Data security and document handling

Data-care principles

Good accounting support starts with knowing what is being sent, why it is needed and how it will be used.

The safest client experience is not just “upload everything”. It is a structured request for the records needed for the specific accounting, tax, VAT, payroll or advisory task.

Gardian’s website should give prospects confidence that document handling is deliberate: fewer scattered email threads, clearer file requests, less duplicate chasing and no unnecessary sensitive information collected through public website pages.

Practical commitments to confirm before launch

Which secure client portal or file-sharing method is approved.
Who monitors inbound documents and enquiry emails.
How long prospect data is retained before engagement.
What privacy, cookie and terms wording is final.
What accounting-software access methods are acceptable.

Document checklist

Send the records that match the job — not private data for the sake of it.

Company accounts / Corporation TaxBank statements, bookkeeping exports, sales invoices, supplier bills, payroll summaries, director transactions and year-end queries where requested.

Self AssessmentIncome summaries, expense evidence, P60/P45 where relevant, dividend vouchers, pension/gift-aid records and other income details requested for the return.

VAT / payroll / CISSales and purchase records, VAT reports, payroll changes, CIS deductions and payment records needed for the relevant period.

Management accountsCurrent bookkeeping, bank reconciliation status, debtor/creditor notes, payroll/VAT position and owner questions about cash, profit or tax set-aside.

Safe boundaries

The public website should not collect high-risk accounting data.

The Fit Check and quick contact routes should collect enough context to route the enquiry, not full tax records or bank/accounting files.

Approval boundary: live forms, CRM delivery, booking tools, client portals, bank feeds, accounting-software integrations and public data uploads require Alex/Gardian approval, privacy wording and technical review before use.

Use the website for

Name, business type and contact details.
Broad issue: tax, records, VAT, payroll, Self Assessment or cashflow.
Deadline urgency and current accountant/software context.
Preferred contact route.

Do not use the website for

Bank statements or accounting data uploads.
Payroll files or employee personal data.
Tax references, UTRs or Companies House authentication codes.
Full document packs before a secure process is agreed.

Portal and workflow readiness

A future client portal should feel like a request desk, not a black box.

Gardian’s digital workflow can become a strong trust signal if it makes document requests, deadlines and review status easier for clients to understand.

Feature

What it should do

Launch boundary

Document requests

Ask for specific files by task, deadline and period.

Only after secure upload route is approved.

Status dashboard

Show received, missing, in review and filed status.

Do not imply live status tracking until built.

Reminder workflow

Reduce missed records and deadline chasing.

Consent and delivery method must be confirmed.

Accounting software access

Connect records to review work where useful.

No bank/accounting data integration without approval.

Need to send records now?

Use direct contact first and wait for Gardian to confirm the right secure method for the documents involved.

For a new enquiry, start with the Fit Check or contact page so Gardian knows the business type, deadline and issue before asking for sensitive files.

Best next step

Use the Fit Check for routing. Use the contact page if you already know the service you need. Do not email sensitive files until Gardian confirms the appropriate process.

Start the Fit Check Contact Gardian

Accounting records need a clear, careful document workflow.