← Back to home

Privacy Policy

Last updated: 9 May 2026

1. Who we are

MouAnalytics Finance ("we", "us", "our") is a SaaS product operated by Mou Consulting Limited, a company registered in England and Wales. We are the data controller for the personal data described in this notice. You can contact us at equiries@mouconsulting.co.uk.

2. Purposes of processing

As required by the Information Commissioner's Office (ICO), we set out below the specific purposes for which we process your personal and financial data:

  • Providing the MouAnalytics Finance platform — creating and managing your account, authenticating you, and delivering the dashboard and analyses you request.
  • Processing financial data to generate tax estimates — we process financial information you provide (such as revenue, expenses, payroll, balance sheet figures, and accounting integrations) to produce UK tax estimates, profitability analysis and action plans. These outputs are algorithmic estimates, not regulated tax advice.
  • Service communications and support — responding to enquiries, sending transactional emails (e.g. welcome, billing, security alerts) and providing customer support.
  • Billing and subscription management — processing payments and managing subscription plans via our payment processor.
  • Service improvement and security — monitoring usage, debugging, preventing fraud and abuse, and improving the accuracy of our analytical models.
  • Legal and regulatory compliance — meeting our obligations under UK tax, accounting, anti-money-laundering and other applicable laws.

3. Lawful bases (UK GDPR Article 6)

  • Contract — to provide the platform and the services you sign up for.
  • Legitimate interests — to secure, operate and improve our service, balanced against your rights and freedoms.
  • Legal obligation — to retain financial records and respond to lawful requests.
  • Consent — for non-essential cookies and any optional marketing communications. You may withdraw consent at any time.

4. Categories of data we collect

  • Account data — name, email, hashed password, business profile.
  • Financial data — revenue, expenses, payroll, cost of sales, balance sheet line items, sector, and other figures you enter manually, import from CSV, or sync from connected accounting software.
  • Usage data — pages viewed, analyses run, feature interactions, IP address, browser and device information.
  • Communications — emails and support messages you send us.
  • Billing data — subscription status, plan, invoices. Card details are handled directly by our payment processor and never stored on our servers.

5. Sources of data

We collect data directly from you (account sign-up, manual entry, CSV uploads), from accounting integrations you authorise, and automatically through your use of the platform.

6. Recipients and processors

We share data only with vetted processors acting on our instructions, including:

  • Lovable Cloud / Supabase — hosting, authentication and database.
  • Stripe — payment processing.
  • AI Gateway providers — generating analytical narratives from your inputs.
  • Email delivery providers — transactional email.

We do not sell your personal data. We may disclose data where required by law or to protect our legal rights.

7. International transfers

Where data is transferred outside the UK, we rely on appropriate safeguards such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or adequacy decisions.

8. Retention

We retain account and personal data for as long as your account is active. Financial records are retained for at least 7 years after the end of the relevant accounting period to align with HMRC record-keeping requirements. Backups are deleted on a rolling schedule.

9. Security

We use TLS encryption in transit, encryption at rest, role-based access controls, and row-level security on the database to protect your information. No system is perfectly secure, but we work hard to safeguard your data.

10. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate data rectified.
  • Request erasure where applicable.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with the Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, email equiries@mouconsulting.co.uk.

11. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email or in-app notice.