Table Of Contents
- Collection of Personal Data
- Use of Information
- Who has access to your personal data?
- Sharing and Disclosure to Third Parties
- Collection Of Information Through Cookie Use
- Communication Preferences
- Transfer of personal data internationally
- Security and Other
- Parents And Children
- Your Rights
- What are the legal grounds for processing personal data
- Your Right to complain
- Contact Information
To seamlessly deliver our services, we at times need to share your information across our teams and offices – always with a focus on keeping your data secure.
Collection of Personal Data
In order to provide our products, services and websites and for the other purposes set out in Use of Information below, we collect and process personal data from our clients, and other users of our websites, products and services.
We may collect information from you such as, but not limited to:
|Personal Data Type||Purpose|
|Your name||To enable us to communicate effectively with you and to differentiate your records|
|Email address||To enable us to communicate effectively with you and to differentiate your records|
|Mailing address||To enable us to communicate effectively with you and to differentiate your records|
|Phone/fax numbers||To enable us to communicate effectively with you and to differentiate your records|
|Date of birth||As required by Statutory bodies such as HMRC|
|Payment information||To enable us to process payments on your behalf or record transactions to us|
|Education history||If you are applying for a position with us|
|Employment information||If you are applying for a position with us or as required by Statutory bodies such as HMRC|
|Information related to your professional qualifications,||If you are applying for a position with us|
|Designations and memberships||To enable us to ensure you pay the correct amount of VAT on transactions we process for you|
|Records of your contact with us||To enable us to communicate effectively with you and to differentiate your records|
|Products and services – to help us fulfil our contractual obligations with you||To enable us to communicate effectively with you and to differentiate your records|
|Details of services provided by our suppliers,||to help us fulfil our contractual obligations to you.|
|A Copy of an identity document, such as a Passport or driving licence||As proof of legal identity as required by the Financial Conduct Authority|
|Financial Information, such as Bank Accounts, National Insurance Number, Unique Tax Reference (UTR)||To enable us to process your tax affairs correctly|
|Gender||Required by HMRC (special category)|
|Political Affiliations||Required to comply for Anti Money Laundering Requirements for certain individuals|
|Trade Union Memberships||To enable us to ensure you pay the correct amount of VAT on transactions we process for you|
|Health Information||In certain circumstances there may be special dispensations that can be made or it may affect how we communicate with you|
You are not required to provide us with all of the Personal Data listed above, but if you do not do so, we may not be able to effectively provide you with our products, services and information. In certain circumstances, you will need to provide us with specific categories of Personal Data (including name, email address and payment information) in order to enter into a contract with us and for us to perform that contract.
From time to time and as permitted by applicable law(s), we may collect Personal Data about you and update any existing Personal Data that we currently hold from other third-party sources, including publicly available data sources, publicly available social networking sites such as LinkedIn, your employer or university/school.
See “Use of Information” section below for details regarding the ways that we use and process your personal data.
Use of Information
Your Personal Data may be used in the following ways:
- To provide our products and services to you
- To enhance and improve our products and services, for example, by performing internal research, analysing user trends and measuring demographics and interests
- To process payments from you (including, but not limited to subscriptions, fees, or payments for any products or services that you choose to purchase from us)
- To process payments to you (including, but not limited to, refunds or reimbursements)
- Internal purposes, such as website and system administration or internal audits and reviews
- To provide access to restricted parts of our websites.
- To communicate with you regarding our products/services that may be of interest to you
- To respond to your requests and enquiries
- To serve relevant advertisements to you when you visit our sites or other third-party sites (including social media platforms)
- To request your participation in surveys, focus groups, or other initiatives which help us to gather information used to develop and enhance our products and services
- To comply with applicable law(s) (for example, to comply with a search warrant, subpoena or court order) or to carry out professional ethics/conduct investigations
- From time to time we may provide statistics about the usage levels of the Site and other related information to reputable third parties, but these statistics will not include information which will allow you to be identified.
We will process your Personal Data for the purposes identified above on the following bases:
- Our legitimate interests, which include processing such Personal Data for the purposes of providing and enhancing the provision of our products, services and information, as well as advertising further products, credentials, designations, services and information to you;
- Where such processing is necessary to perform our contract with you or to take steps before entering into our contract with you; and
- As necessary to comply with our legal obligations, resolve disputes and enforce our contractual agreements.
Unless a longer retention period is required by applicable law, we will retain your information for as long as your account is active, as well as for a short additional period afterwards to cover any outstanding issues or queries that may arise in relation to your account (for example, outstanding payments). This period of retention is subject to our review and alteration.
Who has access to your personal data?
We will retain access to all personal data that we collect from or about you.
By using our site, you agree that we can share your personal information within any business that is controlled or managed by Goringe Accountants, or with selected third parties including:
- Our business partners, including our business partners in the US, where this is relevant to your business,
- Our website host provider;
- Advertisers and advertising networks that we use for our marketing; and
- Any analytic providers that assist us in the improvement and optimisation of our site.
We may disclose your personal information to third parties:
- If we are required to do so by law or in order to comply with any legal obligations;
- If our business is sold or merged, or if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets; and
- If we offer or supply you a service that is provided on our behalf by a third party.
We will retain your personal data in the following ways
- Personal data will be retained for a maximum of 2 years after the termination of a contract
- Financial transactions will be retained in line with current HMRC regulations
- Marketing contacts will be retained for a maximum of 12 months where no contact has been made
We may disclose your Personal Data to third parties from time to time under the following circumstances:
- You request or authorize the disclosure of your personal details to a third party.
- The information is disclosed as permitted by applicable law(s) and/or in order to comply with applicable law(s) (for example, to comply with a search warrant, subpoena or court order).
- The information is provided to our agents, vendors or service providers who perform functions on our behalf. See below for additional details.
- Hosting providers for the secure storage and transmission of your data
- Identity management providers for authentication purposes
- Database software providers for the management and tracking of your data
- Legal and compliance consultants, such as external counsel, external auditors, or tax consultants
- Advertising partners, including social media providers, for the delivery of targeted advertisements
- Marketing providers who send communications on our behalf regarding our products and services
- Payment solution providers for the secure processing of payments you provide to us
- Technology providers who assist in the development and management of our web properties
- Fulfilment and postal vendors for the fulfilment of our products and services
- Survey and research providers who perform studies on our behalf
The following types of cookies may be used on our websites:
- Essential Cookies: These cookies are necessary for our websites to work properly. They are usually only set in response to actions you take such as logging in or completing online forms. You can set your browser to block or alert you about these cookies, but some parts of our sites will not function if these cookies are blocked.
- Functionality Cookies: These cookies enhance the functionality of our websites by storing your preferences (such as your preferred language or the region that you are in) and allow us to provide enhanced features on our sites such as videos. These cookies may be set by us or by third-party content that we have placed within our pages. If you do not allow these cookies, some of the features on our websites may not function properly and you may not receive a personalized experience when visiting our sites.
- Performance Cookies: These cookies allow us to count page visits and traffic sources, so we can measure and improve the performance of our sites. They help us to understand which pages are visited most frequently and how visitors interact with our sites. Any information collected by performance cookies is aggregated and therefore not identifiable. If you do not allow these cookies we will not receive data related to your visits to our sites.
- Third-Party Cookies: These cookies may be set through our site by our advertising partners, such as Google or Adobe. They may be used by these companies to enable them to build a profile of your interests and show relevant advertisements on other sites. These cookies are based on identifying your browser and internet device. If you do not allow these cookies, you will experience a decrease in the targeted advertisements that you see online.
If you opt-in to use the “Remember me” feature on our websites, we will place a persistent cookie on your hard drive and you will not be required to log in for every session. By disabling cookies on your machine or clearing your browsing history you may deactivate the persistent cookie.
All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage your preferences related to cookies, please consult the privacy features within your browser.
Further information about cookies:
- How to control cookies in your browser on aboutcookies.org
- How to manage your preferences related to targeted advertising
We strive to provide you with relevant and useful information related to our products, services and industry news. You can update your communication preferences at any time by contacting us using the information listed at the bottom of this policy to make changes. Any promotional emails that we send will include a link at the bottom of the email to unsubscribe.
Transfer of personal data internationally
By providing us with your personal data, you acknowledge and agree that we may from time to time transfer any of your personal data to any of our offices or to the offices of any of our affiliates, agents or appointed representatives located around the world. We have implemented appropriate safeguards for transfers of personal information originating from the European Economic Area (EEA) to countries located outside of the EEA. These safeguards include implementing standard data protection clauses which have been approved by the European Commission or (in relation to transfers from the European Union to the USA) transferring Personal Data to entities who have signed up to the EU-U.S. Privacy Shield. Please do not submit any personal data to us if you do not wish for your data to be transferred internationally.
Security and Other
We use reasonable measures to strive to safeguard and secure the personal data we collect. Any transmission of personal information is at your own risk. Technology, such as, but not limited to, Transport Layer Security (TLS) and Secured Socket Layer (SSL), is used to enhance security and reduce the risk of loss. Our security practices, processes or technology do not guarantee the absolute security of your information and you should take all normal personal precautions such as, but not limited to, not sharing passwords, closing browsers, and not using public networks (e.g., internet cafes, etc.).
Parents And Children
We do not knowingly collect personal information from children under the age of 13. Parents have the right to terminate the registration of a child under the age of 13 by contacting us using the information listed at the bottom of this policy.
Under the General Data Protection Regulation (GDPR) you have the following rights with us:
- Your Right to be informed – this covers the data we hold on you and how it is processed
- The right of access – the GDPR Articles 1 15 and Recital 63 makes the provision to make a Subject Access Request (SAR) we will provide confirmation of data is being processed; access to their personal data; and other supplementary information. This will be provided free of charge within 1 month of proof of a valid request
- The right to rectification – request inaccurate personal data rectified or completed if it is incomplete. This request can be made verbally or in writing. This will be actioned within one calendar month.
- This right is closely linked to the controller’s obligations under the accuracy principle of the GDPR (Article (5)(1)(d)).
- The right to erasure (right to be forgotten) – Individuals can make a request for erasure verbally or in writing. All requests will be actioned within one calendar month but the right is not absolute and only applies in certain circumstances.
- The right to restrict processing – This is not an absolute right and only applies in certain circumstances. We may still store the personal data, but not use it. The request can be made verbally or in writing and we will respond within one calendar month
- The right to object – this includes processing based on legitimate interests or the direct marketing (including profiling)
What are the legal grounds for processing personal data
We utilise the following basis:
- Consent – All marketing information is provided via an opt-in mechanism
- Contractual – all necessary requirements for provisioning services for you
- Legal Obligation – Statutory reporting for financial and crime management purposed
- Legitimate Interests – where we feel our products or services may support you in your project often referred to as a ‘Soft opt-in’
Your Right to complain
If you have a complaint about how we are processing your personal data, you have the right to complain to the supervisory authority. In the UK this is the Information Commissioners Office https://ico.org.uk/concerns
You may seek to exercise any of these rights by updating your information online (where possible) or by sending a written request to our Data Protection Officer Laura Bowden via the email address [email protected]
You are encouraged to report any improvements, suggestions, or any suspected breaches of privacy or security to us by using the contact information on our Contact page.