Accounting Practice Recruitment Specialists UK, USA and Canada

1 BACKGROUND

Last updated: 14 October 2025

1.1 This notice (Privacy Notice) tells you how we look after your personal data when you visit our website at https://bakerthornton.com (Website) or when you purchase our Baker Thornton is a specialist recruitment partner for accounting and CPA practices in the United Kingdom, the United States, and Canada. We process personal data to provide recruitment services. This includes receiving applications, reviewing curriculum vitae, assessing suitability for roles, arranging interviews, presenting shortlisted candidates to client firms, carrying out reference checks, facilitating offers and onboarding, and maintaining talent profiles for future opportunities. We also produce aggregated salary and market insight for clients. We act as an independent recruitment business and may be a controller or a joint controller depending on the engagement. Our lawful bases include performance of a contract, our legitimate interests in providing recruitment services, and consent where local law requires it, where you are a prospective customer of our business, or where you are another type of business contact, such as a supplier or service provider to our business.

1.2 This notice sets out what information we collect about you, what we use it for and whom we share it with. It also explains your rights under data protection laws and what to do if you have any concerns about your personal data.

1.3 We may sometimes need to update this Privacy Notice, to reflect any changes to the way our services are provided or to comply with new business practices or legal requirements. You should check this Privacy Notice regularly to see whether any changes have occurred.

2 WHO WE ARE AND OTHER IMPORTANT INFORMATION

2.1 We are GTCO LTD t/a Baker Thornton, registered in England and Wales with company number 15276195 with our registered address at Workshed, 7 Carriage Works, London Street, Swindon, SN1 5FB (we, us or our).

2.2 For all visitors to our Website and for users who purchase our services through an organisation, we are the controller of your information (which means we decide what information we collect and how it is used).

2.3 We are registered with the Information Commissioner’s Office (ICO), the UK regulator for data protection matters, under number ZB667013.

3 CONTACT DETAILS

3.1 If you have any questions about this Privacy Notice or the way that we use information, please get in touch using the following details:

Email address: info@bakerthornton.com
Postal address: GTCO Ltd, Workshed, 7 Carriage Works, London Street, Swindon, SN1 5FB

4 THE INFORMATION WE COLLECT ABOUT YOU

4.1 Personal data means any information which does (or could be used to) identify a living person. We have grouped together the types of personal data that we collect, and where we receive it from, below.

4.2 Type of personal data:

Identity Data: your first and last name or title.
Contact Data: your email address, telephone numbers, home address.
Technical Data: internet protocol (IP) address, browser type and version, time zone setting and generic location, browser plug-in types and versions, operating system and platform on the devices you use to access our systems.
Usage Data: information about how you use our systems.
Location Data: your device location if you log into our systems remotely.
Feedback: information and responses you provide when completing surveys and questionnaires.
Photo and Image Data: profile picture, images, videos and audio.
Profile Data: email address, password, username, chat logs, audit trail of systems used and documents accessed and downloaded.
Marketing and Communication Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.

4.3 Please note that we do not collect any payment card data or similar data relating to your method of payment. You provide this data directly to Stripe, Zoho payments, GoCardless who processes payments on our behalf. We only receive and process information about the timing and amount of your payment.

5 HOW WE USE YOUR INFORMATION

5.1 We are required to identify a legal justification (also known as a lawful basis) for collecting and using your personal data. There are six legal justifications which organisations can rely on. The most relevant of these to us are where we use your personal data to:

fulfil our contract with you;
comply with a legal obligation that we have;
pursue our legitimate interests (our justifiable business aims) but only if those interests are not outweighed by your other rights and freedoms (e.g. your right to privacy); and
do something for which you have given your consent.

5.2 Below is set out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed below, we will update our Privacy Notice.

5.2.1 Contract

To administrate or perform our contract with you.
To process your payment information in connection with any contract we have with you.
To send you updates about the services you have bought (e.g. confirmation of order, arrival time).

5.2.2 Legal Obligation

Recording your preferences (e.g. marketing) to ensure that we comply with data protection laws.
Where we send you information to comply with a legal obligation (e.g. where we send you information about your legal rights).
Where we retain information to enable us to bring or defend legal claims.

5.2.3 Legitimate Interests

Where using your information is necessary to pursue our legitimate business interests to:
a) improve and optimise our Website;
b) monitor and make improvements to our Website to enhance security and prevent fraud;
c) provide our services to you and ensure the proper functioning of our Website; and
d) protect our business and defend ourselves against legal claims.
Where we use your information for our legitimate interests, we have assessed whether such use is necessary and that such use will not infringe on your other rights and freedoms.

5.2.4 Consent

Where you have provided your consent to providing us with information or allowing us to use or share your information.
Where you have consented to receive marketing material from us.

5.3 Where we need to collect your personal data (for example, in order to fulfil a contract we have with you), failure to provide us with your personal data may mean that we are not able to provide you with the services. Where we do not have the information required about you to fulfil an order, we may have to cancel the service ordered.

6 WHO WE SHARE YOUR INFORMATION WITH

6.1 We share (or may share) your personal data with:

Our personnel: our employees (or other types of workers) who have contracts containing confidentiality and data protection obligations.
Our supply chain: other organisations that help us provide our goods. We ensure these organisations only have access to the information required to provide the support we use them and have a contract with them that contains confidentiality and data protection obligations.
Regulatory authorities: such as HM Revenue & Customs.
Our professional advisers: such as our accountants or legal advisors where we require specialist advice to help us conduct our business.
Any actual or potential buyer of our business.

6.2 If we were asked to provide personal data in response to a court order or legal request (e.g. from the police), we would seek legal advice before disclosing any information and carefully consider the impact on your rights when providing a response.

7 WHERE YOUR INFORMATION IS LOCATED OR TRANSFERRED TO

7.1 We store your personal data on our servers in the UK.

7.2 We will only transfer information outside of the UK or EEA where we have a valid legal mechanism in place (to make sure that your personal data is guaranteed a level of protection, regardless of where in the world it is located, e.g. by using contracts approved by the ICO or the UK Secretary of State).

7.3 If you access our Website or purchase our services whilst abroad then your personal data may be stored on servers located in the same country as you or your organisation.

8 HOW WE KEEP YOUR INFORMATION SAFE

8.1 We have implemented security measures to prevent your personal data from being accidentally or illegally lost, used or accessed by those who do not have permission. These measures include:

access controls and user authentication (including multi-factor authentication);
internal IT and network security;
regular testing and review of our security measures;
staff policies and training;
incident and breach reporting processes;
business continuity and disaster recovery processes.

8.2 If there is an incident which has affected your personal data and we are the controller, we will notify the regulator and keep you informed (where required under data protection law). Where we act as the processor for the affected personal data, we notify the controller and support them with investigating and responding to the incident.

8.3 If you notice any unusual activity on the Website, please contact us info@bakerthornton.com.

9 HOW LONG WE KEEP YOUR INFORMATION

9.1 Where we act as the controller, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.

9.2 To decide how long to keep personal data (also known as its retention period), we consider the volume, nature, and sensitivity of the personal data, the potential risk of harm to you if an incident were to happen, whether we require the personal data to achieve the purposes we have identified or whether we can achieve those purposes through other means (e.g. by using aggregated data instead), and any applicable legal requirements (e.g. minimum accounting records for HM Revenue & Customs).

9.3 We may keep Identity Data, Contact Data and certain other data (specifically, any exchanges between us by email or any other means) for up to seven years after the end of our contractual relationship with you.

9.4 If you browse our Website, we keep personal data collected through our analytics tools for only as long as necessary to fulfil the purposes we collected it for.

9.5 If you have asked for information from us or you have subscribed to our mailing list, we keep your details until you ask us to stop contacting you.

10 YOUR LEGAL RIGHTS

10.1 You have specific legal rights in relation to your personal data.

10.2 We can decide not to take any action in relation to a request where we have been unable to confirm your identity (this is one of our security processes to make sure we keep information safe) or if we feel the request is unfounded or excessive. Usually there is no cost for exercising your data protection rights, but we may charge a fee where we decide to proceed with a request that we believe is unfounded or excessive. If this happens we will always inform you in writing.

10.3 We will respond to your legal rights request without undue delay, but within one month of us receiving your request or confirming your identity (whichever is later). We may extend this deadline by two months if your request is complex or we have received multiple requests at once. If we need to extend the deadline, we will let you know and explain why we need the extension.

10.4 We do not respond directly to requests which relate to personal data for which we act as the processor. In this situation, we forward your request to the relevant controller and await their instruction before we take any action.

10.5 If you wish to make any of the right requests listed below, you can reach us at info@bakerthornton.com.

10.6 Your rights include:

Access: You must be told if your personal data is being used and you can ask for a copy of your personal data as well as information about how we are using it to make sure we are abiding by the law.
Correction: You can ask us to correct your personal data if it is inaccurate or incomplete. We might need to verify the new information before we make any changes.
Deletion: You can ask us to delete or remove your personal data if there is no good reason for us to continue holding it or if you have asked us to stop using it (see below). If we think there is a good reason to keep the information you have asked us to delete (e.g. to comply with regulatory requirements), we will let you know and explain our decision.
Restriction: You can ask us to restrict how we use your personal data and temporarily limit the way we use it.
Objection: You can object to us using your personal data if you want us to stop using it. If we think there is a good reason for us to keep using the information, we will let you know and explain our decision.
Portability: You can ask us to send you or another organisation an electronic copy of your personal data.
Complaints: If you are unhappy with the way we collect and use your personal data, you can complain to the ICO or another relevant supervisory body, but we hope that we can respond to your concerns before it reaches that stage. Please contact us at info@bakerthornton.com.

11 WHEN WE SEND YOU MARKETING MESSAGES

11.1 If you have consented to receiving marketing messages from us, you can opt out of these at any time. Just let us know at info@bakerthornton.com.

11.2 We market our services to prospective and existing business customers, this is known as Business-to-Business Marketing (B2B Marketing). We may send marketing communications to their staff via work contact details. If you are a member of staff and do not wish to receive B2B Marketing, please let us know at info@bakerthornton.com.

11.3 Opting out of marketing will not affect our processing of your personal data in relation to any order you have with us and where we are required to use your personal data to fulfil that order or provide you with certain information.

12 PROFILING

12.1 The processing of personal data contains profiling. Profiling refers to the automatic processing of personal data wherein the data is used to assess specific characteristics of the data subject. The data subjects are profiled in order to better target direct marketing and other communications to suit their interests.

1 ABOUT THESE TERMS

1.1 These terms apply to your access and use of https://bakerthornton.com website (the Website). You should also review our Baker Thornton Privacy Notice (https://bakerthornton.com/legal) which explains what personal data we collect when you use our website, as well as our Acceptable Use Policy (https://bakerthornton.com/legal) on posting content to our Website.

1.2 By accessing our Website, you acknowledge that these terms are legally binding. If you don’t agree with any of these terms, you should stop accessing and using our Website.

2 ABOUT US

2.1 We are GTCO Ltd (trading as Baker Thornton), a company registered in England and Wales under company registration number 15276195. Our registered office is at Workshed, 7 Carriage Works, London Street, Swindon, SN1 5FB and our postal address is Workshed, 7 Carriage Works, London Street, Swindon, SN1 5FB. Our VAT registration number is GB477079744.

2.2 We are registered with the following regulator: Information Commissioner's Office under registration number: ZB667013.

2.3 If you have any questions about the Website, please contact us by:

2.3.1 sending an email to info@bakerthornton.com;

2.3.2 calling us on +442036081859 (our telephone lines are open Monday to Friday: 10 am to 3 pm).

3 USING THE WEBSITE

3.1 We reserve the right to suspend the operation of our Website at any time. We may also restrict access to some parts of our Website to users who have registered with us.

3.2 You are responsible for maintaining your own internet connection for accessing the Website.

3.3 As a condition of your use of the Website, you agree to comply with our Acceptable Use Policy available at https://www.bakerthornton.com/acceptable-use-policy and agree not to:

3.3.1 misuse or attack our Website by knowingly introducing viruses, trojans, worms, logic bombs or any other material which is malicious or technologically harmful (such as by way of a denial-of-service attack);

3.3.2 attempt to gain unauthorised access to our Website, the server on which our Website is stored or any server, computer or database connected to our Website;

3.3.3 remove, delete, obscure, disable, modify, add to, tamper with, or circumvent any program code or data, copyright, trademark, or other proprietary notices, labels or copy protection software contained on the Website.

3.4 We may prevent or suspend your access to the Website if you do not comply with these terms or any applicable law.

3.5 We may suspend or terminate access or operation of the Website at any time as we see fit.

3.6 We do not promise that the Website will be available at all times or that your use of the Website will be uninterrupted or error-free.

4 USER ACCOUNT AND PASSWORD SECURITY

4.1 If you need a username or password to access any part of our Website you agree to:

4.1.1 ensure that any details provided to us are accurate;

4.1.2 keep your username or password secure and confidential;

4.1.3 let us know promptly if you believe that your username or password has been compromised.

4.2 We may terminate your access to any Website or any password-protected areas of our Website at any time, if we believe that your use of our Website is affecting the security and stability of our Website or is detrimental to other users.

5 INTELLECTUAL PROPERTY RIGHTS

5.1 The intellectual property rights in the Website and in any text, images, video, audio or other multimedia content, software or other information or material submitted to or accessible from the Website (Content) are owned by us and our licensors.

5.2 We and our licensors reserve all our intellectual property rights (including, but not limited to, all copyright, trade marks, domain names, design rights, database rights, patents and all other intellectual property rights of any kind) whether registered or unregistered anywhere in the world. This means, for example, that we remain owners of them and are free to use them as we see fit.

5.3 Nothing in these terms grants you any legal rights in the Website or the Content other than as necessary for you to access it.

5.4 You may not use any trade marks or trade names that are displayed on this Website, unless you have our express written permission.

6 INFORMATION ON THE WEBSITE

6.1 We try to make sure that the Website is accurate, up-to-date and free from bugs, but we do not guarantee that it will be.

6.2 We do not guarantee that the Website will be fit or suitable for any particular purpose. Any reliance that you may place on the information on the Website is at your own risk.

7 THIRD PARTY SITES

7.1 We have no control over, and don’t accept any responsibility for, the content of any third party website. If we include a link to any third party website, this doesn’t mean that we endorse or recommend the organisation which operates it. Your use of a third party site may be governed by the terms and conditions of that third-party site and is at your own risk.

8 LIMIT OF LIABILITY

8.1 Except for any legal responsibility that we cannot exclude in law (such as for death or personal injury) or arising under applicable laws relating to the protection of your personal information, we are not legally responsible for any:

8.1.1 losses that were not foreseeable to you and us when these terms were formed;

8.1.2 losses that were not caused by any breach on our part;

8.1.3 business losses; and

8.1.4 losses to non-consumers.

9 VARIATION

9.1 We reserve the right to amend these terms. Our updated terms will be displayed on the Website. By continuing to use and access the Website, you agree to be bound by any future updates to these terms as and when they are updated. It is your responsibility to check these terms from time to time to verify such variations.

10 COMPLAINTS AND QUERIES

10.1 If you have any questions about our Website, or have any complaints about its contents, please contact us at info@bakerthornton.com.

11 LAW AND JURISDICTION

11.1 The laws of England and Wales apply to these terms. Any disputes will be subject to the exclusive jurisdiction of the courts of England and Wales, unless you are a consumer and live in either Northern Ireland or Scotland. In which case, you can choose to bring a claim in England and Wales or in the courts of another part of the United Kingdom in which you live.

1 ABOUT THIS POLICY

1.1 This Policy sets out the standards that apply when you use, upload and view our website https://bakerthornton.com (Website).

1.2 By using our Website, you are agreeing to follow the terms of this policy. If you do not agree with this policy, you must not use our Website.

1.3 We may amend this policy from time to time if the needs of our business changes. Please check back regularly to check for any updates.

1.4 This policy should be read alongside our website terms and conditions (https://bakerthornton.com/legal)

2 WHO ARE WE

2.1 We are GTCO LTD t/a Baker Thornton, registered in England and Wales with company number 15276195 whose registered address is Workshed, 7 Carriage Works, London Street, Swindon, SN1 5FB (we/us/our).

GTCO Ltd is trading as Baker Thornton

3 USING OUR WEBSITE

3.1 When using our Website, you must not use our Website:

3.1.1 in any way that breaches any applicable local, national or international law or regulation;

3.1.2 in any way that is unlawful or fraudulent or has any unlawful or fraudulent purpose or effect;

3.1.3 for the purpose of harming or attempting to harm minors in any way;

3.1.4 to bully, insult, intimidate or humiliate any person;

3.1.5 to send, knowingly receive, upload, download, use or re-use any material which does not comply with our terms of User Generated Content below;

3.1.6 to transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam);

3.1.7 to knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware;

3.1.8 to upload terrorist content.

4 YOUR RESPONSIBILITIES

4.1 When using our website you must:

4.1.1 notify us immediately if you suspect that any use of the Services or Website is, or will lead to activity that is, fraudulent or unlawful;

4.1.2 notify us immediately of any circumstances where any intellectual property rights or any other rights of any third party may have been infringed;

4.1.3 not do or promote anything likely to impair, interfere with or damage our platform or electronic communications network, or cause harm, harassment or distress to any persons;

4.1.4 not do anything which involves the transmission of junk mail, chain letters, unsolicited mass mailing, instant messaging, “spimming” or “spamming”;

4.1.5 not misuse or attack our networks or platforms by knowingly introducing viruses, trojans, worms, logic bombs or any other material which is malicious or technologically harmful (such as by way of a denial-of-service attack);

4.1.6 not use our Website in any way which contravenes our Website Terms of Use, including:

reproducing, duplicating, copying or re-selling any part of the Website;
accessing any of the Website without our authority; or
damaging or disrupting any part of the Website.

5 USER GENERATED CONTENT

5.1 Where our Website enables you to post messages, profiles or any other form of communication on the Website (User Generated Content), you must not:

5.1.1 promote racism, bigotry, hatred or physical harm of any kind against any group or individual;

5.1.2 harass or advocate harassment of another person;

5.1.3 display pornographic or sexually explicit material;

5.1.4 promote any conduct that is abusive, threatening, obscene, defamatory or libellous;

5.1.5 promote any illegal activities;

5.1.6 provide instructional information about illegal activities, including violating someone else’s privacy;

5.1.7 create computer viruses or implement any form of software or scripts onto the Website that have the appearance of coming from a user or candidate (for the avoidance of doubt, this shall not apply to API use);

5.1.8 promote or contain information that you know or believe to be inaccurate, false or misleading;

5.1.9 engage in the promotion of contests, sweepstakes and pyramid schemes, without our prior written consent;

5.1.10 exploit people in a sexual or violent manner;

5.1.11 invade or violate any third party’s right to privacy.

5.2 We reserve the right to refuse to publish any User Generated Content or links to third party content, or to at any time remove or edit User Generated Content (in whole or in part) or any link to third party content, if we have reason to believe that a user has breached this policy.

6 BREACH OF THIS POLICY

6.1 Failure to follow the terms of this policy will be considered a material breach of our Website Terms of Use. Where we consider a breach has occurred, we may (but are not limited to):

6.1.1 issue a warning to you;

6.1.2 suspend your use of all or part of the Website;

6.1.3 remove any User Generated Content you have made on the Website;

6.1.4 close or suspend any user account details you have with us;

6.1.5 disclose any User Generated Content to law enforcement authorities as appropriate or as required by law; and/or

6.1.6 take legal action against you.

7 COMPLAINTS

7.1 If you wish to complain about our Website, or query any content uploaded by other users, including any User Generated Content or third party content, please contact us at info@bakerthornton.com.

8 LAW AND JURISDICTION

8.1 Please note that the laws of England and Wales apply to the terms of this policy. Any disputes will be subject to the exclusive jurisdiction of the courts of England and Wales, unless you are a consumer and live in either Northern Ireland or Scotland. In which case, you can choose to bring a claim in England and Wales or in the courts of another part of the United Kingdom in which you live.

1 INTRODUCTION

1.1 Our Website (https://bakerthornton.com) uses cookies and similar technologies. This helps us to provide you with a good experience when you browse our Website and also allows us to improve our Website.

1.2 Cookies are small text files that are downloaded to your device (e.g. your computer or smartphone). Cookies contain uniquely generated references which are used to distinguish you from other users. They allow information gathered on one webpage to be stored until it is needed for use on another, allowing our Website to provide you with a personalised experience (like remembering your favourites) and provide us with statistics about how you interact with our (and sometimes third party) Website.

1.3 Cookies are not harmful to your devices (like a virus or malicious code) but some individuals prefer not to share their information (for example, to avoid targeted advertising).

2 DIFFERENT TYPES OF COOKIES

2.1 Session vs. persistent cookies: cookies have a limited lifespan. Cookies which only last a short time or end when you close your browser are called session cookies. Cookies which remain on your device for longer are called persistent cookies (these are the type of cookies that allow websites to remember your details when you log back onto them).

2.2 First party vs. third party cookies: cookies placed on your device by the website owner are called first party cookies. When the website owner uses other businesses’ technology to help them manage and monitor their website, the cookies added by the other business are called third party cookies.

2.3 Categories of cookies: cookies can be grouped by what they help the website or website owner do:

Necessary cookies are cookies which help the website to run properly (when they are strictly necessary cookies it means their only function is to help the website work);
Performance / functionality cookies help a website owner understand and analyse how a user uses a website, in order to personalise content and remember user preferences;
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, etc;
Marketing / advertising cookies tailor online adverts to reflect the content you have previously browsed and help inform companies about your interests so they can show you relevant adverts.

3 WHAT DO WE USE COOKIES FOR?

3.1 We use cookies:

to track how visitors use our Website;
to record whether you have seen specific messages we display on our Website;
to keep you signed into our Website;
where we post content and links to content, we use cookies to capture and analyse information such as number of views and shares.

4 WHAT COOKIES DO WE USE?

4.1 Details of the cookies we use on our Website are set out as an attachment to this Cookie Notice

4.2 We can only use cookies with your permission (you will be prompted by a message when you first visit our Website, also known as a cookie banner, where you can choose to accept or decline our cookies).

4.3 You can update your cookies settings and permissions on our Website by declining or choosing your cookie preferences at the bottom of our website.

4.4 You can choose to decline cookies but if you turn off necessary cookies, some pages and functions on our Website may not work properly. You can also manage cookies through your browser settings or device settings (your user manual should contain additional information). You may wish to visit to find out how to disable cookies on different browsers.

4.5 You can also delete cookies and opt-out of being tracked by certain cookies directly with the relevant third-parties (for example, you can disable Google Analytics on their ).

4.6 If you have any questions about our cookies, or how we otherwise use your personal data, please visit our Privacy Notice (https://bakerthornton.com/legal) for further details.

Legal Stuff