We at Spencer Hyde Limited believe in and are fully committed to respect the privacy of our customers. The personal data you share with us is given on trust and is a privilege we take seriously. As such we are committed to compliance with the General Data Protection Regulations (GDPR), which came into effect on May 25, 2018. The regulation contains the most significant changes to European data privacy legislation in the last 20 years, and we have been working hard to ensure that we are evolving with these developments.
We do not sell your personal data and we let you decide how to receive our news and marketing information.
We act as data controller as well as data processor. For the purpose of data protection legislation, Spencer Hyde Limited, 272 Regents Park Road, Finchley, London, N3 3HN is the data controller and data processor.
We are a firm of accountants and registered auditors.
Our offices are located at the following address: 272 Regents Park Road, Finchley, London, N3 3HN.
You can find more about us at www.spencerhyde.co.uk
The data protection officer (DPO) is responsible for overseeing the implementation of this policy, monitoring our compliance with data protection law, and developing related policies and guidelines where applicable.
They will provide an annual report of their activities directly to the Directors, and where relevant, report to the board their advice and recommendations on data protection issues.
The DPO is also the first point of contact for individuals whose data the firm processes, and for the ICO
Our DPO is Antony Youselli
The GDPR is based on data protection principles that our firm must comply with.
The principles say that personal data must be:
This policy sets out how the firm aims to comply with these principles
A legitimate interest is when we have a business reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
Below is a list of all the ways that we may use your personal information as accountants, auditors and tax advisors, and which of the reasons we rely on to do so.
|What we use your personal information for
|Our legitimate interests
|Tax Returns / Consultancy
· Sole Trader / Company
|· Your consent
· Fulfilling engagement letters and standard terms of businesses
· Money laundering regulations
· Our legitimate interests
· Our legal duty
· Professional indemnity insurance
· Financial promotions
· Dealing with HMRC
|· Keeping records up to date
· Seeking consent when we need to contact you
· Complying with regulations that apply to us
· Improving how we deal with financial crime, as well as doing our legal duties in this respect
· Being efficient about how we fulfil our legal and contractual duties
· Self Employed
· National Insurance
· Tax Investigations
· News Updates
|· To manage our relationship with you or your business
· To develop new ways to meet our clients’ needs and to grow our business
· To provide advice or guidance about our services
· To manage how we work with other companies that provide services to us and our clients
· To deliver of our products and services
· To collect and recover debts that is owed to us
· To respond to complaints and see to resolve them
· To exercise our rights set out in agreements or contracts
We may use different kinds of personal information and group them together like this
|Completion of tax returns, accounts etc
|Where you live and how to contact you
|This includes details about your work or profession, nationality etc
|Details of your income, expenses, benefits, investments etc. when compiling tax returns, accounts etc.
|Details about the products or services we provide to you
|Data we get about where you are for tax and accounting purposes
|What we learn about you from letters, emails and conversations between us
|Your family, friends and other relationships
|Open Data and Public Records
|Details about you that are in public records, such as companies house
|Details about you that are stored in documents in different formats, or copies of them. This could include things like your passport, drivers licence or birth certificate ie. Money laundering checks
|Special types of data
|The law and other regulations treat some types of personal information as special. We will only collect and use these types of data for tax purposes:
· Racial or ethnic origin
· Trade union membership
· Health date including gender
· Criminal convictions and offences
|Any permissions, consents or preferences that you give us. This includes things like how you want us to contact you, how you wish us to send compliance etc.
|A number or code give to you by a government to identify who you are, such as a National Insurance Number, UTR
We may collect personal data information from you, your business, other companies you may have dealt with etc, in order to fulfil our services we conduct on your behalf
Data you give us:
Data we collect when you use our services:
Data from third parties:
We sometimes make decisions based on the information we have. This helps improve the efficiency of our services we conduct on your behalf based on what we know. Any major decisions we will contact you for your consent before proceeding.
Here are some examples of automated decisions we make:
We need to confirm your identity before we provide our services to you or your business. Once you have become a client of ours, we will also share your personal information as needed to help detect fraud and money-laundering risks. We may use Fraud Prevention Agencies to help us with this.
Both we and fraud prevention agencies can only use your personal information if we have a proper reason to do so. It must be needed either for us to obey the law, or for a ‘legitimate interest’.
A legitimate interest is when we have a business or commercial reason to use your information. This must not unfairly go against what is right and best for you.
We will use the information to:
We or any FPA may allow law enforcement agencies to access your personal information. This is to support their duty to detect, investigate, prevent and prosecute crime.
FPA’s can keep personal information for different lengths of time. They can keep your data for up to six years if they find a risk of fraud or money-laundering.
Where we transfer personal data to a country or territory outside the European Economic Area, we will do so in accordance with the data protection law.
We may need to collect personal information by law, or under the terms of a contract we have with you. If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform our services to you. Any data collection that is optional would be made clear at the point of collection.
We will not hold your data longer than necessary unless we have been given specific instruction by the individual or we feel required for professional indemnity.
You can access your personal information we hold by contacting your managing partner by phone, email or post.
If you think the information we hold about you is incorrect or needs updating, please do not hesitate to contact us. We will take reasonable steps to check its accuracy and correct it.
You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.
There may be a legal or other official reasons why we need to keep or use your data. But please tell us if you think that we should not be using it.
Please contact us if you object how we use your data or ask us to delete it or restrict how we use it.
You also have the right to complain to a supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted through this link: https://ico.org.uk
We hope that we have shared with you all the information you need, but in the event that we haven’t, or if you have any questions then please do not hesitate to contact us at: email@example.com