Privacy Policy
GDPR PRIVACY POLICY
RS Bookkeeping
01237 520660
RSBookkeepingNorthDevon@gmail.com
1. Summary
RS Bookkeeping (the Practice) provides bookkeeping and payroll services to small businesses.
Ruth Sweetland is a sole trader and the point of contact for data protection matters.
2. What type of information we have
The following information is currently collected and processed:
-
Identification - driving licences, passports and utility bills (including name, address and date of birth)
-
Contact details – telephone numbers, addresses and email addresses
-
Financial information - this may include invoices, bank account details, employee details and financial reports and will vary with the services provided.
3. How we get the information and why we have it
Most of the personal information is provided directly by you.
Some information may also be obtained from your website and Companieshouse.gov.uk. This may include your business address, contact details, Certificate of Incorporation and names of any Directors and Persons of Significant Control. Financial information may be obtained from other software that you might have given me access to e.g. your accounting package, your EPOS system etc.
3.1 Contact details and financial information is obtained to provide the Agreed Services as per the Terms of Engagement.
Under the General Data Protection Regulation (GDPR) the lawful basis relied on for processing this information is:
-
We have a contractual obligation
3.2 Identification is obtained to meet legal obligations in relation to Anti-Money Laundering (AML) Regulations.
Under the General Data Protection Regulation (GDPR) the lawful basis relied on for processing this information is:
-
We have a legal obligation
4. What we do with the information
Identification and contact details are held to meet legal requirements and to provide the Agreed Services.
Financial information is processed to provide the Agreed Services.
This information is not routinely shared. It may however be necessary to disclose details to official bodies in order to meet regulatory requirements e.g. in the event of a money laundering or HMRC investigation.
Information will also be shared with your accountant if required and with your permission.
5. How we store your information
Identification and contact details are kept electronically on the icloud and password protected.
Financial information is processed on a cloud accounting system (under your licence, for the system you have chosen).
Data is retained for as long as is necessary to facilitate the working relationship. At the end of the relationship my access to your financial systems will be removed.
As per HMRC requirements, data is retained for a further six years following the termination of our business relationship. Personal data obtained for AML purposes is retained for five years following the termination of the business relationship.
6. Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances (this does not apply where we have a legal obligation to retain information).
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact RSBookkeepingNorthDevon@gmail.com if you wish to make a request.
7. Changes to our policy
This policy is reviewed on an annual basis.
8. Complaints
Should a breach occur, I confirm I will take the necessary steps to curtail this breach and will inform the ICO within 72 hours of becoming aware of the breach.
If you are unhappy with how your data has been used you can complain to RSBookkeepingNorthDevon@gmail.com.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113