithms and robustness.
This free-scan retention model is separate from the authenticated filing and HMRC submission path. If you sign in and upload a spreadsheet for filing preparation, draft preparation, or HMRC filing, we retain the underlying spreadsheet and related audit records as required to provide the service and maintain a proper submission trail.
2.3 Data We Receive from Third Parties
HMRC
When you authorise TaxBridge to connect to your HMRC account, HMRC provides us with OAuth 2.0 access tokens and refresh tokens that allow us to make API calls on your behalf. HMRC may also return calculation results, acknowledgement references, and obligation period details in response to our API calls.
3. How We Use Your Data
3.1 Legal Bases for Processing
Under the UK GDPR, we process your personal data on the following legal bases:
| Purpose | Legal Basis (UK GDPR) | Details |
|---|---|---|
| Providing our services (account management, workflow execution, MTD submissions) | Article 6(1)(b) — Performance of a contract | Processing is necessary to deliver the services you have subscribed to. |
| HMRC fraud prevention header collection and transmission | Article 6(1)(c) — Legal obligation | We are legally required by HMRC’s MTD regulations to collect and transmit fraud prevention data with every API request. |
| Tax data submission to HMRC | Article 6(1)(b) — Performance of a contract | You instruct us to submit your tax data to HMRC as part of the service. |
| Service improvement and error diagnosis | Article 6(1)(f) — Legitimate interests | We have a legitimate interest in improving our service and resolving technical issues. We minimise the data used for this purpose. |
| Billing and payment processing | Article 6(1)(b) — Performance of a contract | Processing is necessary to take payment for the submissions you purchase. |
| Communication (service notifications, deadline reminders) | Article 6(1)(b) — Performance of a contract | Notifications about your MTD deadlines and submission status are integral to the service. |
| Security monitoring and fraud prevention | Article 6(1)(f) — Legitimate interests | We have a legitimate interest in protecting our systems and your data from unauthorised access. |
3.2 Special Category Data
We do not intentionally collect any special category data (such as health data, racial or ethnic origin, political opinions, or biometric data). Our services are designed to process financial and tax information only. If you inadvertently include special category data in free-text fields (for example, in workflow notes), we will not use that data for any purpose and will delete it upon request.
3.3 National Insurance Numbers
Your National Insurance number is classified as a “special identifier” under UK data protection practice. We process your National Insurance number solely for the purpose of identifying you to HMRC for MTD submissions. It is stored in an encrypted form (AES-256) and is never used for any other purpose, shared with any third party other than HMRC, or included in application logs.
4. Who We Share Your Data With
We share your personal data only with the following categories of recipients, and only to the extent necessary for the stated purposes:
| Recipient | Data Shared | Purpose | Legal Safeguard |
|---|---|---|---|
| HM Revenue & Customs (HMRC) | Tax data (income, expenses, adjustments), fraud prevention headers, UTR, NI number | Statutory MTD submissions on your instruction | Legal obligation (MTD regulations) |
| Stripe, Inc. | Email address, payment card details (processed directly by Stripe) | Payment processing | Data Processing Agreement; PCI DSS Level 1; Standard Contractual Clauses for any US transfer |
| Postmark (email delivery) | Email address, notification content | Sending service notifications and filing reminders. Product updates are sent only if you separately opt in. | Data Processing Agreement |
| Hetzner Online GmbH | All service data (hosted on Hetzner infrastructure) | Infrastructure hosting | Data Processing Agreement; data stored in EU data centres |
| Supabase, Inc. | Email address; authentication and session tokens | Account sign-in and session management (magic-link authentication) | Data Processing Agreement; Standard Contractual Clauses for US transfer |
| Backblaze, Inc. (B2) | Encrypted submission archives and audit records | Tamper-proof, write-once audit storage | Data Processing Agreement; EU region; encrypted at rest; SCCs for the US-headquartered provider |
| Anthropic, PBC | Transaction descriptions, amounts, dates and sheet structure — no identity data | AI categorisation and error-flagging of your spreadsheet | Zero-data-retention agreement (not retained, not used for training); UK IDTA / Standard Contractual Clauses for US transfer |
We do not sell your personal data to any third party. We do not share your data with advertisers, data brokers, or marketing platforms. We do not use your financial data for any purpose other than providing the services you have subscribed to.
4.1 International Transfers
Where any of our sub-processors transfer personal data outside of the United Kingdom, we ensure that appropriate safeguards are in place in accordance with UK GDPR Article 46. These safeguards include the UK International Data Transfer Agreement (UK IDTA) or the UK Addendum to the EU Standard Contractual Clauses, as applicable.
Our primary infrastructure (Hetzner) is located within the European Union. HMRC’s API servers are located within the United Kingdom.
5. Data Retention
We retain your personal data for only as long as necessary to fulfil the purposes for which it was collected, or as required by law. The specific retention periods are as follows:
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account information (name, email, business details) | While your Account is open, plus 12 months after closure | To allow for reactivation and to resolve any post-cancellation queries |
| Tax submission data (income, expenses, quarterly updates) | 7 years from the end of the relevant tax year | HMRC may enquire into a tax return for up to 6 years (12 years in cases of fraud); 7 years provides a reasonable compliance margin. Submission data is stored in encrypted EU-based write-once storage that cannot be modified or deleted during the retention period, even by TaxBridge staff. |
| Supporting spreadsheets | 7 years from the date of submission | Archived in encrypted, tamper-proof EU storage upon successful HMRC submission. |
| HMRC submission confirmations and acknowledgement references | 7 years from the date of submission | Proof of submission in the event of an HMRC enquiry |
| HMRC OAuth tokens | While your Account is connected to HMRC; securely deleted upon account closure or disconnection | Required for ongoing API access; no value after disconnection |
| Fraud prevention header values | Not separately retained after transmission to HMRC | Sent to HMRC at the point of submission; not stored server-side afterwards (your device ID persists as a cookie — see the Cookies section) |
| National Insurance number and UTR | While your Account is open; securely deleted within 30 days of account closure | Required for HMRC API calls; no legitimate purpose after account closure |
| Payment and billing records | 7 years from the date of transaction | UK tax and accounting obligations for our own business records |
| Usage logs and diagnostic data | 12 months from collection | Service improvement and error diagnosis |
| Device ID (persistent UUID) | Until you clear your browser cookies or close your account | HMRC fraud prevention compliance |
When data reaches the end of its retention period, it is securely deleted using cryptographic erasure (for encrypted data) or secure overwrite (for unencrypted data). Deletion is performed automatically by scheduled processes and is verified by audit logs.
In particular, free spreadsheet checks are processed transiently. We do not retain the uploaded spreadsheet, financial figures, names, or transaction descriptions after the scan completes. Only anonymised structural metadata needed to improve parsing reliability is retained from that free-scan path. By contrast, authenticated uploads used for filing preparation, draft preparation, or HMRC submission may be retained for audit, compliance, and service-delivery purposes in accordance with this policy.
6. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These measures include:
6.1 Technical Measures
- Encryption in transit: All data transmitted between your browser and our servers, and between our servers and HMRC, is encrypted using TLS 1.3.
- Encryption at rest: Sensitive data (National Insurance numbers, UTRs, OAuth tokens) is encrypted using AES-256 with envelope encryption. Encryption keys are stored separately from the encrypted data.
- Multi-tenant isolation: All database queries are scoped to your tenant identifier using PostgreSQL Row Level Security. Your data is logically separated from all other users’ data at the database level.
- Authentication: Access to your account is protected by email-based magic link authentication. Sessions use short-lived JSON Web Tokens (15-minute expiry) with server-side refresh tokens.
- Infrastructure security: Our servers run hardened Docker containers with read-only filesystems, no root access, and minimal attack surface. Network access is restricted by firewall rules.
- Dependency monitoring: We continuously scan our software dependencies for known vulnerabilities and apply security patches promptly.
6.2 Organisational Measures
- Access to personal data is limited to personnel who require it to provide the service.
- All personnel with access to personal data are bound by confidentiality obligations.
- We maintain an incident response procedure to detect, report, and investigate personal data breaches.
- We conduct periodic reviews of our security measures and update them as necessary.
6.3 HMRC Fraud Prevention Data Security
The fraud prevention data we collect on behalf of HMRC is transmitted directly to HMRC as HTTP headers at the time of each API request. This data is not used for any purpose other than statutory compliance. We do not retain a server-side copy of the header values after they are transmitted to HMRC; your submission’s audit record retains the HMRC correlation reference for the submission, not the raw fraud-prevention values.
7. Your Rights
Under the UK GDPR, you have the following rights in relation to your personal data. You can exercise any of these rights by contacting us at the details provided in Section 11.
| Right | Description | Any Limitations |
|---|---|---|
| Right of access (Article 15) | You can request a copy of all personal data we hold about you. | We will provide this within 30 days of your request. |
| Right to rectification (Article 16) | You can ask us to correct any inaccurate or incomplete personal data. | You can also update most information directly within TaxBridge. |
| Right to erasure (Article 17) | You can ask us to delete your personal data. | We may be unable to delete data that we are legally required to retain (e.g., tax submission records for 7 years, or data subject to an active HMRC enquiry). We will inform you of any such limitations. |
| Right to restriction (Article 18) | You can ask us to restrict how we process your data in certain circumstances. | For example, while we verify the accuracy of data you have disputed. |
| Right to data portability (Article 20) | You can request your data in a structured, commonly used, machine-readable format. | We provide data exports in JSON format. |
| Right to object (Article 21) | You can object to processing based on our legitimate interests. | We will stop processing unless we demonstrate compelling legitimate grounds. |
| Right to withdraw consent | Where processing is based on consent, you can withdraw it at any time. | Withdrawal does not affect the lawfulness of processing before withdrawal. |
| Right to lodge a complaint | You can complain to the Information Commissioner’s Office (ICO). | ICO website: ico.org.uk. Telephone: 0303 123 1113. |
7.1 Right to Erasure and HMRC Data
If you request deletion of your account, we will:
- Immediately revoke your HMRC OAuth tokens and disconnect TaxBridge from your HMRC account.
- Delete your account information, contact details, and preferences within 30 days.
- Securely delete your National Insurance number and UTR within 30 days.
- Hold no server-side copy of your fraud-prevention header values to delete — these are sent to HMRC at the point of submission and are not stored by us afterwards.
HMRC submission archives are not routinely deleted during the retention period. We retain submission archives for up to seven years — to provide the Service, preserve an audit trail, support any HMRC enquiry, and meet our legal and accounting obligations. Where retention is necessary to comply with a legal obligation, or for the establishment, exercise or defence of legal claims, your right to erasure may be limited accordingly (UK GDPR Article 17(3)). Archived spreadsheets are stored in encrypted, tamper-proof write-once storage in the EU and are automatically deleted after the retention period expires. We will inform you of the specific retention expiry dates for your submissions upon request.
We will confirm the actions taken in writing within 30 days of your request.
8. Cookies and Local Storage
8.1 Essential Cookies and Storage
We use a minimal set of cookies and browser local storage that are strictly necessary for the operation of TaxBridge:
| Name / Key | Type | Purpose | Duration |
|---|---|---|---|
| session_token | Cookie (Secure, SameSite=Lax) | Authenticates your session with our servers | Session (refreshed automatically until you sign out) |
| tb_device_id | Cookie (SameSite=Lax) | A persistent device UUID used to build the HMRC fraud-prevention header (Gov-Client-Device-ID) | Persistent (up to 5 years, or until you clear cookies) |
| sb-<project>-auth-token | Cookie (Secure, SameSite=Lax) | Supabase authentication/session token that keeps you signed in (set by our auth provider) | Session (refreshed until you sign out) |
8.2 No Third-Party Tracking
We do not use any third-party analytics cookies, advertising cookies, or tracking pixels. We do not use Google Analytics, Facebook Pixel, or any similar third-party tracking technology. All usage analytics are collected server-side using our own infrastructure.
9. AI-Assisted Processing and Automated Decision-Making
9.1 How We Use AI
TaxBridge uses artificial intelligence to assist you in capturing and structuring your workflow data, including income and expense information for MTD submissions. Specifically:
- Our AI elicitation system uses a three-agent deliberation process to help you describe and capture your business workflows and financial data through guided conversation.
- AI may suggest categories for your expenses or income based on your descriptions. These suggestions are always presented for your review and approval before any data is submitted.
- AI may identify potential gaps or inconsistencies in your data and prompt you to review them.
9.2 No Solely Automated Decisions
We do not make any decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you (within the meaning of UK GDPR Article 22). In particular:
- No tax calculation, quarterly update, or final declaration is submitted to HMRC without your explicit review and approval.
- AI-generated suggestions for expense categorisation or data completeness are advisory only and require your confirmation.
- Your HMRC submissions are always presented to you in plain language for review before the “Submit” action is taken.
9.3 AI and Your Data
To categorise your transactions and flag likely errors, TaxBridge sends transaction data from your spreadsheet — descriptions, dates, amounts, and the sheet’s structure — to Anthropic, our AI processor (the Claude models). We do not send your identity data — your name, email address, National Insurance number, UTR, and business-registration details are never included. Anthropic processes this data under a zero-data-retention agreement: your data is used only to return the result for your request and is not retained by Anthropic afterwards, and it is not used to train AI models. Anthropic is based in the United States, so this involves an international transfer of data (see Section 8); we rely on the UK International Data Transfer Agreement or Standard Contractual Clauses for that transfer. We do not sell your data or use it for advertising.
10. Children’s Privacy
TaxBridge is a business and tax management service and is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that data promptly.
11. Contact Information
If you have any questions about this Privacy Policy, wish to exercise any of your rights, or have concerns about how we handle your personal data, you can contact us using the following details:
Data Controller: Neuro-Symbolic Ltd
Email: privacy@neuro-symbolic.co.uk
Postal Address: 3rd Floor, 86-90 Paul Street, London EC2A 4NE
We aim to respond to all privacy-related enquiries within 14 days and to all formal data subject requests within 30 days, as required by the UK GDPR.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practices. When we make material changes, we will:
- Notify you by email at least 14 days before the changes take effect.
- Display a prominent notice within TaxBridge.
- Update the “Effective Date” and “Last Reviewed” dates at the top of this document.
Non-material changes (such as typographical corrections or clarifications that do not alter the substance of the policy) may be made without advance notice but will be reflected in the “Last Reviewed” date.
Previous versions of this Privacy Policy are available upon request.
13. HMRC-Specific Disclosures
This section provides additional transparency about our interaction with HMRC, as required for software providers participating in the Making Tax Digital programme.
13.1 Our Role as an MTD Software Provider
Neuro-Symbolic Ltd is seeking HMRC recognition as a software provider for Making Tax Digital for Income Tax Self Assessment. Once recognition is granted, our HMRC-recognised application details will be published here.
13.2 What HMRC Receives
When you instruct TaxBridge to submit a quarterly update or final declaration, we transmit the following to HMRC:
- Your income and expense figures for the relevant period.
- Your Unique Taxpayer Reference and National Insurance number (as identifiers).
- Fraud prevention headers as detailed in Section 2.2 of this policy.
- OAuth 2.0 bearer tokens that authenticate the request as authorised by you.
13.3 HMRC’s Use of Fraud Prevention Data
HMRC uses the fraud prevention data we transmit to support the detection and prosecution of tax fraud. HMRC’s collection of this data is authorised by the Income Tax (Digital Requirements) Regulations 2021. For more information about how HMRC handles your data, please refer to HMRC’s own privacy notice at gov.uk/government/publications/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you.
13.4 Your Control Over HMRC Submissions
You retain full control over what data is submitted to HMRC through TaxBridge:
- No submission is made without your explicit instruction (clicking “Submit” after reviewing the data).
- You can review the exact figures that will be submitted before confirming.
- You can disconnect TaxBridge from your HMRC account at any time by revoking access in your HMRC Government Gateway settings or by contacting us.
- You remain legally responsible for the accuracy of the data submitted to HMRC, as required by the MTD regulations. TaxBridge is a submission tool, not a tax adviser.
13.5 HMRC Enquiries
In the event of an HMRC enquiry into any submission made through TaxBridge, we will:
- Provide you with copies of all submission data and acknowledgement references we hold for the relevant period, upon your request.
- Co-operate with HMRC to the extent required by law, but we will not disclose your data to HMRC beyond what was included in the original submissions unless compelled to do so by a lawful order.
- Notify you promptly if we receive any direct request from HMRC for your data, unless prohibited from doing so by law.
14. Document Control
| Version | Date | Author | Changes |
|---|---|---|---|
| 1.0 | 01/02/2026 | Neuro-Symbolic Ltd | Initial version |
© Neuro-Symbolic Ltd 2026. All rights reserved.