Privacy Statement – Personal Data
We are committed to protecting your personal data in accordance with the Data Protection Act 2018 (DPA 2018) and the General Data Protection Regulations (GDPR).
We process personal data for several purposes and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.
Our policy is to collect only the personal data necessary for agreed purposes and we ask clients to only share personal data where it is strictly needed for those purposes. We collect personal data from our clients or from third parties acting on the instructions of the relevant client.
We process personal data to provide professional services such as tax advice, general or specific business advice as part of the range of services we offer. We also process personal data in the administration and management of our business.
Your business contact details are used to provide you with information about our services and other information which we think will be of interest to you, unless you tell us not to.
We are subject to legal, regulatory and professional obligations.We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.
Personal data processed is kept by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).In the absence of specific legal, regulatory or contractual requirements, our retention policy period for records and other documentary evidence created in the provision of services is 15 years.
We take the security of your data we hold seriously.We have a policy including procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
We will only share personal data with others when we are legally permitted to do so.When we share data with others, we put contractual arrangements and security mechanisms in place to protect your data. We use third parties located in other countries to help us run our business.As a result, personal data may be transferred outside the countries where we and our clients are located.This includes countries outside the European Union (“EU”).
Under the DPA (2018) and GDPR, Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights.
Should you wish to pay your professional fees by instalments we may pass your information to a finance provider however, this will not be done without discussing payment options with you first.We may share your information with and obtain information about you from credit reference agencies.If this is the case, we will provide you with information about the credit reference agency we have used.Please note that any searches undertaken prior to you proceeding with your application will be soft searches and will not affect your credit rating.
Credit checks may include a search of your records (for limited companies this may include directors and the organisation itself) at a credit reference agency.This type of search will leave a footprint that other lenders will be able to see but not the outcome of the search.The type of search made should not have a detrimental effect on the credit rating of an individual.
We Store Your Personal Data
We use several data storage methods which include:
- Electronically via our externally hosted platforms
- Manually in paper records
- In cloud based systems including Office 365
- Electronically on in-house encrypted servers, desktops and laptop computers
Information held on our hosted systems is held securely and data encrypted to protect your data from cyber-attacks and on-line hackers and manual records are stored in secure locked offices.
Access to data
You have a right to access your personal data held by us and you can exercise that right by contacting us below. Our aim is to respond a request promptly and within the legally required limit of 40 days.
Update of personal data
If you wish to update personal data submitted to us, please contact us below. Once we are informed that any personal data held by us is no longer accurate we will make changes based on your updated information.
Withdrawal of consent
Where we hold data based on consent, individuals have a right to withdraw consent at any time. To withdraw consent to our processing of your personal data please contact us below.
This statement is intended to provide information about what personal data we collect about you and how it is used.As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to erasure/deletion, to restrict or object to our processing of personal data and the right to data portability. For further information on these rights please contact us below.
If you do want to complain about our use of your personal data, please contact us below with the details of your complaint. You also have the right to register a complaint with the Information Commissioner’s Office (“ICO”).For further information on your rights and how to complain to the ICO, please refer to their website.
We take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us or are in our professional opinion directly applicable to you.
We will not use your information or share your information with any other company for marketing purposes without your prior consent.If you wish to unsubscribe from receiving marketing material at any time please use the contact details at the bottom of this notice.
Cookies and similar technologies
A cookie is a small text file which is placed onto your computer or electronic device when you access our website. Similar technologies include web beacons,action tags, local shared objects (‘flash cookies’) and single pixel gifs. Such technologies can be used to track users’ actions and activities, and to store information about them. We use these cookies and similar technologies on this website for the following purposes:
To obtain information on your preferences.
We may collect personal information by only when submitted voluntarily or you have signed up for services.
Consent for cookies
Cookies and similar technologies used on this website
For further information on cookies generally, visit aboutcookies.org or the Information Commissioner’s webpage on cookies ico.org.uk/for-the-public/online/cookies
Contacting us about your data
If you have any questions about this privacy statement or how and why we process personal data, please contact us at:
Bambu Business Lounge
Unit 3 Prenton Business Park
Telephone: 0151 649 8456