Privacy Notice - May 2018

Introduction

I am committed to ensuring that any personal data I hold about you and your business is protected in accordance with data protection laws and is used in line with your expectations.

This privacy notice explains what personal data I collect, why I collect it, how I use it and how I protect it.

What personal data do I collect?

I collect personal data about you and your employees to provide the services agreed in our Terms of Engagement in relation to bookkeeping records, payroll, pensions and preparation of accounts.

Personal details that I collect about your employees include:

 Name, date of birth, address, national insurance number, pay scales, sickness and maternity records

Personal details that I collect about you include:

 Your name, date of birth, home and work address, phone numbers, confirmation of identity

This information will be collected from you directly in the Client Information Questionnaire and payroll set up form.

If you also require self-assessment tax services I will also collect:

 Your national insurance number or unique taxpayer reference (UTR), if you’re self-employed. I may also collect information regarding other employment details and income that you are in receipt of.

Why I collect this information and the legal basis for handling your data

I use personal data about you and your employees to comply with my legal obligations in providing payroll services, self-assessment tax services and bookkeeping to fulfil the contractual arrangement you have entered into. This includes using your data to:

 Provide information to HMRC for the purposes of income tax and NI calculations

 Provide information and payment details to pension organisations to comply with the pension regulations

 Verify your identity to comply with Money Laundering regulations

 Prepare accounts and submit figures to the Charity Commission

 Keep you updated with information about my services

I have a legal obligation to process the payroll and other data detailed above to the relevant regulatory bodies.

Who I share your data with

For me to deliver bookkeeping and payroll services I will also share your data as required with the following categories of recipients:

 HMRC – details are submitted in real time when payroll is prepared for employees and for the individual or partners for self-assessment tax returns – I act as agent for PAYE and Tax

 Pension providers – to determine payments from employees – I act as an administrator for your scheme

 Institute of Certified Bookkeepers – my Money Laundering controller

 The payroll software provider (Brightpay) for purposes of emailing payslips

 Charity Commission – for annual returns

 An accredited independent examiner for checking and confirming your accounts

I will also share your data if:

 I am legally required to do so, for example, by law, by a court or the Charity Commission;

 I need to enforce or apply the terms and conditions of your contract with me using a debt collection agency if necessary;

 It is necessary to protect my rights, property or safety

I will never share your data with any other organisation to use for their own purposes

How do I protect your data?

I protect unauthorised access to your personal data and prevent it from being lost, accidentally destroyed, misused, or disclosed by:

 Using unique and individual passwords to protect individual client data files on my computer and with HMRC and the payroll software provider

 Keeping back ups of client data in a locked fire safe

 Maintaining paper records in a secure cabinet

How long do I retain your data?

I retain your employee’s personal data for up to 3 years from the end of the tax year after your employee has left your setting or for 3 full years if still in employment.

Annual accounts records are returned to you for filing and retention once accounts have been prepared – normally within 6 months of the end of the financial year.

Tax return information is retained for 3 full years from submission.

Your rights with respect to your data

You have the right to:

 Request access, amend or correct your/your employees’ personal data

 Request that I delete or stop processing your/your employees’ personal data (unless I have a legal obligation to do so), for example where the data is no longer necessary for the purposes of processing; and

 Request that I transfer your, and your employees’ personal data to another person

If you wish to exercise any of these rights at any time or if you have any questions, comments or concerns about this privacy notice, or how I handle your data please contact me. If you continue to have concerns about the way your data is handled and remain dissatisfied after raising your concern with me, you have the right to complain to the Information Commissioner Office (ICO). The ICO can be contacted at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or ico.org.uk .

Changes to this notice

I keep this notice under regular review. You will be notified of any changes where appropriate when your contract and terms of engagement are reviewed annually and make any necessary changes to how data is used and stored.