This privacy statement is applicable to Individuals, companies, registered charities, and any other bodies that may require us to collect their personal data, and explains how we collect and use this personal information about you. D S Anderson & Co will be the data controller of your personal data which you provide or collected by us. Contact details are given below.
What personal information we collect about you and how:
Information that identifies or can be used to identify a living individual is known as “personal data.” All organisations processing personal data must do so fairly, lawfully and in accordance with applicable data protection laws. This includes the obligation for us to tell you how we will use your personal data. We treat all of our legal obligations seriously and take all steps necessary to ensure compliance when storing and processing your personal data. In order for us to complete any given task required by you, we may need to collect the following types of personal data:
• Names and addresses and other contact details such as home phone and mobile numbers and email addresses
• National insurance numbers and HMRC UTR reference numbers and vat registration numbers
• Details of personal income of all types
• Copy passports, driving licence and utility bills and email addresses
• Copy bank and credit card statements and account numbers and sort codes
• Copy sales and purchase invoices
• Schedules and other summaries required for data preparation
• Backup copies of data prepared by you when accounts data maintained by you
• Gender and dates of birth
• Any other information necessary for processing of your information
Where we collect personal information from:
In most cases this information will be supplied by you. In other cases this information is available to us direct from HMRC or by requesting from other financial institutions.
How we use your personal information:
The list below gives the purposes for holding and processing the data we will collect:
• deliver services and meet legal responsibilities with regard to Companies House and HMRC
• verify identity where this is required under the Money Laundering regulations
• communication by post, email or telephone
• understand needs and how they may be met
• maintain financial records
• process financial transactions
Who we share your personal information with:
In order for us to help you fully comply with your responsibilities and fulfil other services required we may need to share your information with the following entities as detailed below:
• HMRC and Pension Service Companies
• Companies House
• Banks and other lending institutions
• Other organisations with which you may have a reporting obligation
• Financial crime prevention agencies
If you do not provide your personal information:
If the information we request is not provided, you may run the risk of incurring both interest and penalties from the late filing of required documentation with the relevant authority. Therefore it is imperative that all information required is given on a timely basis to allow time for processing and preparation of necessary forms and calculations.
How long we retain your personal information for
As required by HMRC, we shall maintain personal accounting records for a minimum of 6 years. Information needed to verify identity must be maintained for a minimum of 5 years. After this time any information we hold that is older than this may be securely disposed.
Holding personal information outside the EEA:
We currently do not hold any information outside the EEA. If we need to transfer your data to a service provider outside the EEA, we ensure that appropriate controls are in place to protect your data in accordance with applicable data protection laws.
Safeguarding your personal data:
We take all reasonable care in the collection, storage, processing and disclosure of your personal data and have implemented internal security procedures to minimise the risk that unauthorised parties will be able to access and misuse the information. The internet is an open medium and we cannot guarantee that any information you send to us by email will not be intercepted or tampered with. To help protect your personal data and minimise risks, we would recommend the use of email encryption and ensuring the computer operating programmes are up to date. Additional safety measures can be implemented such as using secure access passwords.
Using our website:
Our website contains only information and contact details for ourselves and has no other information of a sensitive nature and is not used to collect personal data.
Your rights with regard to the data we hold:
Access to your information – You have the right to request a copy of the personal information about you that we hold.
Correcting your information – We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information – You have the right to ask us to delete personal information about you where:
• You consider that we no longer require the information for the purposes for which it was obtained.
• We are using that information with your consent, and you have withdrawn your consent – see Withdrawing consent to using your information below.
• You have validly objected to our use of your personal information – see Objecting to how we may use your information below.
• Our use of your personal information is contrary to law or our other legal obligations.
Objecting to how we may use your information:
You have the right at any time to require us to stop using your personal information for direct marketing purposes. In addition, where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
Restricting how we may use your information:
In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where this is no longer a basis for using your personal information but you don’t want us to delete the data. Where this right to validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Automated processing:
If we use your personal information on an automated basis to make decisions which significantly affect you, you have the right to ask that the decision be reviewed by an individual to whom you may make representations and contest the decision. This right only applies where we use your information with your consent or as part of a contractual relationship with you.
Withdrawing consent using your information:
Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose for which consent was given.
Please contact us in any of the ways set out in the Contact information and further advice section if you wish to exercise any of these rights.
Changes to our privacy statement:
We will keep this privacy statement under regular review and will place any updates on this website at www.ds-anderson.com
Contact information and further advice:
Please contact us at 62 Townhead, Kirkintilloch, Glasgow G66 1NZ or call us on 0141 776 6842.
Email address dsanderson@btconnect.com
Complaints:
We seek to resolve directly all complaints about how we handle personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office, whose contact details are as follows:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone - 0303 123 1113