Privacy and Cookie Policy

Last updated: October 2025

Quinn and Quinn Business are trading names of PAYE for Nannies Ltd, a company registered in England and Wales (Company No. [insert number]), with its registered office at [insert address].

This Privacy and Cookie Policy explains how we collect, use, and protect personal data when providing our services through the Quinn platform and websites.

Throughout this policy:

“We”, “us”, and “our” refer to PAYE for Nannies Ltd trading as Quinn and Quinn Business.
“You” refers to our clients, website visitors, and other individuals whose data we process.

1. Who we are

PAYE for Nannies Ltd acts as the data controller for all client data collected through the Quinn and Quinn Business platforms and websites.

When processing payroll and employment data on behalf of our clients (for example, their employees’ information), we act as a data processor.

You can contact us about data protection at:
Email: [insert DPO or privacy@quinnpayroll.co.uk]
Address: [insert postal address]

2. What this policy covers

This policy applies to:

Visitors to our websites and digital platforms
Clients who use our payroll and employment services
Employees or workers whose data we process on behalf of our clients
Business contacts and suppliers

It describes:

What data we collect
How we use and share it
Your rights under UK data protection law

3. The data we collect

a) Data we collect from clients

We collect personal and contact details when you sign up or communicate with us, including:

Name, address, phone number, and email address
Employer PAYE reference and pension scheme details
Payment and billing information
Communication records and preferences
Login and usage data from our platform

b) Data we process on behalf of clients (employee data)

When you use our payroll services, you provide us with your employees’ data. This may include:

Name, address, contact details, and date of birth
National Insurance number, tax code, pay rate, and deductions
Working hours, holiday, and statutory payments
Pension and payroll details
Employment start and end dates

We process this data solely to provide the payroll and employment services you’ve requested.

c) Data we collect automatically

When you visit our websites or use our platform, we automatically collect:

IP address and browser type
Pages visited and time spent
Device identifiers
Cookie preferences (see Section 9)

4. How we use your data

We use personal data for the following purposes:

Account setup and management: registering clients, verifying details, and managing subscriptions.
Lawful basis: Contract (Article 6(1)(b) UK GDPR)
Payroll processing: running payroll, generating payslips, submitting RTI to HMRC, managing pension enrolment.
Lawful basis: Contract (Article 6(1)(b)) and Legal Obligation (Article 6(1)(c))
Communications: sending service updates and responding to enquiries.
Lawful basis: Legitimate Interest (Article 6(1)(f))
Billing and payments: processing subscription payments and issuing refunds.
Lawful basis: Contract (Article 6(1)(b))
Platform improvement and analytics: monitoring usage, fixing bugs, and enhancing features.
Lawful basis: Legitimate Interest (Article 6(1)(f))
Marketing (limited): informing clients of new features or relevant updates.
Lawful basis: Consent (Article 6(1)(a)), where required
Legal and regulatory compliance: meeting HMRC, pension, and accounting obligations.
Lawful basis: Legal Obligation (Article 6(1)(c))

Payment card data is processed securely by our payment service provider — we do not store or control card details.
We may process limited payment-related data to prevent fraud or comply with anti–money laundering obligations applicable to our banking partners.
If we partner with regulated payment providers, those providers (not Quinn) will be responsible for any regulated payment activities.

5. Who we share data with

We share personal data only where necessary to deliver our services or comply with legal obligations. This may include:

HMRC – for PAYE, RTI, and tax submissions
Pension providers (e.g. NEST) – for auto-enrolment and contribution reporting
Software and IT partners – for secure hosting, data storage, and communications
Professional advisers – for compliance, auditing, or dispute resolution
Regulators or authorities – where required by law

We never sell personal data, and we do not share it with unrelated third parties for marketing.
All third-party providers are contractually bound to keep your data secure and act only on our instructions.

6. Data storage and international transfers

All data processed through the Quinn and Quinn Business platforms is securely hosted in a cloud data centre located in Germany (European Union).

The UK government recognises the EU’s data protection framework as providing an adequate level of protection, so these transfers do not require any additional authorisation.

Where we use other service providers (for example, analytics or email tools), they are contractually bound to provide equivalent protection under UK GDPR or through Standard Contractual Clauses approved by the ICO.

7. Data retention

We retain personal data only as long as necessary to fulfil the purposes described above or as required by law.

For payroll and employment records:

Normally six years after the end of the tax year to which they relate (HMRC requirement)
Longer if there is a legitimate need or legal obligation (e.g. accounting or audit)

After this period, data is securely deleted or anonymised.

8. Your rights

Under UK GDPR, you have the right to:

Access your personal data
Rectify inaccurate or incomplete information
Erase your data where it is no longer needed
Restrict processing in certain circumstances
Port your data to another provider in a machine-readable format
Object to processing based on legitimate interests or for direct marketing
Withdraw consent where processing is based on consent (e.g. marketing emails)

To exercise your rights, contact us using the details in Section 1.
If you are not satisfied with our response, you can complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk.

9. Cookies and analytics

We use cookies and similar technologies to improve our website, enhance user experience, and understand how our services are used.

a) What cookies are

Cookies are small text files stored on your device that help websites function and collect information. Some are essential; others help us analyse performance and improve usability.

b) Types of cookies we use

Essential cookies: required for functionality, authentication, and security
Analytics cookies: used to understand visitor behaviour (e.g. Google Analytics)
Advertising cookies: used in limited cases for remarketing or campaign performance (e.g. Meta Pixel)
Preference cookies: remember settings like language and display preferences

You can manage or delete cookies through your browser settings or our cookie-consent tool. Disabling cookies may affect site functionality.

c) Third-party tools

We may use:

Google Analytics / Tag Manager – for measuring site traffic and performance
Meta (Facebook) Pixel – for remarketing and campaign analytics
LinkedIn Insight Tag – for business marketing analytics

These third-party providers act as separate data controllers for the analytics data they collect.
See their websites for details about their privacy policies and opt-out options.

10. Security

We apply appropriate technical and organisational measures to protect data, including encryption, access controls, secure backups, and regular testing.
Access to personal data is restricted to authorised staff and service providers who need it to perform their duties.

11. Updates to this policy

We may update this policy periodically to reflect legal, technical, or operational changes.
If changes are significant, we’ll notify you through the platform or by email.

Contact us

If you have questions about this policy or your personal data, please contact:
Email: [insert email]
Address: [insert address]