Overview
The Privacy & Data page provides tools for GDPR compliance, including per-client data exports and an overview of how Cloudclerk handles data retention and encryption.
Exporting Client Data
Use the data export to fulfil Subject Access Requests (SARs) under GDPR. The export generates an Excel file containing all data held for a specific client.
- 1Open Settings → Privacy & Data under Compliance
- 2In the Client Data Export card, select a client from the dropdown
- 3Click Export Data
- 4The Excel file downloads automatically
The export includes: client details, contacts, AML profiles, documents, invoices, tasks, and time records.
Data exports may be restricted to certain roles depending on your organisation's configuration.
Data Retention Policy
The page displays your organisation's data retention commitments:
- Tax records retained for 6 years — as required by HMRC. Tax documents, returns, and financial records are kept for a minimum of 6 years from the end of the relevant tax period.
- Client PII anonymised on request — personal data can be anonymised upon client request, subject to the 6-year HMRC retention requirement.
- Sensitive data encrypted at rest — AML profile data (NI numbers, UTRs, bank details, passport numbers) and integration tokens are encrypted.
What's Next?
- HMRC Connection — connect to HMRC Agent Services
- Organisation Settings — update your firm details