This privacy policy is a privacy notice detailing our personal data collection and processing activities to provide a clear and transparent overview of our use of personal data. Personal data is any information (including opinions and intentions) which relates to an identified or Identifiable person.
Personal data is subject to certain legal safeguards and other regulations, which impose restrictions on how it may be processed by organisations and It is our policy to act in accordance with all applicable data protection laws and regulations and in line with the highest standards of ethical conduct.
We will also make sure our use of personal data is fair and transparent and will not process personal data in a manner which is misleading or detrimental to any individuals (our data subjects). We will also only collect and process the personal data we need to complete our operational activities with the aim of only holding the minimum information we require at all times. We will also make sure we review all personal data held on an ongoing basis to ensure it is still required and accurate.
Applicability and Scope of this notice
This notice applies to personal information collected from the following sources:
Information we may collect and Process
In order to complete our business operations, we may need to collect personal data which we may collect from your directly or from a third party and this data includes the following:
How we use this Information and why
We use the personal information we collect to provide our services as detailed in this privacy notice. The activities that may require collection and processing of personal data are as follows:
Lawful Basis – we will only collect and process personal data where we have a clear reason and lawful basis. The lawful basis is dependent on the data processing activity and at least one of the following will apply:
a. Consent – where we have your consent to process your personal data;
b. Contract – the processing is necessary as part of our service provision;
c. Legal obligation – the processing is necessary for legal reasons;
f. Legitimate interests – the processing is necessary for our legitimate interests without infringing your rights as an individual.
What we do with this Information
In completing our services, we may be required or obligated to share your personal data with other entities including;
We will never sell your data or share it with any third parties who might use it for any purpose not associated with the provision of our services. Audit evidence viewed and audit reports are not shared with any third parties unless requested or required by law.
How we store and protect this information
The personal information we collect is stored securely on our company computer systems and also in secure cloud services provided by approved providers based in the UK / EEA and we will not actively transfer your personal data internationally without consent.
File transfer – when collecting or sharing files or documents with our clients we will use secure and encrypted file transfer systems where any personal or confidential data is involved.
We may also hold paper records with personal information and have security systems in place to ensure all records are controlled and protected at all times and disposed of in a secure manner when no longer required.
Protecting the confidentiality, integrity and availability of personal data from all threats whether internal, external, deliberate or accidental is a priority. We will ensure we have implemented appropriate controls to secure personal data using physical, procedural, staff and technical security measures.
Data Retention – we will only hold personal data as long as we need it and we have systems in place for the management of and retention of data. We need to hold some personal data to comply with legal requirements and also for our own legitimate interests.
Your Rights
You have rights relating to your personal which we hold including the right to be informed about our processing of your personal data, as covered by this privacy notice, and the right to request a copy of the personal information we hold about you as well as various other rights as follows:
Not all of these rights will apply to all personal data we hold and process and will be dependent on the category of data and our legal basis for holding this data. If our legal basis is consent you have the right to withdraw consent at any time.
Data Subject Access – please contact us using the contact details listed at the start of this notice if you wish to request a copy of your personal information or to exercise any other rights with regards your personal data.
We will respond to all data subject access requests and will do so within one month and in line with all legally mandated time limits.
There is no charge for responding to access requests unless your request is deemed to be unfounded or if you have made numerous request which we consider to be excessive, in which case, we may notify you of a reasonable admin fee to be charged for completing the request.
You also have the right to complain to the appropriate authority for data regulation if you are unhappy with how we have used your data.
Review and update of this Policy
We may review and update this privacy notice at any time and wil formally review this notice at least annually.
If you have any comments or questions about this privacy notice or your personal data please contact us using the details at the start of this policy.
General Use
We use cookies on this website. Cookies are small data files that are served by our platform and stored on your device. This site uses cookies served directly from this site or from third parties for a variety of purposes including the correct operation and personalisation of the web site. Also, cookies may also be used to track how you use the site to target ads to you on other websites via google adwords.
Third Parties
This website may also use third-party services which may also place cookies. Some of these services include but are not limited to: Google, social network sites, security firewalls and service providers. These services may also collect and use anonymous identifiers such as IP Address, HTTP Referrer, Unique Device Identifier and other non-personally identifiable information and server logs.