XLW Advisory

Privacy Policy

Last updated: January 2026

1. Introduction

XLW Advisory is a professional services firm providing accounting, audit & assurance, tax, and advisory services. We are committed to safeguarding the confidentiality, integrity, and security of personal data processed through this website (“Website”).

All personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable professional and regulatory obligations.

2. Categories of Personal Data

Depending on your interaction with the Website, we may collect the following limited categories of personal data:

  • Technical data: IP address, browser type, date and time of access (for security, audit, and system integrity purposes)
  • Contact data: name, email address, telephone number, and message content voluntarily submitted via enquiry forms

Client data submitted outside this Website in the course of professional engagements is governed by separate engagement letters and professional confidentiality obligations.

3. Purpose and Legal Basis of Processing

Personal data collected via this Website is processed strictly for the following purposes:

  • Responding to enquiries and preliminary professional communications
  • Assessing whether professional services may be provided
  • Ensuring the security and proper functioning of the Website
  • Meeting legal, regulatory, and professional compliance requirements

Processing is carried out on the basis of consent, legitimate interests, or legal obligations, as applicable.

4. Professional Confidentiality

As a professional advisory firm, XLW Advisory is subject to strict professional confidentiality and ethical obligations. Any personal data received in the context of accounting, audit, tax, or advisory services is treated with enhanced confidentiality and processed solely for lawful professional purposes.

5. Data Retention

Personal data is retained only for as long as necessary to:

  • Fulfil the purpose for which it was collected
  • Comply with statutory, regulatory, or professional record-keeping obligations

Where retention is no longer required, data is securely deleted or anonymised.

6. Data Sharing and Transfers

XLW Advisory does not sell or commercially exploit personal data.

Personal data may be disclosed only where:

  • Required by law, court order, or regulatory authority
  • Necessary to comply with professional obligations
  • You have provided explicit consent

We do not transfer personal data outside the European Economic Area unless appropriate safeguards are in place.

7. Data Security Measures

We implement appropriate technical and organisational measures to protect personal data, including safeguards appropriate for financial and professional services information.

8. Data Subject Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Request rectification or erasure
  • Restrict or object to processing
  • Withdraw consent where processing is consent-based
  • Lodge a complaint with a supervisory authority

Requests may be submitted using the contact information provided on this Website.

9. Third-Party Websites

This Website may contain links to external websites. XLW Advisory is not responsible for the content or privacy practices of third-party websites.

10. Updates to This Policy

This Privacy Policy may be updated from time to time to reflect legal, regulatory, or operational changes. Any updates will be published on this page with a revised date.