Privacy Notice: Selene Accounting Limited
What is the purpose of this notice?
To describe how we collect and use personal data about you in accordance with the General Data Protection Regulation (GDPR).
What we need
Selene Accounting Limited will be what’s known as the “Controller” of the personal data you provide to us. We generally only need to collect basic personal data about you such as your personal details
Family, lifestyle and social circumstances
Goods and services
Financial details
Education details
Employment details
We may also process sensitive classes of information (Special Category Data) that may include:
Physical or mental health details
Racial or ethnic origin
Religious or other beliefs
Trade union membership.
Why we need it
We need to know your basic personal data in order for us to provide our accountancy services to you.
As agents acting on your behalf, we require such information to enable HMRC, Companies House and other organisations to communicate with us from time to time. Such organisations have a legal duty to ensure that any information given out, is to authorised people only and in the interests of the client/subject. This authority enables us to fulfil our contractual agreement with our clients to provide the following services: Tax returns, VAT, payroll, PAYE, CIS, corporation tax and bookkeeping services.
We will not collect any personal data from you that we do not need in order to provide this service.
What we do with it
We only ever use your personal data with your consent, or where it is necessary:
- To enter into, or perform, a contract with you
- To comply with legal duties
- To protect your vital interests
- For our own (or a third party’s) lawful interests, provided your rights don’t override these.
In any event we will only use your information for the purpose or purposes it was collected for.
We may process personal information for certain legitimate business purposes, which include some or all of the following:
- Where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our clients.
- To identify and prevent fraud / money laundering.
- To enhance the security of our network and information systems.
Whenever we process data for these purposes we will ensure that we always keep your personal data rights in high regard and take account of these rights at all times.
When we process your personal data for our legitimate interests, we will make sure that we consider and balance any potential impact on you (both positive and negative) and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law.) You have the right to object to this processing if you wish, and if you wish to do so please inform us in writing. Please bear in mind that if you object this may affect our ability to carry out tasks detailed above for your benefit.
Where we keep it
We are based in the United Kingdom and we store our data within the EU. Some organisations which provide services to us may transfer data outside of the EU, but we will only allow them to do so if we are satisfied that your data is adequately protected.
Example: some of our systems use Microsoft products, a US company. It may be that using their products result in personal data being transferred to, or accessible from, the US. However, as Microsoft is certified under the USA’s Privacy Shield scheme – we allow this as data is deemed to be adequately protected.
How long we keep your information for
We will only use and store information for as long as is required for the purposes it was collected, and to comply with current financial and legal regulations. These state that financial and business records are kept for six years not including the current year.
Under the current Anti-Money Laundering regulations, we are obligated to keep copies of identification (photo ID, proof of address and date of birth) for five years after the end of our business relationship.
We continually review what information we hold and will delete/destroy anything no longer required.
What are your rights?
We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
- The right to confirmation as to whether we have your personal data and, if we do, to obtain a copy of this information (this is known as a data subject access request)
- The right to have your data erased (though this will not apply where it is necessary for us to continue acting on your behalf – as this is a lawful reason.)
- The right to have inaccurate data rectified.
- The right to object to your data being used for marketing and profiling; and
- Where technically feasible, you have the right to personal data you have provided to us which we process automatically based on your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you wish to raise a complaint on how we have handled your personal data, you can contact Paul Bellringer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your data not in accordance with the law you can complain to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.