Privacy Policy

Last updated: 19 May 2026

1. Introduction

Northside Advisory Ltd (trading as "Stamp Duty Direct", "we", "our", "us") is committed to protecting your personal data and respecting your privacy. This privacy policy explains how we collect, use, store, and share your personal information when you use our website, services, and client portal.

Northside Advisory Ltd is registered in England and Wales under company number 16949900, with registered office at Mikar Business Park, Northolt Drive, Bolton, United Kingdom, BL3 6NJ.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

We may collect the following types of personal data:

• Identity data: Full name, title, date of birth
• Contact data: Email address, telephone number, postal address
• Financial data: Bank account details (for refund processing), original SDLT amounts paid
• Property data: Property address, purchase price, completion date, property characteristics
• Tax data: HMRC reference numbers, SDLT receipt details, UTR numbers
• Technical data: IP address, browser type, pages visited (collected automatically via cookies)
• Communication data: Records of correspondence between you and us, including call records and SMS messages

3. How We Collect Your Data

We collect personal data through:

• Our online claim form and eligibility checker
• Our client portal
• The contact form on our website
• Email, telephone, or written correspondence
• Documents you upload (e.g. SDLT receipts, completion statements)

4. How We Use Your Data

We use your personal data for the following purposes:

• To assess your claim: We process your property and tax data to determine whether you have a valid SDLT reclaim
• To manage your claim: We submit claims to HMRC and correspond on your behalf
• To process refunds: We use your bank details to transfer your refund
• To communicate with you: We keep you informed of your claim status and respond to enquiries
• To improve our services: We analyse aggregated, anonymised data to improve our processes
• To comply with legal obligations: We retain records as required by law

5. Legal Basis for Processing

We process your data on the following legal bases:

• Contract: Processing is necessary to perform our agreement with you (assessing and managing your SDLT reclaim)
• Legitimate interests: We have a legitimate interest in operating and improving our business, provided this does not override your rights
• Consent: Where you have given clear consent for us to process your data for a specific purpose (e.g. marketing communications)
• Legal obligation: Where we are required to process data to comply with the law

6. Telephone Contact

Once you instruct us to act on your SDLT reclaim, we may contact you by telephone in connection with your claim — for example, to verify documents, request information required by HMRC, or update you on progress.

This telephone contact forms part of the service you have engaged us to provide. It is not marketing communication, and is lawful as a necessary condition of providing the claim service to you (UK GDPR Article 6(1)(b) — performance of contract). We do not need a separate marketing opt-in to make these service calls.

If, after your claim has started, you would prefer that we only contact you by email or post, you may withdraw consent for telephone contact at any time by emailing info@stampdutydirect.co.uk. Withdrawing consent will not affect the lawfulness of any prior calls and may slow down the progress of your claim where HMRC requires a verbal confirmation.

7. Data Sharing

We may share your personal data with:

• HMRC: As necessary to process your SDLT reclaim
• Professional advisers: Solicitors, accountants, or tax specialists involved in your claim
• Service providers: Third-party processors that assist us in operating our business (e.g. email delivery, SMS delivery, address lookup, secure hosting), who are bound by data processing agreements. See our data processing notice for the full list of subprocessors.

We will never sell your personal data to third parties.

8. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Typically:

• Client identity, claim and financial records: retained for 7 years after the claim is completed (in line with HMRC record-keeping requirements)
• Communication records (email, SMS, call logs): retained for 7 years
• Signed authority forms and supporting documents: retained indefinitely owing to their continued legal value
• Marketing-stage lead data (where no claim is started): retained for 12 months from the date of last contact, then securely deleted

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encrypted data transmission (HTTPS/TLS), secure database storage on Microsoft Azure (UK regions), access controls, and regular security reviews.

10. Your Rights

Under UK GDPR, you have the following rights:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal obligations)
• Restriction: Request that we limit processing of your data
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us at info@stampdutydirect.co.uk.

11. Cookies

Our website uses a small number of cookies — essential cookies that are required for the site to function (such as session and security tokens), and, where you have given consent, analytics and marketing cookies. You can review the categories we use, and change your preferences at any time, in our cookie policy.

12. International Transfers

Our primary infrastructure is hosted on Microsoft Azure in UK data centres. A small number of subprocessors (for example, email and SMS providers) may process data outside the United Kingdom or European Economic Area. Where this is the case, we rely on UK and EU adequacy decisions where available, or on Standard Contractual Clauses with appropriate supplementary measures.

13. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.

14. Contact

If you have questions about this privacy policy or wish to exercise your data rights, contact us at:

• Email: info@stampdutydirect.co.uk
• Phone: 0330 027 0078
• Post: Northside Advisory Ltd, Mikar Business Park, Northolt Drive, Bolton, BL3 6NJ

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.