We are committed to protecting your personal data in accordance with the Data Protection Act 2018 (DPA 2018) and the General Data Protection Regulations (GDPR).
We process personal data for several purposes and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.
The information you provide may be used as follows (this list is not exhaustive):
1. Professional services.
- We provide a diverse range of professional services, such as tax advice, general or specific business advice as part of the services we offer. Some of our services require us to process personal data in order to provide advice and deliver our contract, e.g. payroll services.
2. Administering, managing and developing our businesses and services. We process personal data in order to run our business, including managing our relationship with clients:
- developing our businesses and services (such as identifying client needs and improvements in service delivery);
- maintaining and using IT systems;
- sending you information relevant to the running of your business, your accounts and your tax affairs;
- hosting or facilitating the hosting of events; and
- administering and managing our website, and systems and applications.
Our policy is to collect only the personal data necessary for agreed purposes and we ask clients to only share personal data where it is strictly needed for those purposes. We collect personal data from our clients or from third parties acting on the instructions of the relevant client.
Personal data held by us may be transferred to:
- Regulatory authorities like HMRC and other fraud prevention agencies for the purposes of fraud prevention and to comply with any legal and regulatory issues and disclosures;
- Any legal or crime prevention agencies and/or to satisfy any regulatory request if we have a duty to do so or if the law allows us to do so;
- Third party organisations that provide applications/ functionality, data processing or IT services to us, to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based accounting software, identity verification, data, data back-up, security and storage services;
- Third party organisations that otherwise assist us in providing goods, services or information within our lawful basis for doing so but will never include sharing data for marketing purposes;
- Auditors, other professional advisers and pension administrators.
Your business contact details are used to provide you with information about our services and other information which we think will be of interest to you, unless you tell us not to.
We are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.
Personal data processed is kept by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our retention policy period for records and other documentary evidence created in the provision of services is 7 years.
We take the security of your data we hold seriously. We have a policy including procedures and training in place covering data protection, confidentiality and security, and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect your data.
Access to data
You have a right to access your personal data held by us and you can exercise that right by contacting us below. Our aim is to respond to a request promptly and within the legally required limit of one month of receipt.
Update of personal data
If you wish to update personal data submitted to us, please contact us below. Once we are informed that any personal data held by us is no longer accurate we will make changes based on your updated information.
Withdrawal of consent
Where we hold data based on consent, individuals have a right to withdraw consent at any time. To withdraw consent to our processing of your personal data please contact us using the details below.
This statement is intended to provide information about what personal data we collect about you and how it is used. As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to erasure/deletion, to restrict or object to our processing of personal data and the right to data portability. For further information on these rights please contact us using the details below.
If you do want to complain about our use of your personal data, please contact us below with the details of your complaint. You also have the right to register a complaint with the Information Commissioner’s Office (“ICO”). For further information on your rights and how to complain to the ICO, please refer to their website.
Contacting us about your data
If you have any questions about this privacy statement or how and why we process personal data, please contact us at:
Name: Claire Turner
Address: Parkhill Studio, Walton Road, Wetherby, LS22 5DZ
Telephone: 01937 534505