Is there confidentiality of corporate data in England?

In the business environment, the word “confidentiality” always sounds like a promise of security: as if information about company owners, finances, and internal processes is protected from prying eyes. But when it comes to England, illusions quickly dissipate. The British jurisdiction is known for its transparency — most corporate data here is publicly available, and anyone can monitor an English company online in just a few clicks.

So, can we even talk about confidentiality of corporate data in this country, where Companies House essentially serves as a “Google for business”? And if not — what tools remain for entrepreneurs to preserve privacy? This is exactly what we will tell you about.

What corporate data in England is public?

When you register a company in England, the information automatically goes into Companies House — the state corporate register, which operates on the principle of maximum transparency. This is not just a bureaucratic database, but an open resource where anyone (from a potential partner to a curious competitor) can check data about your company, and for free.

Publicly available are:

• the name of the company, its status, legal address, date of registration, and size of the share capital;
• the names of active directors and secretaries, as well as their addresses, dates of birth, and nationality;
• the names of inactive (resigned) directors and secretaries, as well as their addresses, dates of birth, and nationality;
• the history of previous appointments of directors in other companies;
• statutory documents and the history of changes to them: company formation, appointments, dismissals, annual statutory updates;
• the company’s financial statements and the history of their submission with dates;
• the register of persons with significant control (PSC) — those who actually own or control the business, i.e. the register of beneficiaries. It includes the beneficiary’s full name, date of birth, nationality, country and residential address, nature of control, and percentage of voting rights.

In other words, confidentiality here is quite conditional. London may be a global financial center, but it doesn’t like “secrets” in corporate affairs — and this is part of the UK’s policy of combating money laundering and fraud. Therefore, transparency here comes above all.

Moreover, information about company officers remains in the public register throughout the company’s existence and is available to the public even after the officers resign. This applies to both active and inactive companies.

After the company is dissolved, this data remains in public access for another 20 years. After that, part of the records is transferred to The National Archives (TNA) for long-term storage.

What data is not public in Companies House?

Despite the rather wide openness of the register, not all company information in England is public. There are several important nuances that leave room for privacy:

• Personal data of directors. Only registered business addresses are kept in the public domain. Home addresses (if not used as registered ones) are hidden to avoid misuse.
• Bank details and transactions. Companies House does not publish any details about corporate accounts or movement of funds. This falls under the jurisdiction of financial institutions and regulators.
• Internal contracts. Agreements with clients, suppliers, or investors do not get into the register. They remain exclusively in circulation between the parties.
• Tax reporting. Unlike financial statements, company tax returns are not disclosed in open sources.

Although the list is quite short, there are still loopholes that allow slightly increasing the amount of protected information.

Removing personal data from the company register in Britain

In the UK, business owners and company directors can protect their personal data by removing certain information from the public register of Companies House. This applies to:

1. Removing a home address: if a home address was used as a business or correspondence address, it can be replaced with a service address or head office address. For an active company, the registered office address must first be changed; for dissolved companies — you must wait 6 months after dissolution.
2. Removing a signature: an application allows removing a signature from registry documents, except for charges, mortgages, and related deeds.
3. Removing the day of birth: it is possible to remove the day of birth if the document was submitted before 10 October 2015. For new companies, only the month and year of birth remain in the public register.
4. Removing profession: possible only if the position was required (for example, when appointing a director).

A company or LLP can apply for data protection in the Company Register only if there is a serious risk of violence or intimidation for a specific person due to the company’s or LLP’s activities. More specifically, this may be the case if:

• the activities of the company or LLP create a threat to a director, LLP member, or PSC, as well as those who live with them;
• the company operates in a high-risk sector (for example, the defense industry, activities subject to strict regulation, or contact with activists who may harass employees);
• there is a real threat of violence or harassment due to the professional activities of company officers;
• there are specific circumstances that make an officer easily traceable or vulnerable to attack, threats, or intimidation.

Important: a company cannot apply simply to hide information without a real threat. There must be concrete grounds and, if possible, supporting evidence of the threat (for example, police reports, documents on attacks or harassment).

Who can apply for data removal:

• beneficial owners;
• company officers;
• trust members (including beneficiaries, settlors, grantors, and other interested parties).

The procedure for applying for data removal

First, the relevant form must be completed: SR01 for individuals or SR02/SR03 for companies and persons registering charges. After that, the completed form must be sent by mail to Companies House. The next step is payment of the fee. If necessary, supporting evidence should be provided to justify the request for deletion or concealment of data.

While the application is under review (from 30 days to one year), the information is temporarily blocked from public access.

Thus, even in the open British register, there are mechanisms for privacy protection for those who are under real risks.

In British jurisdiction, the principle of maximum transparency of corporate registers is fundamental: information about companies, their directors, and persons with significant control is generally publicly available. At the same time, the law provides for specific mechanisms for protecting personal data for those who are genuinely exposed to risks of violence, harassment, or intimidation. This means that full confidentiality in the classical sense is impossible here, but legal tools allow limiting the disclosure of the most sensitive information, creating a balance between transparency and the security of specific individuals. It is important to remember: data protection is not automatic and requires an official application and confirmation of a real threat.

Turning to professional legal consultants, Azola Legal Services, can be a useful step in developing an individual data protection strategy. Our experience in international business and knowledge of the specifics of British legislation allow us to effectively resolve confidentiality issues and ensure an appropriate level of personal data protection.