We may hold your personal details which may include names, private addresses, date of birth, tax and National Insurance references, company registration number, employers tax reference, business name and details of past and present taxable income and gains and data on other taxes.
We hold this data to allow us to provide accountancy and tax advisory services.
If we prepare payroll for your business or give advice in that connection we may hold similar personal details for your staff. We also hold data in order to make ID checks under the Money Laundering Regulations. This may include a copy of your passport or driving licence and evidence of your address.
We retain data for as long as statute or regulations demand.
We hold data electronically and on paper.
We do not allow any third party access to our data. However our IT support (outsourced) may work on software programmes that hold that data such as our databases. It may also be necessary to securely transfer data to IT support to resolve problems with corrupted data.
We use applications such as Dropbox and Team Viewer to securely transfer data.
Our data is held on third party servers and is highly protected by security features including firewalls, regular scans and measures to prevent SQL injection. We have received assurances from our hosting company that
they have all the necessary security procedures in place to meet the requirements of GDPR.
We process and store data using our tax and accounting software. Such software is located ‘in the Cloud’ and we rely on the hosting company’s security features and all access is password protected.
We do not use memory sticks to hold client data. If you provide us with a memory stick we will not transport it out of our office.
We will only share data with HMRC and HM Courts and Tribunal’s service, during the course of an enquiry or investigation or tax appeal or other reasons if:
- We are authorised to do so by the taxpayer, or
- In the case of a Schedule 36 FA 2008 Information Notice, we have either been so authorised by a tribunal or we are compelled to provide data under the terms of a third party notice or legal request from HMRC, or
- We are obliged by other regulations to provide data.
We may use third party contractors in our business and they are required to sign a ‘Fit and proper’ declaration which includes a declaration that they will not remove data or pass on data to other parties.
Website
No personal data is held on our website or is accessible through our website.
Our website allows us to track user data for our own analytical purposes. We track users by IP address, according to which device is being used and by device location.
We do not sell our website data or allow any third party access to our data or our database of users.
Our website data is hosted on third party servers which are protected by firewalls, encryption and access to our servers is password protected by password protection applications.
We are registered with the Information Commissioner.