Home Privacy Policy

Legal

Privacy Policy

Last updated: April 2026

Ambit is committed to protecting the confidentiality, integrity, and proper use of personal and business information entrusted to us.

This Privacy Policy explains how we collect, use, manage, and safeguard information in the course of our business operations. It applies to information provided to us directly, obtained through our website, or received in connection with the delivery of our accounting, tax, and advisory services across the United Kingdom, United States, Canada, and the United Arab Emirates.

1 About Ambit

In this policy, "Ambit", "we", "us", or "our" refers to the group of entities operating under the Ambit name.

Depending on the nature of the engagement, we may act as a data controller or data processor. Where we process data on behalf of clients, such processing is carried out strictly in accordance with client instructions and applicable legal requirements.

2 Scope of This Policy

This policy applies to:

clients and prospective clients
website visitors
business contacts and suppliers
individuals whose information is processed in the course of providing services

It covers information collected directly from individuals as well as information provided to us by clients or third parties in connection with our services.

3 Information We Collect

We collect information only where it is necessary for legitimate business purposes or to fulfil our professional obligations.

3.1

Identity and Contact Information

Names, business contact details, job titles, and related information required to establish and maintain professional relationships.

3.2

Financial and Business Information

Accounting records, financial statements, transactional data, tax information, and other data necessary for the provision of services.

3.3

Employment and Payroll Data

Employee-related information where payroll or related services are provided.

3.4

Communication Records

Correspondence, instructions, and other information shared during engagements.

3.5

Technical and Website Information

IP addresses, browser details, and general usage data collected through our website for security and performance purposes.

We do not seek to collect excessive information and limit collection to what is proportionate and relevant.

4 How Information Is Obtained

Information may be obtained:

directly from you through meetings, correspondence, or engagement processes
via our website, including enquiry or contact forms
from third parties acting on your behalf, including advisers or service providers
through systems, platforms, or integrations used as part of service delivery

Where information is provided via our website, it is done voluntarily.

5 Use of Information

Information is used in the normal course of our business to:

deliver accounting, tax, payroll, and advisory services
manage and administer client engagements
comply with legal, regulatory, and professional obligations
communicate with clients and respond to enquiries
maintain internal records, billing, and reporting

We may also use information to improve service quality, internal processes, and operational efficiency.

We do not use personal data for purposes that are incompatible with those outlined above, and we do not sell personal data.

6 Legal Basis for Processing

Where applicable, we process personal information on one or more of the following bases:

performance of a contract or engagement
compliance with legal or regulatory obligations
legitimate business interests, including service delivery and administration
consent, where required

7 Disclosure of Information

We do not disclose personal information except where necessary and appropriate. Information may be shared:

with regulatory authorities, courts, or government bodies where required
with professional advisers, auditors, or legal representatives
with trusted service providers supporting our operations
within our organisation for the purposes of service delivery

All such disclosures are subject to appropriate confidentiality and data protection requirements.

8 International Data Transfers

Given the cross-border nature of our services, information may be processed in multiple jurisdictions, including the United Kingdom, United States, Canada, and the United Arab Emirates.

Where information is transferred across borders, we ensure that appropriate safeguards are in place to maintain a level of protection consistent with applicable data protection laws.

9 Data Security

We maintain a structured and risk-based approach to information security. Our security framework includes:

infrastructure aligned with GCC 4.0 standards
role-based access controls and restricted system access
encryption and secure data handling practices
monitoring and audit controls
confidentiality obligations for all personnel

ISO 27001 Certified

Ambit is ISO 27001 certified, demonstrating that our information security management systems are aligned with internationally recognised standards. This includes defined governance structures, risk assessment procedures, and ongoing monitoring of controls.

While we take appropriate steps to safeguard information, no system can guarantee absolute security, particularly in relation to internet-based transmission.

10 Data Retention

We retain information only for as long as necessary for:

the provision of services
compliance with legal and regulatory requirements
the establishment, exercise, or defence of legal claims
maintaining appropriate business records

Retention periods may vary depending on the nature of the information and applicable legal obligations.

Where information is no longer required, it is securely deleted or archived.

11 Confidentiality

All information provided to us is treated as confidential, subject to legal and regulatory obligations.

We apply internal controls to ensure that access to information is limited to those who require it for legitimate business purposes.

12 Your Rights

Depending on your jurisdiction, you may have rights in relation to your personal information, including:

access to information held about you
correction of inaccurate or incomplete data
deletion or restriction of processing, where applicable
objection to certain types of processing

We will respond to such requests in accordance with applicable legal requirements.

13 Cookies and Website Usage

Our website may use cookies and similar technologies to:

improve functionality and user experience
analyse website usage
maintain security

You may manage or disable cookies through your browser settings.

14 Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the content or privacy practices of such websites.

15 Changes to This Policy

We may amend this Privacy Policy from time to time to reflect changes in legal requirements, regulatory expectations, or business operations.

The most current version will be made available on our website.

16 Contact

For any questions or requests relating to this Privacy Policy:

nishant@ambitsol.co

Operational support across finance functions and shared services.

Recruitment process outsourcing for growing teams.