Privacy Policy

Last updated: 25 May 2026 · Effective: 25 May 2026

This Privacy Policy explains how MojiTax Ltd ("MojiTax", "we", "us", "our") collects, uses, shares and protects personal data when you use our website at mojitax.co.uk, our learning platform, and any related services (together, the "Services"). It applies to all visitors, learners, and prospective customers.

MojiTax is a UK-registered company. Our registered office is 11 Bishops Close, Birmingham B23 7AY, United Kingdom. We are the data controller for personal data processed through the Services.

1. Personal data we collect

We collect and process the following categories of personal data:

Category	Examples	Source
Account data	Name, email address, password (hashed), country, billing address	You, when you sign up
Payment data	Transaction amount, currency, last four digits of card, payment status	Stripe (we do not store full card numbers)
Course data	Courses enrolled in, progress, assessment results, certificates	You, through use of the Services
Communication data	Messages you send to our support team, webinar registrations, marketing-email engagement	You
Technical data	IP address, browser type, device, referring URL, pages visited, timestamps	Automatically, via your browser and our analytics tools
Marketing data	Preferences, consent status, advertising engagement	You, and Google Ads / Google Analytics

2. How we use your data

We process personal data for the following purposes:

To provide the Services — creating your account, delivering course access, marking assessments, issuing certificates, processing payments.
To communicate with you — responding to enquiries, sending operational emails (course updates, exam reminders, receipts).
To market our Services — sending newsletters, exam-prep webinar invitations, and advertising on platforms such as Google, LinkedIn and others (only where you have consented or where we have a legitimate interest).
To improve the Services — analysing usage patterns, measuring campaign effectiveness, debugging.
To comply with law — meeting our obligations under tax, accounting, anti-money-laundering and data protection legislation.

3. Legal bases for processing

Under the UK GDPR and the Data Protection Act 2018, we rely on the following legal bases:

Contract — to deliver the Services you have purchased.
Consent — for marketing communications and non-essential cookies. You can withdraw consent at any time.
Legitimate interests — to operate, secure and improve our Services, prevent fraud, and measure advertising effectiveness (balanced against your rights).
Legal obligation — to keep financial records and respond to lawful requests from authorities.

4. Who we share your data with

We share personal data only with the categories of recipients listed below, and only as needed to deliver the Services or meet legal obligations:

Payment processors — Stripe Payments Europe Ltd (Ireland) for card and subscription processing.
Learning platform — LearnWorlds (where we deliver course content during the migration period) and our own internal learning management system.
Advertising and analytics — Google LLC (Google Ads, Google Analytics, Google Search Console), Microsoft (LinkedIn Ads), and similar advertising and measurement platforms. These third parties may set cookies or pixels to measure conversions and tailor advertising. We do not sell your personal data to third parties.
Communications providers — SendGrid, Twilio and similar transactional-messaging providers, used to deliver emails and SMS that you have requested or that are required for service delivery.
Professional advisers — accountants, auditors, lawyers, where required.
Public authorities — where we are required by law (e.g. HMRC).

All third-party processors are contractually bound to process personal data only in accordance with our instructions and applicable data-protection law.

5. Cookies and tracking technologies

We use cookies and similar technologies to provide essential site functionality, remember your preferences, measure traffic, and (with your consent) deliver advertising. You can manage your cookie preferences at any time via the cookie banner displayed when you first visit our site, or by adjusting your browser settings.

Specifically, we use:

Strictly necessary cookies — for login, basket, security. Always on.
Analytics cookies — Google Analytics, to understand site usage. Only set with your consent.
Advertising cookies — Google Ads, LinkedIn Insight Tag, used to measure campaign performance and to deliver remarketing. Only set with your consent.

6. International transfers

Some of our processors (e.g. Google, Stripe) operate globally. Where personal data is transferred outside the United Kingdom or the European Economic Area, we rely on appropriate safeguards including the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or adequacy decisions.

7. How long we keep your data

We retain personal data only for as long as necessary for the purposes for which it was collected:

Account and course data — for the duration of your account, plus six years after closure (to meet UK tax-record retention rules).
Payment data — six years for accounting and audit purposes.
Marketing data — until you unsubscribe or withdraw consent, plus a short suppression period to honour your preferences.
Support communications — three years after the last interaction.

8. Your rights

Under the UK GDPR, you have the right to:

Access the personal data we hold about you.
Request correction of inaccurate or incomplete data.
Request deletion of your data ("right to be forgotten"), subject to legal exceptions.
Object to or restrict certain processing, including direct marketing.
Request data portability (a copy of your data in a structured, machine-readable format).
Withdraw consent at any time, where processing is based on consent.
Lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact us using the details below. We respond within one month, as required by law.

9. Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit (TLS) and at rest where appropriate, access controls, multi-factor authentication for staff accounts, and regular security review. No system is completely secure; if a personal data breach occurs, we will notify you and the ICO where required by law.

10. Children

The Services are intended for tax professionals and adult learners. We do not knowingly collect personal data from anyone under the age of 16. If you believe a minor has provided us with personal data, contact us and we will delete it.

11. Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be notified by email to active account holders.

12. Contact us

Data Controller: MojiTax Ltd

Registered office: 11 Bishops Close, Birmingham B23 7AY, United Kingdom

Email for privacy matters: compliance@mojitax.com

General contact: admin@mojitax.com

You can also lodge a complaint with the UK Information Commissioner's Office at ico.org.uk if you believe we have not handled your personal data lawfully.

Social accounts

Get in touch

Belmont Row, Birmingham B4 7RQ, United Kingdom.
admin@mojitax.com
📞 +44 333 335 6044

Our Newsletter

Get weekly updates on live streams, news, tips & tricks and more.

I would like to receive news, tips and tricks, and other promotional material

Thank you!