For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.
The data controller is Farnell Clarke, Evolution House, Iceni Court, Delft Way, Norwich NR6 6BB.
If you are at any time confused or need assistance regarding your data, please contact us at firstname.lastname@example.org or call us on 01603 766078.
We may hold your own or your client’s details which may include names, private addresses, date of birth, tax and NI references, company number, employer’s reference and name, business details and details of past and present taxable income and gains and data on other taxes.
· We hold this data to allow us to provide accountancy and tax compliance and tax advisory services.
· We also hold data in order to make ID checks under the Money Laundering Regulations, this may include a copy of your passport or driving licence and evidence of your address.
· We retain data for as long as statute or regulations demand.
· We hold data electronically and on paper.
· We normally destroy files after six years.
· Our computer hard drives are destroyed before disposal.
· We do not allow any third-party access to our data, however, our IT support (outsourced) may work on software programmes that hold that data such as our databases.
· We store data via third-party servers and we use applications including Dropbox, Microsoft and Google products.
· Data held on third-party servers is highly protected by security features including firewalls, regular scans against malware and measures to prevent SQL injection.
· We process and store data using our tax and accounting software, such software is located 'in the Cloud' and we rely on the software provider's security features and all access is password protected.
· We only use GDPR compliant providers.
· When software is installed on our local machines all software is password protected.
· We prohibit the use of memory sticks to hold client data. If you provide us with a memory stick, we will not transport it out of our office.
· We will only share data with HMRC and HM Courts and Tribunal’s service, during the course of an enquiry or investigation or tax appeal or other reasons if:
a) We are authorised to do so by the taxpayer, or
b) In the case of a Schedule 36 FA 2008 Information Notice, we have either been so authorised by a tribunal or we are compelled to provide data under the terms of a third party notice, or
c) We are obliged by other regulations to provide data.
· We may use third-party contractors in our business and they are required to sign a ‘Fit and proper’ declaration which includes a declaration that they will not remove data or pass on data to other parties.
· We do not sell or give your data to a third-party
· We maintain a database that contains the details of users of our website. The details that we retain are as input by you when you registered with our website. We retain this information as required for billing and to contact you.
· Our website allows us to track user data for our own analytical purposes. We track users by name (when logged in), by IP address, according to which device you are using (whether you are logged in or not) and by device location.
· We do not sell our website data or allow any third-party access to our data or our database of users.
· Our website data is hosted on third-party servers which are protected by firewalls, encryption and access to our servers is protected by password protection applications.
· Our hosting offers technical support and support technicians and our web developers may require access to the full back-end of our website. We place reliance on their own security measures when they access our data.
· We use Google Analytics to store information about how visitors use our website so that we may make improvements and give visitors a better user experience.