Ackland Webb takes the protection of your privacy very seriously. We will only use your personal information to deliver the services you have requested from us and to meet our legal responsibilities.
How we collection information from you
We obtain information about you when you engage us to deliver services. We may also obtain information about you if/when you visit our website or when you contact us about our services.
What type of information do we collect from you?
The personal information we collect from you will vary depending on which services you engage us to deliver. The personal information we collect might, for example, include your name, address, date of birth, telephone number(s), email address, unique tax reference number (UTR), national insurance number, bank account details. If you have visited our website we may also have collected your IP address and information on which pages you viewed and when you accessed them.
Where we process payroll transactions for your business, we will also collect personal information on your employees. This personal information will be limited to the details we require to fulfil this function and may include name, address, email address, date of birth and national insurance number. We consider you to be the data controller for this information and it is therefore your responsibility to issue privacy notices and maintain a data policy in respect of this data.
How is your information used?
In general terms, depending on which services you have engaged us to deliver, as part of provided our agreed services, we may use your information to:
- Contact you by post, email or telephone;
- Verify your identity where this is required;
- Understand your needs and how they may be met;
- Maintain our records in accordance with applicable legal and regulatory obligations;
- Process financial transactions;
- Prevent and detect crime, fraud or corruption;
- Deliver those services you have engaged us to provide to you.
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention varies with the applicable legislation but is typically six years. To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.
Who has access to your information?
We will never sell your information to third parties, nor will we ever share your information with third parties for marketing purposes.
As a member firm of the Association of Chartered Certified Accountants, this firm and all its staff have a duty of confidentiality under the ethical standards that this firm is required to follow.
We will never release your information to third parties unless you have requested that we do so or unless required to do so by law, for example, by a court order or for the purposes of prevention and detection of crime, fraud or corruption.
Third party service providers working on our behalf
All services you have engaged us to deliver are processed by our staff. We do not engage third party providers, agents or subcontractors to deliver any professional services.
We, like many organisations, now run our key software processes on a virtual server in the Cloud which is hosted by a third party IT services provider. We also use this service to store and process all electronic data we hold to enable us to provide the services you have engaged us to deliver. We have sought confirmation from our IT service provider that they are fully compliant with the GDPR, and we have a contract in place that requires them to keep your information secure and to not use it for their own purposes.
In common with other accountancy firms, we use professional software for a range of purposes to deliver the services that you have engaged us to provide. These purposes include payroll, taxation, book-keeping and statutory reporting. All our software providers have issued privacy statements confirming that they are compliant with GDPR. We have contracts in place that require them to keep your information secure and to not use it for their own purposes.
How you can access and update your information
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct the information we hold about you whenever necessary. If any of your information changes, or you believe we have incorrect information, please email or write to us, or call us, using the contact details noted below.
Security precautions in place to protect the loss, misuse or alteration of your information
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us and you therefore do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where a password exists which enables you to access information, you are responsible for keeping this password confidential and we ask you not to share your password with anyone.
Where we hold a password to access data or systems under your control and maintained by you, it is covered by the same duty of confidentiality as your personal information and we will not share it with any other party.
Your data will usually be processed in our Canterbury office. As noted above, to allow us to operate efficient digital processes, we store information on servers but these servers are all located inside the UK. No data is stored outside the UK. We take the security of your data seriously and all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements and good practice.
We may occasionally contact you by post, email or telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated under the “contact information” below.
We may, from time to time, choose to contact you by post or email with general information on matters pertaining to the services we provide to you. This may take the form of a “client notice” or newsletter. For such communications, we will obtain your consent beforehand.
Access to your information
You have the right to request a copy of the personal information about you that we hold.
Correcting your information
We want to make sure that your personal information is accurate, complete and up-to-date. You may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information
You have the right to ask us to delete personal information about you where:
- you consider that we no longer require the information for the purposes for which it was obtained
- you have violently objected to our use of your personal information (see “objecting to how we may use your information” below)
- our use of your personal information is contrary to law or other legal obligations
Restricting how we may use your information
In some cases, you may ask us to restrict how we use your personal information. This might apply, for example, where we are checking the accuracy of personal information about you that we hold, or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer basis for using your personal information but you do not want to delete that date. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Objecting to how we may use your information
Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless they are overwriting legitimate grounds to continue.
Please contact us in any of the ways set out in “Contact information” below if you wish to exercise any of these rights.
Changes to our privacy notice
We keep this privacy notice under regular review. Updates will be placed on the firm’s website. Paper copies of the privacy notice may also be obtained by written request to the address shown in the “Contact information” below.
This privacy notice was last updated on 12 May 2018.
Ackland Webb Ltd
67 Canterbury Innovation Centre
Kent CT2 7FG
Telephone: 01227 811745
We seek to resolve directly or complaints about how we handle your personal information but you also have a right to lodge a complaint with the Information Commissioner’s office at:
Information Commissioner’s Office
Cheshire SK9 5AF
Telephone: 0303 123 1113 or 01625 545745