GDPR Tax Credits

Business Owners and Accountants

Research has shown that at least 90% of UK companies are GDPR non-compliant even though many think they are. For example, Is your company registered with the Information Commissioner’s Office (ICO)?

Millions of UK companies are not.

Many claim companies and law firms previously involved in claiming PPI are retraining for their next colossal opportunity by claiming GDPR compensation from UK companies.

A quick internet search for ‘GDPR compensation No Win no Fee’, and you will find more and more claim firms are popping up, looking for claimants.

With an increase in GDPR data breaches and the astronomical fines given – British Airways were recently fined £20m for data breaches. Ideally, every company should be preparing a GDPR Compensation claims pot in case of being sued.

The reality is that the vast majority of UK businesses do not. Instead, the protection fund expands the declared gross profits, resulting in more Corporation tax going to HMRC than is necessary.

Our GDPR partners specialise in GDPR Tax Credits and have developed algorithms to calculate the level and value of GDPR claims risk specific to an individual company.

We work closely with their team led by the former head of data privacy at three leading banks, who have advised clients such as Dell, Volvo and Hilton Hotels.

Typically, once our GDPR partners understand what a client does to acquire, hold, and use data, they can put a monetary value on that risk; thus, they can reclaim up to 2 years of Corporation Tax from HMRC for our clients.

  • Have you paid more than £20,000 Corporation Tax in total in the last two years?

  • Would obtaining the majority of the tax back in cash be helpful?

  • Would seeing the money arrive in your bank account within 6-8 weeks be useful?

Business Owners and Accountants

The General Data Protection Regulations or GDPR applies to every business, organisation and club in the United Kingdom, regardless of size.

The instant a GDPR rule is not followed, for example, a Privacy Notice is not given, it is defective, or it not in the right form, or is not given at the right point in the flow; an individual is automatically due to a claim for financial compensation.

Huge organisations such as Google are being sued for significant sums because they failed to provide the right kind of notice at the right point in time.

Google has already lost a similar case back in 2015; the Court of Appeal was against them so they took it to the Supreme Court then confidentially settled before judgement because they knew they would lose, and the financial ramifications would be huge.

The principle and position of this case apply to all businesses. If they have failed to follow even one of the 99 GDPR tax credit rules, they have given the claims away to every customer they hold data for.

All the customer now needs to do is bring a claim against the business.

Data Breaches

At some point, all businesses will be affected by a data breach (if they haven’t already), and general privacy rule non-compliance or failure to address these aspects could be deemed a breach of fiduciary duty; correspondingly, failure to advise clients of this risk (by accountants or solicitors) will certainly lead to compensation claims under Professional Indemnity insurance which will potentially be almost impossible to defend.

Data breaches are becoming a huge issue both in the UK and throughout Europe.

Company Directors Are Personally Liable

Personal data is a risk. With the risk comes liability for which directors can be personally liable.
That means the directors houses, cars, savings, shares and pensions are personally at risk from not being compliant with the rules of GDPR.

How Can Business Bank UK Help?

By bringing GDRP Tax Credits legal knowledge and accounting principles together, our GDPR specialist partner team will look at a business’s GDPR compliance procedures and documents and produce a 30-page report that can identify any breaches and quantify the financial risk to that business.

The report can then be used to add a provision for this risk in the business’s annual accounts.

Data Guardsman

Insurance policy granted by Hiscox Insurance for up to £250,000

Protect Against Exposure

Reduce your exposure to risk, cybercrime, bad press and fines

Quick Turn Around

Receive your claim back from HMRC within a few weeks

Send With Confidence

Trusted providers that work closely with accountants and HMRC

What Does The GDPR Tax Credits Provision Do?

The provision reflects the likely level of claims and costs a business faces because it is not GDPR compliant.

In accounting terms, it reduces the amount of profit on which you pay tax as a business. It does not reduce
the amount of cash in the business, just the amount going out in tax.

As the GDPR rules changed in 2018 and because HMRC will allow you to amend the last two years tax returns, BBUK’s partner can assist with recovery of tax paid in the last two years.

Why Is It A Provision?

The standards our partner has considered are FRS102 and IAS 37.

Which, in short, say:
(a) the entity has an obligation at the reporting date as a result of a past event;

(b) it is probable (i.e. more likely than not) that the entity will be required to transfer economic benefits in a settlement; and

(c) the amount of the obligation can be estimated reliably.

As we can evidence that these conditions have been met, a provision can be made.

Simple 4 Step Process

1. Select a module and answer the simple yes/no business questions
2. Print off the list of tasks that you need to do to complete the section
3. Implement the tasks that will make you compliant with the module
4. Print off the policy documents and instruct your staff what they need to do

Why Provide For GDPR Breaches?

Statistics from the UK Government show that every business will be cyber breached in a two-year cycle.

Under GDPR Tax Credits, the business has to self-report and tell its customers, and each customer then has a claim.

Breaches are a fact of life and carry a huge cost for the business. We know many that have been breached
multiple times.

In the same way that banks provided for claims for PPI miss-selling in their accounts, businesses can provide
for claims for GDPR breaches.

How Can Businesses Become GDPR Compliant?

Business Bank UK’s GDPR Tax Credits partner has a solution to assist with becoming as close as possible to being GDPR compliant; an online progressive software system called Data Guardsman.

The system allows businesses to work through a series of modules to build on compliance.

The take-up of the system is mandatory to the Corporation Tax reclaim process in order to assist them in assessing the provision level on an annual basis.

Our partner team will, at the end of the business’s financial year, assess the level of compliance via the
Data Guardsman software and report any increase or reduction of the provision to the business so that
accounts can be updated.

Once completed, an insurance policy is granted by Hiscox Insurance Brokers for up to £250,000
worth of cover.

Should Accountants Be Advising Clients About GDPR Provisions?

Absolutely! These liabilities are real and have accrued in businesses, and if quantified, should be provided
for in the accounts if they are to give a true and fair view.

What Is The Cost For This Service?

Our partner fees are only due when you receive your rebate from HMRC. They will then invoice for their
GDPR Tax Credits consultancy service which is TAX and VAT deductible.

1. Register

Send us 3 months copy of your bills, or leave us your contact details and we’ll be in touch.

2. Research

Using our unrivalled buying power, we’ll scour the market, to present you with the most appropriate deals for your business.

3. Savings

Once you’ve decided which deal is best for you, we’ll process your new contract. Customers typically save 35%

Start Saving Money Now

    Send Us Your Bills - Business Bank UK

    Send Us Your Bills

    We have helped countless businesses weather the storm of Brexit and the Covid pandemic. Let us help your business