The Legislation
The General Data Protection Regulations (GDPR) are already in force as from 25 May 2018. The Information Commissioners Office (ICO) is the supervisory authority responsible for data protection. The regulations are intended to give people greater control of their personal data,requiring organisations and businesses to be accountable and transparent for processing of that data.
It applies to all businesses, organisations and governments within the EU and those outside the EU who process EU residents’ data. As such we are required to comply with GDPR and register with the ICO. Our Data Protection Officer and registered with the ICO is S C Ramsurrun.
Glossary of Terms
What is personal data?
Personal data relates to any information about a natural person that makes you identifiable which may include (but not limited to):
Names and contact information (i.e emails, telephone numbers )
National Insurance Numbers
Employment History
Employee Numbers
Credit History
Personal Tax
Payroll and Accounting Data
Bank Details
IP Address
What is sensitive personal data?
Sensitive personal data refers to the above but includes genetic data and biometric data. For example:
Medical conditions
Religious or philosophical beliefs and political opinions
Racial and ethnic origin
Convictions
Biometric data (eg photo in an electronic passport )
What is a Data Controller?
For general data protection regulation purposes, the ‘data controller’ means the person or organisation who decides the purposes for which and the way in which any personal data is processed
The Data controller is Adshil & Co.
What is a Data Processor?
A ‘data processor’ is a person or organisation which processes personal data for the controller Our Security Measures with your Data
Paper information
Information provided in paper format are kept under lock and key at our offices. Where they are made available to the data processors, the data processors are bound by our ethical standards and confidentiality agreements
Digital Information
Where you fill in forms on our website, we use a third party software for automated data collection and processing purposes, and they are duty bound not to use your data for any purposes and will only holdyour data in line with our policy on data retention.
Cookies: are text files put on your computer to collect standard internet log information and visitor behaviour information. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note that in some cases some of our website features may not function because of this.
IP addresses: or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. We do not have access to any personal identifiable information and would never seek this information. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we get.
Security precautions in place to protect the loss, misuse or alteration of your information
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we do our best effort to ensure its security on our systems, which contain the requisite security protection. Where we have given, or you have chosen, a password which enables you to access information, you are responsible for keeping that password confidential, and not to share it with anyone.
Your data will usually be processed in our UK offices. However, to allow us to operate efficient digital processes and to recover our data in the event of a disaster, we sometimes need to store information in servers located outside of our offices. All our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.
The Information We Collect and Use:
This privacy policy sets out how we use and protect any information that you give us. At Adshil & Co, we are committed to ensuring that your data and privacy are protected. Should we ask you to provide any information by which you can be identified, by whichever means, you can be assured that it will be used in accordance with our privacy statement. We may change this policy from time to time and by updating it on our website.
What type of information do we collect from you?
We obtain information about you when you engage us to deliver our services, to enable us to discharge these services in accordance with our letter of engagement and when you use our website, for example, to enquire about our products and services.
Under ‘legitimate interests’ we can process your personal information if we have a genuine and legitimate reason and we are not harming any of your rights and interests.
We may also receive personal data from you for the purpose of our Money Laundering checks, as required by current regulations. This information is normally kept securely on file and will only be processed for the purposes of preventing money laundering and terrorist financing, or as otherwise permitted by law or with your express consent.
How is your information used?
The personal information we collect from you will vary depending on which products and services you engage us to deliver.
In general terms, and depending on which products and services you engage us to deliver, and as part of providing our agreed services, we may use your information to:
Contact you by post, email or telephone
Verify your identity where this is required
Understand your needs and how they may be met
Maintain our records in accordance with applicable legal and regulatory obligations
Process financial transactions as per our engagement
Prevent and detect crime, fraud and corruption
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation, and is presently typically six years. To ensure compliance with all such requirements, it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.
Who has access to your information?
We do not pass on or share your information to third parties, for any purposes, except where you expressly have your authority to do so, and to assist to meet your legal and regulatory responsibilities.
Our Staff ( data processor )
Any staff with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow, and as required by law these provisions are included in a written agreement for all staff and data processors. Third Party Service Providers working on our behalf Although it is not our usual practice, we may sometimes, have to pass information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services on your behalf, such as mortgage agents, processing payroll or basic bookkeeping. Where we do use third party services, we only disclose personal information that is necessary to deliver the service, with a contract in place to keep the information secure and not to use it for their own purposes.
We do not release information to third parties unless you have requested that we do so or are required to do so by law, e.g by a court order or for the purposes of prevention of crime, fraud or corruption.
Access and update of your information
Keeping your information up to date and accurate is important to us and we commit to regularly review and correct where necessary, the information that we hold about you in conjunction with your agreement. If any of the information changes, please email or write to us, or call us by using the ‘Contact information’ noted below. You have the right to ask for a copy of the information that Adshil & Co holds about you.
Your Rights and Choices
We may occasionally contact you by post, email and telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated below.
Your rights
You have the right to request a copy of the personal information about you that we hold.
You have the right to ask us to correct any personal information about you that you believe are not accurate.
You have the right to ask us to delete personal information about you where:
You consider that we no longer require such information for the purposes for which it is obtained.
You have validly objected to our use of your personal information
Our use of your personal information is contrary to the law or our other legal obligations. You have withdrawn your consent to use your information
You have the right to ask us to restrict on how we use your personal information. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are public interest grounds to do so.
You have the right at any time to require us to stop using your personal information for direct marketing purposes.
You have the right to withdraw your consent to use your information: Where we use your information with your consent, you may withdraw that consent at any time and we will stop using your personal information for the purposes for which that consent was given.
Changes to our privacy policy
We keep this privacy notice under regular review and will place any future updates on our website. Paper copies of this privacy notice can also be obtained upon written request.
Contact Information
Adshil & Co
53 Foxley lane
Purley
Surrey
CR8 3EH
Telephone: +44 (0) 20 8660 7445
Email: office@adshil.co.uk
Complaints
We seek to resolve all complaints directly about how we handle your personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office at:
Information Commissioner’s Office
Wycliffe House
Water lane
Wilmslow
Cheshire
SK9 5AF