Protecting Your Privacy
We are PM Stafford Chartered Accountants, trading as Stafford Accountancy, the ‘controller’ of the personal data you provide to us, as we make decisions on what information we hold and what we do with it. We are committed to managing and protecting the privacy of your personal information in line with all current applicable data privacy laws, including the GDPR and the Data Protection Act 2018.
This privacy notice outlines what data we collect, why we collect it and how we manage it while we are holding it. It also highlights your rights with regard to the data.
Information We Collect
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, process, store and transfer the following data about you:
- Identity data including names (first, middle and surname), title, usernames, marital status, date of birth, gender, passport number, driving licence number, job title, qualifications, work experience, national insurance numbers, tax codes and photographs.
- Contact data including addresses (home, billing or business), email addresses, phone numbers and emergency contact data.
- Financial data including income, expenditure, charitable donations, taxation, bank account and payment card information, pension details and other financial-related details.
- Transaction data including payments to and from you and other details of products and services you have purchased.
- Profile data including usernames and passwords, your interests and preferences.
- Usage data including information on how you use our services.
- Marketing and communication data including preferences in receiving marketing material and communication preferences.
- If you email or contact us, we may keep a record of the correspondence or keep your message, email address and contact information to respond to you.
When We Collect Personal Information from You
You may give us your data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- Request a quotation.
- Engage us to provide services.
- Request marketing material to be sent to you.
- Complete one of our enquiry forms.
Other data controllers (including clients) may also provide your personal data to us.
How We Use Your Information
We will only use your personal data where the law allows us to, including in the following circumstances:
- Manage your enquiries when you wish to find out about our services.
- To provide our services to you.
- To fulfil our legal and regulatory obligations.
- To manage our relationship with you.
- To market our services.
- For the purposes of recruitment.
- To contact you in relation to our services and events. You may opt out of receiving communications at any time.
- For other legitimate business purposes.
We do not collect any personal information from you that we do not need to facilitate these tasks.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
Our Lawful Basis for Processing Your Information
We rely upon the following lawful bases to process your data:
- In providing services, support, advice and information to fulfil your contractual engagement with us, we rely on the lawful basis of contract.
- In the management, administration, budget management and debt management of service delivery, we rely on the lawful basis of contract.
- In complying with anti-money laundering regulations and other due diligence, regulatory and compliance requirements, we rely on our legal obligation.
- When we respond to your enquiries, we consider this to be in our legitimate business interest.
- If you have opted in to receive communications from us, then consent is our lawful basis. You may opt out of marketing communications at any time.
- We may send you marketing communications if you are, or have been, a customer or if you have discussed doing business with us, as part of our legitimate business interest.
- In the management and payment of suppliers and contractors, we rely on the lawful basis of contract.
- In the recruitment of prospective employees, we rely on our legitimate business interest.
- In the recording of visitors to the office, we rely on our legitimate business interest.
- In order to protect our assets and interests, we may need to use your information as part of a legal process.
How We Protect Your Information
Stafford Accountancy is committed to protecting your personal data and has implemented the appropriate systems and procedures to ensure this. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. Our websites are scanned on a regular basis for known threats, including viruses and other malware, in order to make your visit to our site as safe as possible.
All the personal data we collect is managed by our staff in the UK. The information is hosted on servers within the EU or within countries considered by the EU to have acceptable standards of data privacy and protection. No other third parties have access to your personal data, unless the law allows or obliges them to do so, or under the circumstances detailed below.
Disclosure of Your Personal Data
We do not sell, distribute or otherwise make personal data commercially available to any party, except as described in this policy or with your prior permission.
We may share your personal data with:
- Third party service providers;
- Legal / regulatory bodies where there is a legal requirement to disclose information;
- Another third party, if our client lawfully instructs us to do so;
- Owners of our clients, including shareholders; and
- Our clients’ funders.
For How Long Will You Use Personal Data?
We will only retain your personal data for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, regulatory or reporting requirements.
To determine the appropriate retention period for personal data, we consider:
- The amount, nature, and sensitivity of the data;
- The potential risk of harm from unauthorised use or disclosure of the data;
- The purposes for which we process the data; and
- The applicable legal requirements.
If you have opted out of receiving communications from us, your contact details will remain on our opt-out list to prevent you from receiving any further communications from us.
We assume responsibility for keeping an accurate record of personal data once you have submitted the information. Please inform us of any changes to your information.
You are entitled to:
- Request access to the information that we hold about you.
- Ask for the information that we hold about you to be amended if it is incomplete or inaccurate.
- Ask us to delete your personal data. Please note that we may not be able to fulfil our contractual obligations without your contact details.
- Ask us not to use your data for direct marketing.
- Have your data transferred to third party.
- Ask us to restrict the processing of your personal data.
- Withdraw consent at any time, where we are relying on consent to process your personal data.
To exercise any of the above rights, please contact email@example.com
Our website may, from time to time, contain links to and from third party websites and social media platforms. If you follow a link to any of these websites or social media platforms, please note that these websites and social media platforms have their own privacy policies and that we do not accept any responsibility or liability for these policies even if you access them using links from our website. Please check these policies before you submit any personal data to these websites and social media platforms.
You may also wish to participate in the various social media platforms hosted by us. However, we do not accept any responsibility for any personal information that you share on such platforms that is subsequently used, misused or otherwise appropriated by another user.
Should you have a concern regarding our management of your personal data, or need further information, please do not hesitate to contact us:
- Address: 22 Foyle Street, Sunderland, SR1 1LE
- Email: firstname.lastname@example.org
- Telephone: 0191 565 0430
You also have the right to make a complaint to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.