This policy outlines the data protection procedures we have adopted and which we abide to ensure we are GDPR compliant.

Bagborough Accountancy Ltd ( Trading as ” Bagborough Accountancy”) respects your privacy and is committed to protecting your personal data.

Definitions in this Private Notice

Data: Information stored electronically, on a computer, server or in certain instances in paper-based systems.

Data Controller: Bagborough Accountancy has determined the purposes for which and the manner in which, your Personal Data is processed. The Data Controller has overall responsibility for compliance with the Data Protection Laws. Any questions about the operation of this Notice or any concerns that the Notice has not been followed should be referred in the first instance to the Data Protection Officer.

Data Protection Officer: Michael January, Director, is the appointed officer who is responsible for awareness- raising training staff and informing and advising the Data Controller, Data Processors and Data Users how to ensure compliance with the enactments and to monitor that compliance.

Data Processor: Any person or organisation that is not a Data User that processes personal data on our behalf and in accordance with out specific instructions.

Data Subjects: All living individuals about whom we hold Personal Data. All Data Subjects have legal rights concerning the processing and storage of their personal information.

Data Users: Our employees whose work involves processing your Personal Data. Data users are responsible for the proper use of the data they process and must protect the data they handle in accordance with this Notice.

The Enactments: The General Data Protection Regulations 2017 (GDPR) regulates the way in which all Personal Data is held and processed.

Personal Data: Information which can be used directly or indirectly identify a living individual.

Processing: Any activity in which the data is used, including (but not limited to) obtaining, recording, organising, retrieving, using, disclosing, erasing, destroying and/or holding the data. The term “processing” also includes transferring personal data to third parties, where services may be outsourced to professional firms.

Supervisory Authority: The Authorised Body which is empowered to govern and manage how the GDPR is implemented and abided by in the UK is the Information Commissioner’s Office.

Sensitive Personal Data: This includes information about a person’s race, ethnicity, political opinion, convictions, religion, trade union membership, physical and /or mental health, and sexual preference. Sensitive personal data can only be processed with the express written consent of the person concerned.

Data Controller:

Bagborough Accountancy  is the Data Controller for the purposes of GDPR.

Contact details:

Legal entity: Bagborough Accountancy Ltd
Privacy Officer: Michael January
e-mail address: January.michael@gmail.com
Postal address: Adelaide Cottage, West Bagborough, Taunton, Somerset, TA4 3EF
Telephone number: 07919 213259

Purpose and basis of processing

As a Data User, Bagborough Accountancy and our staff will need to collect, process and store information about your business, its directors, employees and prospective employees for the purposes of providing our services. This information will be used for our management and administrative use only. Data will be kept and used to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately. This includes using information to enable us to comply with the contract of service we have with you, to comply with any legal requirements, pursue the legitimate interests of the company and protect our legal position in the event of legal proceedings.

Consent

When we process information for reasons other than stated above, we will ask you to obtain consent from the Data subject. The Data Subject has the right to withdraw their consent at any time and you will be required to confirm this when you ask for their consent.

Types of data being processed

The sort of information that we will hold/process includes:

Identity data: includes first name, maiden name, surname or similar identifiers, marital status, title, date of birth, gender, passport and driving licence details, your Unique Tax Reference number, your National Insurance number and next of kin.

Contact data: includes invoicing address, email address and telephone numbers.

Financial data: includes bank and credit card details and statements required for the production of financial statements, HMRC details, previous accountant details, payroll and salary information, pension information

Usage data: includes information about how you use our website, products and services.

Marketing and Communication Data: includes your preferences in receiving marketing from us and your communication preferences.

Sources of Data

Most of the information will be provided by you in some instances it may have come from third parties, such as verified data collection agencies or HMRC.

Contractual basis of data provision

Such data is required to enable Bagborough Accountancy to provide accountancy services. If you do not provide this data, we may be unable in some circumstances to comply with our obligations under our contract of service and we will tell you about the implications of that decision.

We will ensure that all Personal Data held is accurate and up to date and will check the accuracy of any Personal Data at the point of collection and at regular intervals afterwards. If you become aware that any of your Personal Data has changed, you are entitled to contact us and request that your Personal Data is amended. We will take all reasonable steps to destroy or amend inaccurate or out of date data.

Automated Decision Making

We do not use automated decision making.

Data Retention periods

Data will only be retained for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.  

By law we have to keep basic information about our clients (including Contact, Identity, Financial and Transaction Data) for 6 years after they years after being clients for tax purposes.

While you remain a client with us, we keep most data we collect from you over the years, as often this is relevant and useful to the services we continue to provide to you.

Once Personal Data is no longer required, we will take all reasonable steps to destroy and erase it.

Keeping your Personal Data Secure

Our staff are bound to our privacy policies, procedures and technologies which maintain the security of all your Personal Data from the point of collection through to the point of destruction. We maintain data security by protecting the confidentiality, integrity and availability of your Personal Data and when we do so, we abide by the following definitions:

Confidentiality: we ensure that only people authorised to use your personal data can access it. Employers are prohibited from accessing and viewing your personal data unless it is necessary to do so.

Integrity: We will ensure that your Personal Data is accurate and suitable for the purpose for which it is processed.

Availability: We have established procedures which means that only our authorised Data Users should be able to access your Personal Data if they need it for authorised purposes.

We also maintain security procedures which include, but are not limited to:

  • Secure lockable desks and cupboards, which are kept locked if they hold your personal data.
  • Paper documents containing Personal Data are shredded and digital storage devices shall be physically destroyed when they are no longer required.
  • Data Users are appropriately trained and supervised in accordance with this Notice, which include requirements that computer monitors do not show confidential information to passers-by and that Data Users log off from or lock their computers or other electric devices when left unattended.
  • Our computers have appropriate password security, boundary firewalls and effective anti-malware defences. We routinely back up electronic information to assist in restoring information in the event of disaster and our software is kept up to date with the latest security patches.
  • We shall take appropriate security measure against unlawful and/or unauthorised processing of personal data and against accidental loss of or damage to your Personal Data.

Data Sharing

We will only disclose the personal data provided by you to third parties (Data Processors outside of our business), if we are legally obliged to do so ( e.g. Anti- Money Laundering purposes) or where we need to in order to comply with our contractual duties to you and the Data Processor agrees to comply with our procedures and policies, or if the Processor puts in place security measures to protect Personal Data, which we consider adequate and are in accordance with the Enactments ( e.g. Accounting software.)

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party providers to use your personal data for their own purposes and only permit them to process your personal data for specific purposes and in accordance with our instructions.

It is not the company’s policy to share your personal data with any third party  for marketing purposes. Any disclosure would require your written consent.

Transfer of Data Outside of Europe

We shall only transfer any Personal Data we hold to a country outside of the European Economic Area (EAA), if one of the following conditions applies;

  • The transfer is legally required on important public interest grounds
  • Defence of legal claims
  • The transfer is authorised by the ICO and we have received evidence of adequate safeguards being in place regarding the protection of your privacy.

Right of Data Subjects

Data Subjects have the right to request access to, rectification of or erasure of their personal data.

You have the right to lodge a complaint to the Information Commissioner’s Office (ICO) should you believe that Bagborough Accountancy has not complied with the requirements of the GDPR or The Data Protection Act.

We keep our Privacy Policy under regular review and reserve the right to amend and update the policy as required. Where appropriate, we will notify you of those changes by mail, e-mail or by placing an updated version of the policy on our website.

If you have any concerns regarding the processing of your data, please contact our Data Protection Officer: Michael January, Director, Bagborough Accountacy,

email address: michael@bagaccounts.co.uk