UK Data Privacy/Data Protection Law will change significantly on
25th May 2018.
The General Data Protection Regulation (or GDPR for short) is a positive step towards you having more control over how your data is used and how you are contacted by us.
If you are an individual, the rights you have under the GDPR include the following:
- The right to be informed.
- The right to data portability.
- The right to object.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- Rights in relation to automated decision making and profiling.
The changes will also help to better protect your Personal Data. We have therefore updated our privacy notice to reflect these changes.
We use your personal data to help us provide an excellent client service, which includes tailoring the information we share with you to help ensure that it’s relevant, useful and timely.
We will respect your privacy and work hard to ensure we meet strict regulatory requirements.
We will not sell your personal data to third parties.
We will provide you with easy ways to manage and review your marketing choices if you receive direct marketing communications from us.
We would ask you to help us keep your data secure by always following all guidance and instructions we give when sending us private or sensitive information.
Lawful Bases for Processing your Data
The new law states that we are allowed to use personal information only if we have a proper and lawful reason to do so. This includes sharing it with others outside the firm e.g. an auditor of a relevant quality standard.
The GDPR says we must have one or more of these reasons:
- Contract: the processing is necessary for a contract we have with an individual, or because they have asked us to take specific steps before entering into a contract.
- Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
- Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
- Consent: the individual has given clear consent for us to process their personal data for a specific purpose.
A legitimate interest is when we have a business or commercial reason to use your information.
Personal Data We Use
We typically will use the following types of personal data:
- Your Name
- Date of Birth
- Home address
- Contact details such as phone numbers and email addresses
- Bank details and account information
- Medical information (where applicable)
- Employment details
- Data that identifies you by cookies when you use our website
Sending Data outside the European Economic Area (EEA)
Unless you instruct us in a matter or case that involves an international element, we do not normally send your personal data outside the EEA. If we do, then we will seek your consent to do so, explain the risks to you and talk to you about potential safeguards depending on the country involved.
Your refusal to provide Personal Data requested
If you refuse to provide the information requested, then it may cause delay and we may be unable to complete your matter.
We may from time to time send you letters or emails about changes in the law and suggestions about actions that you might consider taking in the light of that information. We will send you this marketing information either because you have consented to receive it or because we have a “legitimate interest”.
You have the right to object and to ask us to stop sending you marketing information by contacting us at any time. You can of course change your mind and ask us to send the information again.
Where we store your personal data
How We Protect Your Information
We are concerned with protecting your privacy and data. When you enter sensitive information (such as log in credentials) or contact form submissions, we encrypt that information using secure socket layer technology (SSL). No method of transmission over the Internet or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
How to get a copy of your Personal Information
If you wish to access your personal data then email:
Data Protection Officer/COLP
Telling us if your Personal Information is incorrect
If you think any information we have about you is incomplete or wrong, then you have the right to ask us to correct it. Please contact us as above.
As mentioned above you also have other rights, namely
- The right to erasure
- The right to restrict processing
- The right to data portability
You have the right to ask us to delete (erase) or stop us using your data if there is no longer any need for us to keep it (e.g. under a legal obligation).
In terms of data portability then subject to any lien we may enjoy for non-payment of fees, we will comply promptly (where permitted) to your request to transfer your physical paper file to another accountant upon receipt of your signed consent. If your file is in electronic format we will take reasonable steps to export the file to a “portable format” where possible. As many different IT systems are used by the COMPANIES we cannot guarantee that we can provide data in a compatible format.
How to raise a complaint
If you are unhappy about how we are using your Personal Data then you can complain to us using the contact information above.
You also have the right to complain to the Information Commissioner’s Office (ICO). Further details on how to raise a concern with the ICO can be found on the ICO’s
Cookies are small files that store information on your hard drive or browser that means that our website can recognise that you have visited our website before. Cookies can’t harm your computer.
This website, like majority of other websites, stores and retrieves information on your browser using cookies. This information is used to make the site work as you expect it to. It is not personally identifiable to you, but it can be used to give you a more personalised web experience.
You can, if you really want to, disable the cookies from your browser and delete all cookies currently stored on your computer. Your cookie settings are set separately for each different device, computer or browser and if you want to change your cookie settings you will need to do so for each device, computer or browser.
If you disable cookies, you’ll still be able to browse the site but you will not be able to use all the features and the website may not work as intended to. Most web browsers have cookies enabled by default, if you want to review your cookie setting please see the section entitled Managing cookies.
Further reading about Cookies:
Information about cookies
More information about cookies is available at:
Internet Advertising Bureau
A guide to behavioural advertising and online privacy produced by the internet advertising industry is available at:
Please note that we take no responsibility for the content of these or any other third party websites.
Cookies which we may use?
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.
Performance Cookies & Third Party Cookies
These cookies allow our website to count visits and traffic sources, so we can determine and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around our website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site. Third party cookies may include Google Analytics and Bing, Facebook and other search engines and service providers.
Updating this Notice
We will, from time to time, update this Privacy Notice after 25th May 2018 to reflect emerging ICO and Working Party 29 guidance, requirements of the new Data Protection Act and any other relevant changes in the law or regulations. We will also seek to learn from any published cases of Data Protection breaches