1 What information do we keep?
2 How do we store and use this information?
3 With whom do we share this information and why ?
4 How long do we hold this information?
5 Your rights in relation to the information we hold
6 Who will deal with GDPR matters at HK Accountancy ?
1. What information do we keep?
We only hold information supplied by our clients that is necessary to enable us to act on their behalf on accountancy and taxation matters.
Copy of photographic ID (to comply with money laundering legislation)
Names and contact information ie addresses, emails and telephone numbers
National Insurance Numbers
Other registration numbers such as VAT, PAYE etc
Name and address history
Payroll and accounting data
2. How do we store and use the information ?
Any personal information and financial data supplied to us by our clients are stored on encrypted external hard drives and are identified only by unique code numbers and not by name. Code reference directories are stored separately in a safe.
In terms of internet activity and the necessary transfer of information via third parties such as HMRC, our systems are protected by encryption and operate via a Virtual Private Network (VPN) to minimise the possibility of external hacking of our systems. We also have softwares in place to flag up any possible security breach of our systems.
Any information held by us is only used in direct relation to the services we provide for our clients.
3. With whom do we share your information and why?
We only share information with third parties that are integral to the supply of accountancy services to our clients, and only supply the minimum of information necessary for that purpose. We are also legally bound to supply information upon request to any government agency in relation to suspected fraud or breaches of money laundering legislation.
Third Parties we use :
We use Dropbox to exchange documentation and information relevant to dealing with clients affairs
We use Sage cloud accounting to store and file bookkeeping, payroll, final accounts and corporation tax for clients
We use Tax Filer to store all client personal information and to file accounts and tax returns for individuals, partnerships and ltd companies.
HMRC - they hold client data regardless of whether we do or not but we are able to access it through our agent portals, however we can only view it, the only information we have the power to change is names and addresses on the clients request.
We use Adobe for gaining signature approval for engagement, filing etc for clients - only basic data is held within this and is entered by the client (other than email address which we have to enter)
We use our website form to gather the data to enable us to carry out the work, these forms come directly through as an encrypted email, once we have transferred the data, their form is stored in their
We recommend that you familiarise yourself with these privacy policies to avoid any misunderstandings.
4. How long do we hold your information?
We hold information for 7 years, at which time, unless otherwise instructed by the client, information and documentation is permanently deleted/shredded.
After disengagement we hold information for 12 months.
5. Your rights in relation to the information we hold.
Under the new regulations the individual’s right to control and delete information has been enhanced and suggests that the individual should have the right to directly access this information and remove it themselves. However, given the hyper-sensitive nature of the information that we hold in relation to our many clients and in the absence of official guidelines regarding financial data, we believe that allowing direct access would substantially weaken our security systems and potentially open gateways into our systems.
In the interests of protecting your information to the maximum we have therefor opted for a compromise. Should you require us to remove the information we hold we undertake to do so if requested with the form available on the website. But it should be made clear that any request to remove the information will constitute a declaration that you no longer wish us to act on your behalf and Termination of Service letters will also be issued.
6. Who will deal with GDPR matters at HK Accountancy ?
Our GDPR Officer will be Hannah Knight and all queries should be addressed to her via email@example.com
Rest assured that we protect your data at all times, our business depends on it.