Privacy Policy

EEBS Privacy Policy

Last updated: March 2026

1. WHO WE ARE

EEBS ("we", "us", "our") provides payroll compliance and CIS contractor management services. We operate the EEBS website at eebs.co.uk and the EEBS Core mobile and web application ("the App").

For questions about this policy or your personal data, contact us at: info@eebs.co.uk

EEBS, 66-68 High Street, Great Baddow, Essex, CM2 7HH

2. WHAT DATA WE COLLECT AND WHY

2.1 Account and identity data

When you register for the App, we collect your name, email address, phone number, company name, and postal address. We use this to create and manage your account and to contact you about the services we provide.

2.2 Payroll and financial data

As part of our payroll compliance service, we process weekly timesheet data including subcontractor names, reference numbers, hours worked, gross pay, tax deducted, VAT, and other payroll figures. This data is necessary to provide our core payroll processing service and to meet HMRC compliance obligations.

2.3 Receipt and expense data

If you use the expense receipt vault feature, we store photographs of receipts you upload, along with extracted data including merchant name, date, and amount. This data is private to you and is not shared with your employer, clients, or any other party. It is provided to support your Making Tax Digital obligations.

2.4 Device and notification data

If you opt in to push notifications, we store a device token to deliver notifications to your device. You can withdraw this consent at any time in the app settings.

2.5 Usage data

We collect basic usage and authentication data to keep your account secure and the App functioning correctly.

3. LEGAL BASIS FOR PROCESSING

We process your personal data on the following legal bases:

- Contract: to deliver the payroll and compliance services you or you employer has engaged us to provide

- Legal obligation: to meet our obligations under HMRC and UK tax law

- Legitimate interests: to operate, maintain and improve the App and our services

- Consent: for push notifications (which you can withdraw at any time)

4. WHO WE SHARE YOUR DATA WITH

We do not sell your personal data. We share data only with the following third party service providers who process it on our behalf:

- Supabase (database and file storage) — servers located in the EU (Ireland). Your data does not leave the EU.

- Anthropic (receipt image analysis via Claude AI) — receipt images are sent for text extraction only and are not stored or used for training by Anthropic.

- SendGrid (transactional email delivery) — used to send account and payroll notifications.

- Expo / Apple / Google (mobile app distribution and push notifications)

All third party providers are contractually obligated to process your data only for the purposes we specify and in accordance with applicable data protection law.

5. HOW LONG WE KEEP YOUR DATA

We retain your personal data for as long as your account is active and for a period of 7 years after the end of our relationship with you, in line with HMRC record-keeping requirements for payroll data.

Receipt and expense data is retained until you delete it. You can delete individual receipts at any time within the App.

6. WHERE YOUR DATA IS STORED

All App data is stored on EU-hosted servers (Ireland). Your data does not leave the European Economic Area. This ensures your data remains protected under UK GDPR and EU GDPR standards.

7. YOUR RIGHTS

Under UK GDPR you have the right to:

- Access the personal data we hold about you

- Correct inaccurate data

- Request deletion of your data (subject to our legal obligations to retain payroll records)

- Object to or restrict certain processing

- Data portability — receive your data in a machine-readable format

- Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at info@eebs.co.uk. We will respond within 30 days.

If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

8. COOKIES

Our website uses cookies for basic functionality and analytics. You can control cookie preferences through your browser settings. The App does not use cookies.

9. CHILDREN

Our services are not directed at anyone under the age of 18. We do not knowingly collect personal data from minors.

10. CAMERA AND PHOTO LIBRARY ACCESS

The EEBS Core App requests access to your device camera and photo library solely to allow you to photograph and upload expense receipts. This access is only used when you explicitly choose to add a receipt.

We do not access your camera or photos at any other time.

11. CHANGES TO THIS POLICY

We will update this policy when our practices change. We will notify you of significant changes by email or via a notice in the App. The date at the top of this policy shows when it was last updated.

12. CONTACT US

For any questions about this privacy policy or your personal data:

Email: accounts@eebs.co.uk

Website: eebs.co.uk

Post: EEBS, 66-68 High Street, Great Baddow, Essex, CM2 7HH

Our team is on hand to help.

Whether you need CIS payroll set up, a compliance review, or just some friendly advice — we're here for you.

🤙 Time to get in touch?

Ready to chat?

Give us a ring on 01245 493832

Prefer to text?

Send us a Whatsapp

Short on time?

Email us at info@eebs.co.uk

🧠Knowledge Hub

Need some answers now?

Browse our knowledge hub for expert articles, videos and resources on CIS payroll, compliance and construction industry regulations.

Visit Resource Hub