Privacy Policy

Important Notice

This Privacy Policy is a legally binding document. Please read it carefully before using ProperSorted or submitting any personal information to us. If you do not agree with any part of this Privacy Policy, you must not use our Services.

Who We Are
Scope and Application of This Policy
Definitions
The Data We Collect and Why We Collect It
Legal Bases for Processing Personal Data
How We Use Your Personal Data
Special Category Data and Financial Sensitivity
HMRC Integration and Data Flows
Identity, Authentication, and Subscription via OnePass
Data Sharing and Third-Party Disclosures
International Transfers of Personal Data
Data Retention and Deletion
Security Architecture and Controls
Audit Logging and Operational Monitoring
Cookies and Tracking Technologies
Your Rights Under UK GDPR and the DPA 2018
Children
Changes to This Privacy Policy
How to Contact Us and Escalate Concerns

1. Who We Are

DarkhorseOne Limited (trading as ProperSorted) is a private limited company incorporated in England and Wales under company number 15002342, with its registered office at Suite 3.1, 27 Castle Street, Canterbury, Kent, England, CT1 2PX ("we", "us", "our", or "ProperSorted"). Our VAT registration number is GB 478687514. Our company website is www.darkhorseone.co.uk.

We are the controller of personal data processed in connection with the ProperSorted platform and services, as defined under the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018 ("DPA 2018").

We are registered with the Information Commissioner's Office ("ICO") under registration reference ZB913022.

Our Data Protection Officer ("DPO") can be contacted at service@darkhorseone.co.uk or at our registered office address marked for the attention of the Data Protection Officer.

2. Scope and Application of This Policy

This Privacy Policy applies to all personal data collected, received, generated, processed, stored, transmitted, or otherwise handled by ProperSorted in connection with:

(a) your access to and use of the ProperSorted web application and any associated software clients (the "Platform");

(b) your registration and account management through our identity partner, OnePass;

(c) your use of HMRC Making Tax Digital ("MTD") features, including submission workflows and authorisation processes;

(d) any communications between you and ProperSorted, including support, billing, and compliance-related correspondence;

(e) your subscription to, and use of, any ProperSorted plan or feature tier.

This Policy does not apply to:

personal data processed by HM Revenue and Customs ("HMRC") in its capacity as an independent controller when you interact directly with HMRC systems;
third-party websites, applications, or services that may be linked to or from the Platform.

This Policy does apply to personal data processed by OnePass, as OnePass is operated by DarkhorseOne Limited, the same entity that operates ProperSorted. OnePass identity and subscription data is processed by DarkhorseOne Limited as controller, and is covered by this Policy in full.

3. Definitions

In this Privacy Policy, the following terms carry the meanings set out below:

Term	Meaning
Account	A user account associated with a Tenant, managed through OnePass and active within the Platform.
Audit Data	Structured log records generated automatically by the Platform that record the occurrence, timing, and context of significant system and user actions.
Controller	The natural or legal person who determines the purposes and means of processing personal data.
DPA 2018	The Data Protection Act 2018 (as amended or replaced from time to time).
Evidence Documents	Files, receipts, statements, and other binary attachments uploaded by Users as supporting evidence for financial records.
Financial Records	Rental income records, expense records, additional income inputs, and any related financial data entered into the Platform by a User.
HMRC	HM Revenue and Customs, the UK government department responsible for tax administration.
ICO	The Information Commissioner's Office, the UK supervisory authority for data protection.
MTD	Making Tax Digital, the HMRC digital tax reporting initiative to which the Platform connects on behalf of Users.
OnePass	The identity and tenancy management platform used by ProperSorted for user authentication, role assignment, and access control.
Personal Data	Any information relating to an identified or identifiable natural person, as defined under UK GDPR Article 4(1).
Platform	The ProperSorted web application, backend services, and associated infrastructure.
Processing	Any operation or set of operations performed on Personal Data, as defined under UK GDPR Article 4(2).
Processor	A natural or legal person who processes Personal Data on behalf of a Controller.
Submission Data	Data assembled and dispatched to HMRC in the course of an MTD submission workflow, including period-specific financial figures, authorisation tokens, and fraud-prevention headers.
Tenant	An organisational account within the Platform, representing a landlord or associated advisory group.
UK GDPR	The UK General Data Protection Regulation, as retained in UK domestic law pursuant to the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019.
User	A natural person who holds an Account and accesses the Platform under a Tenant context.

4. The Data We Collect and Why We Collect It

4.1 Identity, Account, and Subscription Data

DarkhorseOne Limited processes the following data in connection with your OnePass account, your subscription to ProperSorted, and your authenticated access to the Platform:

Registration and Identity Data (held in OnePass):

Full name and email address provided at registration
OnePass-assigned user identifier (a unique technical identifier)
Authentication credentials (stored by OnePass in hashed and salted form; never accessible in plaintext to ProperSorted or to DarkhorseOne staff)
Date of account creation and last authentication

Subscription and Billing Data (held in OnePass):

Selected subscription plan and feature tier
Subscription commencement date, billing period, and renewal status
Billing contact name and address
Payment method metadata (card type, last four digits, expiry — full card numbers are processed exclusively by our payment processor and are never stored by DarkhorseOne)
Invoice and payment history

Role and Access Data (passed to ProperSorted at authentication):

Tenant identifier (identifying the organisational account to which you belong)
Role codes (indicating your functional role within the Tenant, such as landlord user, landlord admin, finance collaborator, or compliance reviewer)
Display name or username, where provided

At the point of authentication, OnePass issues a validated bearer token to the ProperSorted Platform. ProperSorted extracts the role and access data listed above from this token to construct a Security Context governing your session. ProperSorted does not store the bearer token itself beyond the scope of the authenticated session.

4.2 Property Portfolio Data

When you use the Platform to create and manage your property portfolio, we collect:

Property addresses (including address lines, city, postcode, and country)
Property reference codes or display names you assign
Property type and ownership type information
Rental commencement and cessation dates
Archival status and related metadata

4.3 Financial Records Data

When you record rental income and landlord expenses, we collect:

Dates and amounts of rental income receipts (denominated in GBP)
Expense dates, amounts, categories, and deductibility classifications
Period references (tax quarter or tax year keys)
Source labels and descriptive notes you provide
Reconciliation status and review state markers
Evidence linkage status indicating whether supporting documentation has been attached

When you enter additional personal income information for tax-position visibility purposes (such as employment income, self-employment income, dividend income, interest income, or other taxable income sources), we collect:

Income type and source label
Amount and tax year reference
Any notes you provide

4.4 Evidence and Document Data

When you upload files to the Platform as supporting evidence:

We store the file binary content in secure object storage
We record file metadata including upload timestamp, file type, file size reference, tenant identifier, and upload session reference
We record document linkage information that associates documents with specific Financial Records

4.5 HMRC Authorisation and Submission Data

When you connect the Platform to HMRC using the MTD authorisation flow:

We record and manage authorisation session state, including the initiation time, redirect timestamps, callback receipt, and resulting connection status
We store an authorisation token and associated token lifecycle metadata (expiry, refresh requirements) obtained through the HMRC OAuth authorisation code flow
We do not permanently store your HMRC Government Gateway credentials

When you initiate or complete an HMRC MTD submission:

We assemble and record the submission payload, including period-specific rental income and expense figures, derived tax estimates, and submission-type identifiers
We store HMRC-issued acknowledgement references, correlation identifiers, and submission outcome records
We retain a structured snapshot of the financial data submitted, for audit and reconciliation purposes

4.6 Fraud-Prevention Technical Data

HMRC's MTD API requires that software submitting data on behalf of taxpayers transmit a defined set of fraud-prevention headers with each request. These headers are a mandatory HMRC compliance requirement. The data collected to populate these headers includes:

Browser and device identifiers: browser type and version, operating system, screen resolution, timezone offset, browser plugin inventory (in hash or summarised form), and device fingerprint identifiers generated by the Platform
Network metadata: source IP address (as observed by the Platform's ingress infrastructure), connection type where available
Session context: multi-factor authentication state, originating Platform reference, and request timestamp

This data is collected at or near the time of precheck and submission actions, normalised and formatted in accordance with HMRC's fraud-prevention header specifications, transmitted to HMRC within the API request headers, and retained in summary form where operationally required for audit reference or retry context.

You are informed of and consent to this collection as part of connecting the Platform to HMRC. The collection of fraud-prevention data is a legal obligation required by HMRC's published technical standards for MTD-compatible software.

4.7 Audit and Access Decision Data

The Platform generates append-only audit records for significant actions. These records include:

The type of action performed (for example, income record created, HMRC submission dispatched, connection authorised)
The timestamp of the action
Your user identifier and Tenant identifier
The type and identifier of the resource affected
The outcome of the action
A structured metadata payload describing the action context

The Platform also records access decision logs that capture whether access to sensitive capabilities was granted or denied, together with the applicable role or capability context and the reason for the decision.

4.8 Operational and Technical Data

During normal Platform operation we collect:

API request logs, including request timestamps, request identifiers, HTTP method and path, response status codes, and latency measurements
Worker job execution records, including job type, execution timestamps, and outcome
Retry task records for integration and recomputation failures
Idempotency key records used to prevent duplicate submissions or processing

Operational logs are collected for performance monitoring, support diagnostics, and Platform integrity purposes. Operational logs do not contain raw access tokens, complete HMRC payloads in clear text, or binary file contents.

4.9 Communications Data

If you contact us for support, billing enquiries, or compliance purposes, we collect:

Your name and contact email address
The content of your correspondence
Records of steps taken in response to your enquiry

5. Legal Bases for Processing Personal Data

We process your personal data only where we have a valid legal basis under UK GDPR Article 6. The applicable legal bases for our processing activities are as follows:

5.1 Performance of a Contract (Article 6(1)(b))

The majority of our core processing is necessary for the performance of our contract with you (the Terms and Conditions governing your use of the Platform). This includes:

Processing registration, identity, and billing data through OnePass to create your account, administer your subscription, and provide access to the Platform
Storing and processing Financial Records, property portfolio data, and Evidence Documents as part of delivering the tax workflow management service
Generating tax-position projections and readiness assessments
Operating HMRC connection and submission workflows on your behalf

5.2 Compliance with a Legal Obligation (Article 6(1)(c))

Certain processing is required for us to comply with legal obligations applicable to us as a software provider operating in the UK tax ecosystem. This includes:

Transmitting fraud-prevention headers to HMRC as required by HMRC's MTD published technical standards and fraud-prevention regulations
Maintaining audit records where required by applicable financial or regulatory obligations
Responding to lawful requests from HMRC, the ICO, or other public authorities

5.3 Legitimate Interests (Article 6(1)(f))

We process certain data on the basis of our legitimate interests or those of third parties, where those interests are not overridden by your interests or fundamental rights. This includes:

Operating system monitoring, alerting, and performance management to maintain Platform reliability and security
Maintaining audit trails and access decision logs to protect Users and the Platform against unauthorised access
Detecting, preventing, and responding to security threats, fraud, or abuse
Retaining operational and technical logs for support diagnostics
Communicating with you about material changes to the Platform or these policies

Our legitimate interests assessment is documented and available on request addressed to our DPO.

Where we rely on consent as the legal basis (for example, for optional analytics cookies or non-essential communications), we will seek your explicit, freely given consent and maintain records of consents given. You may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.

6. How We Use Your Personal Data

6.1 Account Registration, Subscription Management, and Billing

We use your registration and billing data (held in OnePass) to:

create and maintain your identity account and Tenant context
process your subscription purchase and manage your plan, billing period, and entitlements
generate and issue invoices and process payments through our payment processor
manage renewals, upgrades, downgrades, and cancellations
administer free trials and promotional access periods

6.2 Delivering the Core Tax Workflow Service

We use your data to provide the full ProperSorted workflow, including:

maintaining your property portfolio records
recording and displaying rental income and landlord expenses
generating estimated tax positions based on the financial data you enter
computing MTD readiness assessments and identifying blockers or warnings
managing period reviews and submission preparation workflows

6.3 HMRC Connectivity and Submission

We use your data to facilitate your connection to HMRC's MTD APIs, including:

initiating and completing OAuth authorisation flows
maintaining token state and managing reconnection requirements
assembling submission payloads from your Financial Records
dispatching submissions to HMRC on your instruction
recording and presenting acknowledgement results and submission history

6.4 Security and Fraud Prevention

We use technical and operational data to:

authenticate and authorise each request against your role and Tenant context
detect unauthorised access or anomalous activity
maintain audit trails for sensitive operations
enforce multi-tenant isolation so that your data is never accessible to other Tenants

6.5 Platform Reliability and Support

We use operational data to:

monitor system health and performance
diagnose and resolve technical issues
manage retry and recovery workflows for integration failures

6.6 Communications

We use your contact information to:

send essential service notifications (such as connection expiry warnings, submission failures, or material policy changes)
respond to your support or compliance enquiries

We do not use your contact information for marketing purposes without your separate prior consent.

7. Special Category Data and Financial Sensitivity

7.1 Financial Data as Sensitive Information

Although rental income, expense, and tax-related information does not constitute "special category data" as defined under UK GDPR Article 9, we recognise that such data is commercially highly sensitive, closely linked to your personal financial circumstances, and subject to statutory confidentiality expectations applicable in the context of HMRC tax affairs.

We treat your Financial Records with a heightened standard of care equivalent to that applied to special category data, including strict access controls, role-based capability restrictions, schema-level data segregation, and purpose limitation.

7.2 HMRC Submission Data Sensitivity

Data forming part of an HMRC submission workflow is classified internally as high-sensitivity. It is stored in a dedicated database schema separate from ordinary business records, subject to more restricted database runtime privileges, and governed by additional access decision logging.

7.3 No Processing of Special Category Data by Design

ProperSorted is not designed to collect or process special category personal data (such as health data, racial or ethnic origin data, or biometric data). If such data is inadvertently contained within Evidence Documents you upload, you are responsible for minimising its inclusion, and we will not seek to extract or use it.

8. HMRC Integration and Data Flows

8.1 Role of ProperSorted as Agent

When you authorise ProperSorted to connect with HMRC on your behalf, ProperSorted acts as your software agent for the purposes of MTD API interactions. You remain the taxpayer and the person responsible to HMRC for the accuracy and completeness of any data submitted.

8.2 Authorisation Flow

The HMRC connection uses OAuth 2.0 authorisation code flow. You are redirected to HMRC's authorisation endpoint, where you authenticate directly with HMRC using your Government Gateway credentials. ProperSorted does not observe, intercept, or store your Government Gateway username or password.

Upon successful authorisation, HMRC issues a bearer token to ProperSorted. We store and manage this token securely. The token confers limited, scoped permissions to interact with specific HMRC MTD APIs on your behalf. It does not give ProperSorted access to your full HMRC account.

8.3 What Is Sent to HMRC

Each MTD submission dispatched by ProperSorted on your instruction includes:

your HMRC-assigned taxpayer reference identifiers
period-specific financial figures derived from your Financial Records
the HMRC-required fraud-prevention headers described in Section 4.6
submission-type metadata as required by HMRC's API specification

8.4 HMRC as Independent Controller

HMRC receives and processes data you submit through ProperSorted as an independent data controller. HMRC's use of that data is governed by HMRC's own published privacy notices and applicable UK tax legislation. ProperSorted has no control over HMRC's processing of submitted data after transmission.

8.5 Submission Record Retention

ProperSorted retains a structured record of each submission, including the financial data submitted, the timestamp, the authorisation context, and any acknowledgement received. This record is retained to support your right to access submission history, to facilitate audit processes, and to assist in the event of disputes with HMRC regarding submission status.

9. Identity, Authentication, and Subscription via OnePass

9.1 What OnePass Is

OnePass is a unified identity, tenancy, and subscription management platform developed and operated by DarkhorseOne Limited. It is the same legal entity as ProperSorted. OnePass serves as:

the exclusive authentication authority for the ProperSorted Platform;
the platform through which you register an account, manage your subscription, and are assigned your organisational roles;
the source of the trusted identity context that ProperSorted relies upon to authorise all access to the Platform.

Because OnePass and ProperSorted are both operated by DarkhorseOne Limited, there is a single data controller responsible for personal data processed across both platforms. This Privacy Policy covers the processing of personal data in connection with both OnePass and ProperSorted where that processing is undertaken by DarkhorseOne Limited.

9.2 Data Processed by OnePass

When you register and subscribe through OnePass, DarkhorseOne Limited processes personal data for the purposes of:

creating and managing your identity account (including your name, email address, and authentication credentials);
administering your subscription, plan selection, billing relationship, and entitlement to access the Platform;
issuing and managing your Tenant context and role assignments;
maintaining session state and enforcing access controls.

The legal bases for this processing are performance of a contract (Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)), as further described in Section 5.

9.3 Data Passed from OnePass to ProperSorted

When you authenticate with the Platform, OnePass issues a validated bearer token to ProperSorted. ProperSorted extracts and uses the following claims from this token:

your OnePass-assigned user identifier
your Tenant identifier
your assigned role codes

These claims are used to construct a Security Context that governs every action you may perform within the Platform. ProperSorted does not store the bearer token itself beyond the scope of the authenticated session.

9.4 Unified Controller Responsibility

Because DarkhorseOne Limited is the single controller for both OnePass and ProperSorted, you may exercise all data subject rights described in Section 16 in relation to personal data held across both systems by contacting us at service@darkhorseone.co.uk. You do not need to submit separate requests to OnePass and ProperSorted.

10.1 General Principle

We do not sell your personal data. We do not share your personal data with third parties for their own commercial marketing purposes.

10.2 HMRC

We share Submission Data with HMRC when you initiate an MTD submission. This disclosure is made on your instruction and is a core function of the Platform.

10.3 Infrastructure and Cloud Providers

We use third-party infrastructure providers to host and operate the Platform. These providers act as our data Processors and process personal data solely on our documented instructions. Our key infrastructure providers include:

Cloud hosting provider(s): for compute, database hosting, and object storage
Content delivery and networking providers: for ingress routing and performance management

All such providers are contractually bound by data processing agreements that meet the requirements of UK GDPR Article 28, and are selected on the basis of appropriate security standards and, where applicable, compliance with recognised certifications.

10.4 Professional and Legal Advisors

We may share personal data with our legal advisors, auditors, or insurers where necessary for the purpose of obtaining professional advice or conducting legal proceedings. Such advisors are bound by professional duties of confidentiality.

10.5 Regulatory and Law Enforcement Authorities

We may disclose personal data to HMRC, the ICO, the Financial Conduct Authority, or other competent public authorities where we are legally required to do so, where we are responding to a lawful court order, or where disclosure is necessary to prevent or detect crime. Where legally permitted, we will notify you of any such disclosure.

10.6 Business Transfers

If ProperSorted is the subject of a merger, acquisition, restructuring, or sale of all or substantially all of its assets, your personal data may be transferred to the acquiring or successor entity. We will use reasonable endeavours to ensure the successor entity provides equivalent privacy protections and will notify you of any material change in the identity of the controller.

10.7 Multi-Tenant Isolation Commitment

ProperSorted operates a strict multi-tenant architecture. No Tenant's personal data is ever accessible to another Tenant, whether directly or through any inference mechanism. This isolation is enforced at the application logic, data access, database privilege, and operational monitoring levels.

11. International Transfers of Personal Data

11.1 UK-First Hosting Policy

ProperSorted's primary data hosting infrastructure is located within the United Kingdom and/or the European Economic Area. We do not routinely transfer personal data to countries outside the UK or EEA.

11.2 Where Transfers Occur

In limited circumstances, personal data may be transferred to or accessed from countries outside the UK in connection with infrastructure operations (for example, where a cloud provider operates a global support function). Where such transfers occur, we ensure they are protected by appropriate transfer mechanisms in accordance with UK GDPR Chapter V, including:

the UK International Data Transfer Agreement ("IDTA"), or
the UK Addendum to the European Commission Standard Contractual Clauses ("UK SCCs"), or
an adequacy regulation made by the Secretary of State in respect of the destination country.

11.3 Transfer Impact Assessments

Where required, we conduct transfer impact assessments prior to commencing international transfers of personal data, taking into account the laws and practices of the destination country and the nature of the data transferred.

12. Data Retention and Deletion

12.1 Retention Philosophy

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, to perform our contractual obligations, or to comply with applicable legal retention requirements. We do not retain data beyond the period for which there is a legitimate purpose.

12.2 Retention Periods by Category

Data Category	Retention Period	Rationale
Financial Records (income, expenses, additional income)	7 years from the end of the relevant tax year	Aligned with HMRC's self-assessment enquiry window under TMA 1970 s.34 and s.36
Evidence Documents	7 years from the end of the relevant tax year, or until unlinked and explicitly deleted, whichever is later	Supporting statutory record-keeping obligations
HMRC Submission Data and Acknowledgement Records	7 years from the date of submission	Regulatory and dispute resolution purposes
HMRC Authorisation Session Records	13 months from session closure	Fraud-prevention audit trail requirements
Audit Logs	7 years from creation	Security, legal, and regulatory compliance
Access Decision Logs	3 years from creation	Operational security monitoring
Operational and Technical Logs	90 days from creation (standard); longer where required for active incident investigations	Support and diagnostics
Property Portfolio Data	Duration of account plus 7 years following account closure	Tax year cross-referencing requirements
Identity and Account Data (OnePass registration and profile)	Duration of active account plus 90 days following account deletion	Operational deactivation, dispute resolution, and fraud-prevention purposes
Subscription and Billing Records	7 years from the end of the relevant financial year	VAT record-keeping obligations and commercial dispute resolution
Communications Data	3 years from last contact, unless subject to legal hold	Support continuity and compliance

12.3 Account Closure and Data Deletion

Upon closure of your Account or Tenant, we will:

(a) cease processing your personal data for any purpose other than those required by law or legitimate regulatory obligations;

(b) mark data subject to retention obligations as archived and restrict access accordingly;

(c) delete or anonymise data not subject to retention obligations within 60 days of account closure, save where an active legal hold applies.

You may request deletion of specific data categories before account closure in accordance with Section 16 (Your Rights). Where deletion is restricted by a statutory retention obligation, we will inform you of the applicable obligation and the expected deletion date.

12.4 Anonymisation

Where we are unable to delete data within a mandatory retention period, we will apply technical anonymisation measures to remove or replace identifying attributes where doing so would not materially impair the legal or regulatory purpose for which the record is retained.

13. Security Architecture and Controls

13.1 Our Commitment

We apply appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access, taking into account the nature, scope, context, and purposes of the processing and the risks to the rights and freedoms of natural persons.

13.2 Technical Measures

Our technical security measures include:

Authentication and Authorisation:

All requests to the Platform backend are authenticated using validated OnePass-issued bearer tokens
Role-based capability resolution is applied to every request based on the role codes extracted from the token
Tenant context is enforced at every layer of the application stack; cross-tenant data access is architecturally precluded

Data Segregation:

The Platform database employs multiple schemas aligned to domain sensitivity levels
HMRC-related data is stored in a dedicated, separately-privileged database schema
Runtime database privileges follow a least-privilege model, with separate database roles for API operations, HMRC connector operations, audit writes, background workers, and read-only reporting

Encryption:

All data in transit between the browser client, Platform API, HMRC APIs, and infrastructure components is encrypted using TLS 1.2 or above
All data at rest, including database volumes and object storage, is encrypted using AES-256 or equivalent at the infrastructure level

Object Storage:

Evidence Documents are stored in secure object storage with access governed by the Platform's application layer
Document access is mediated through the API; no direct public URLs to document objects are issued without authenticated and authorised session context

Audit Controls:

Audit logs are written to an append-only store with restricted mutation privileges
Access decision logs independently record authorisation outcomes for sensitive operations

13.3 Organisational Measures

Our organisational security measures include:

documented access control policies and principle of least privilege applied to staff access to production systems and personal data
security awareness training for all staff with access to personal data
documented incident response and breach notification procedures
regular review of third-party Processor security posture
version-controlled infrastructure configuration and migration management

13.4 Personal Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of natural persons, we will:

(a) notify the ICO within 72 hours of becoming aware of the breach, in accordance with UK GDPR Article 33, unless the breach is unlikely to result in such risk;

(b) notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms, in accordance with UK GDPR Article 34.

We maintain documented breach response procedures and an internal breach register.

14. Audit Logging and Operational Monitoring

14.1 What We Log

The Platform automatically generates structured audit records for the following categories of event, among others:

property record creation and modification
income and expense record creation and modification
document upload, registration, linkage, and unlinkage
HMRC authorisation initiation, callback receipt, and connection status changes
HMRC precheck execution and outcome
HMRC submission request, dispatch, and result recording
readiness and tax-position recomputation events
session context resolution
role capability grants and access denials
background worker job failures and retry scheduling

14.2 Purpose of Audit Logs

Audit logs are used exclusively for:

security monitoring and threat detection
fraud prevention
dispute investigation and resolution
regulatory and legal compliance
operational support diagnostics

Audit logs are not used for profiling, marketing, or any purpose inconsistent with the purposes for which they were generated.

14.3 Restriction of Operational Log Content

Operational and structured logs must not contain, and the Platform is architecturally designed to prevent them from containing:

raw bearer access tokens
complete HMRC API request or response payloads in unredacted form
binary file content
full fraud-prevention header field values in contexts where long-term retention is not operationally justified

15. Cookies and Tracking Technologies

15.1 Types of Cookies We Use

The Platform uses cookies and similar technologies to operate and improve the service. The categories of cookies we use are:

Category	Purpose	Basis
Strictly Necessary	Session management, authentication state maintenance, security tokens, CSRF protection	Necessary for the Platform to function; no consent required
Functional	User preferences, language settings, UI state persistence	Legitimate interests or consent
Analytical/Performance	Aggregate usage analytics, error tracking, performance measurement	Consent

15.2 Fraud-Prevention Browser Data

As described in Section 4.6, the Platform collects browser and device information specifically for the purpose of composing HMRC-required fraud-prevention headers. This collection occurs only in the context of HMRC-related workflows and is mandatory for compliance with HMRC's MTD technical standards. It is not used for advertising or cross-site tracking.

You may manage your preferences for non-essential cookies through the cookie management centre accessible from the Platform footer. Strictly necessary cookies cannot be disabled without rendering the Platform non-functional.

15.4 No Third-Party Advertising Cookies

We do not permit third-party advertising networks or data brokers to set cookies or tracking technologies on the Platform.

16.1 Summary of Your Rights

You have the following rights in relation to your personal data, subject to the conditions and limitations set out in UK GDPR and DPA 2018:

Right	Description
Right of Access (Article 15)	You may request confirmation of whether we process your personal data, and a copy of the personal data we hold about you, together with supplementary information about our processing.
Right to Rectification (Article 16)	You may request correction of inaccurate personal data or completion of incomplete personal data.
Right to Erasure (Article 17)	You may request deletion of your personal data where there is no longer a lawful basis for processing, subject to applicable retention obligations.
Right to Restriction (Article 18)	You may request restriction of processing in specified circumstances, such as where you contest accuracy or object to processing pending our consideration of that objection.
Right to Data Portability (Article 20)	You may request receipt of personal data you have provided to us in a structured, commonly used, machine-readable format, or transmission to another controller, where processing is based on consent or contract and is carried out by automated means.
Right to Object (Article 21)	You may object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or processing is required for the establishment, exercise, or defence of legal claims.
Rights Related to Automated Decision-Making (Article 22)	You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects. ProperSorted does not make such decisions; tax-position and readiness computations are presented as informational estimates and all final actions require User instruction.
Right to Withdraw Consent	Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

16.2 How to Exercise Your Rights

To exercise any of the above rights, please submit a written request to:

ProperSorted Data Rights Team service@darkhorseone.co.uk

Please include sufficient information for us to identify your Account (such as your registered email address or user identifier) and clearly describe the right you wish to exercise. We may ask for additional information to verify your identity before processing your request.

16.3 Response Timescales

We will acknowledge your request within 5 business days of receipt and will respond substantively within one calendar month of receiving a verified request. Where the complexity or volume of requests necessitates an extension, we may extend this period by a further two months, in which case we will notify you within one month of receipt of the original request with reasons for the extension.

16.4 Requests Without Charge

We will not charge a fee for responding to your request unless your request is manifestly unfounded or excessive, in which case we may either charge a reasonable fee reflecting our administrative costs or refuse to act. We will inform you of our decision in either case.

16.5 Right to Lodge a Complaint with the ICO

If you believe that our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with the ICO:

Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone: 0303 123 1113 Website: www.ico.org.uk

We encourage you to contact us directly in the first instance, as we will make every effort to address concerns promptly and to your satisfaction.

17. Children

The Platform is intended for use by UK landlords and associated professional advisors. It is not directed at children. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected personal data from a person under 18, please contact us immediately at service@darkhorseone.co.uk and we will take prompt steps to delete it.

18. Changes to This Privacy Policy

18.1 Our Right to Update

We may update this Privacy Policy from time to time to reflect changes in our processing activities, applicable law, or regulatory guidance. We will not reduce your rights under this Policy without your consent.

18.2 Notification

Where we make material changes, we will provide notice through one or more of the following means:

a prominent notice within the Platform on your next login
an email notification to the address associated with your Account
an update to the effective date displayed at the top of this document

18.3 Continued Use

Your continued use of the Platform following notification of material changes constitutes your acknowledgement of the updated Policy. If you do not agree with the updated Policy, you must cease using the Platform and may request account closure in accordance with the Terms and Conditions.

18.4 Version Archive

We maintain an archive of previous versions of this Privacy Policy. Prior versions are available on request addressed to service@darkhorseone.co.uk.

19. How to Contact Us and Escalate Concerns

General Privacy Enquiries: service@darkhorseone.co.uk

Data Protection Officer: service@darkhorseone.co.uk

Postal Address: DarkhorseOne Limited (ProperSorted — Data Protection) Suite 3.1, 27 Castle Street Canterbury, Kent, CT1 2PX England and Wales

Website: www.darkhorseone.co.uk

ICO (Supervisory Authority): www.ico.org.uk | 0303 123 1113

This Privacy Policy is governed by the laws of England and Wales. Any dispute arising under or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of England and Wales.

DarkhorseOne Limited · Company No. 15002342 · VAT No. GB 478687514 · ICO Ref. ZB913022 · British Patent Application No. 2517987.0 Suite 3.1, 27 Castle Street, Canterbury, Kent, CT1 2PX · www.darkhorseone.co.uk