This Policy governs the use of personal data which you provide to us via our website. Personal data is any or all data relating to a natural person who is identified, or can be identified, from the data.
Peart Accounting Ltd (“we”, “our”, “us”) respects your privacy. We understand that how your personal data is used and shared online matters to you, and we take the privacy of those who visit our website (“the Site”) very seriously. We will not collect any data other than when you contact us, and we will process that data in compliance with the law. Our site may contain links to other sites, and be aware that if you choose to click on those links, your data may be processed by other organisations hosting those sites. We cannot control or monitor this, and you should have regard to their Privacy Policies.
Who we are
The Site is owned and operated by Peart Accounting Ltd company number 12492337, 10 Kilton Close, Redcar, Cleveland, TS10 2NH. We are regulated by the Institute of Chartered Accountants in England and Wales (ICAEW).
You have certain rights as a data subject under the General Data Protection Regulation (GDPR), which governs the collection, processing and disposal of personal data by organisations such as ours.
In relation to personal data about you, you have the right:
to be informed about how and why we collect and use the data
to be given access to the data we hold
to have any inaccurate or incomplete data rectified
to ask us to delete personal data, earlier than we might already dispose of it
to prevent us from processing the data further
to object to us using the data for particular purposes
We provide contact details at the end of this Policy for you to use if you have any complaint about our processing of your personal data. If you are not satisfied with the way we deal with this issue, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), which is the body in charge of supervising personal data use in the UK. The address of the Information Commissioner is:
Information Commissioner's Office
Telephone: 0303 123 1113
Fax: 01625 524510
What data do we collect?
If you communicate with us by e-mail or via the website contact form, we will collect your name and e-mail address and any other content that you send to us in the body of the mail or contact form. We do not collect any other personal data by any other method and in particular, we do not place cookies on our Site.
How is your data used?
We will process and store your data securely, and we will only keep it for as long as we need it for the purpose(s) for which it was collected.
In relation to the data we do collect, as laid out in the section above, we may use it to reply to your email
You have the right to withdraw your consent to our use of your personal data at any time, and to request that we delete it.
We will not share your personal data with anyone at any time
How and where do we store your data?
We will only keep your data as long as we need it for the purpose(s) for which it is collected, and/or for as long as we have your permission to hold it.
Accessing your data
You are entitled to make a Subject Access Request under the GDPR. This means that you may request a copy of any personal data we hold about you, free of charge. We will provide any or all information in response to your request if you contact us on 07949 459947.
If you have any questions about the Site or this Policy, or you wish to make a Subject Access Request, then please contact us as follows, making your request or query clear:
Telephone: 07949 459947
Postal address: 10 Kilton Close, Redcar, Cleveland, TS10 2NH
Amending the Policy
We may change this policy from time to time, in response to changes in the law or for operational reasons. Any changes will immediately be posted on the Site and you will be deemed to have accepted the amended Policy if you continue to use the Site afterwards. You should therefore regularly review this Policy.
In this clause, the following definitions shall apply:
‘client personal data’ means any personal data provided to us by you, or on your behalf, for the purpose of providing our services to you, pursuant to our engagement letter with you;
‘data protection legislation’ means all applicable privacy and data protection legislation and regulations including PECR, the GDPR and any applicable national laws, regulations and secondary legislation in the UK relating to the processing of personal data and the privacy of electronic communications, as amended, replaced or updated from time to time;
‘controller’, ‘data subject’, ‘personal data’, and ‘process’ shall have the meanings given to them in the data protection legislation;
‘GDPR’ means the General Data Protection Regulation ((EU) 2016/679); and
‘PECR’ means the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2426/2003).
We shall each be considered an independent data controller in relation to the client personal data. Each of us will comply with all requirements and obligations applicable to us under the data protection legislation in respect of the client personal data.
You shall only disclose client personal data to us where:
a) you have provided the necessary information to the relevant data subjects regarding its use (and you may use or refer to our privacy notice disclosed in your engagement letter for this purpose);
b) you have a lawful basis upon which to do so, which, in the absence of any other lawful basis, shall be with the relevant data subject’s consent; and
c) you have complied with the necessary requirements under the data protection legislation to enable you to do so.
Should you require any further details regarding our treatment of personal data, please contact our data protection officer, Andrew Peart.
We shall only process the client personal data:
a) in order to provide our services to you and perform any other obligations in accordance with our engagement with you;
b) in order to comply with our legal or regulatory obligations; and
c) where it is necessary for the purposes of our legitimate interests and those interests are not overridden by the data subjects’ own privacy rights. Our privacy notice (disclosed in your engagement letter) contains further details as to how we may process client personal data.
For the purpose of providing our services to you, we may disclose the client personal data to members of our firm’s network, our regulatory bodies or other third parties (for example, our professional advisors or service providers). The third parties to whom we disclose such personal data may be located outside of the European Economic Area (EEA). We will only disclose client personal data to a third party (including a third party outside of the EEA) provided that the transfer is undertaken in compliance with the data protection legislation.
We may disclose the client personal data to other third parties in the context of a possible sale, merger, restructuring or financing of or investment in our business. In this event we will take appropriate measures to ensure that the security of the client personal data continues to be ensured in accordance with data protection legislation. If a change happens to our business, then the new owners may use our client personal data in the same way as set out in these terms.
We shall maintain commercially reasonable and appropriate security measures, including administrative, physical and technical safeguards, to protect against unauthorised or unlawful processing of the client personal data and against accidental loss or destruction of, or damage to, the client personal data.
In respect of the client personal data, provided that we are legally permitted to do so, we shall promptly notify you in the event that:
(a) we receive a request, complaint or any adverse correspondence from or on behalf of a relevant data subject, to exercise their data subject rights under the data protection legislation or in respect of our processing of their personal data;
(b) we are served with an information, enforcement or assessment notice (or any similar notices), or receive any other material communication in respect of our processing of the client personal data from a supervisory authority as defined in the data protection legislation (for example in the UK, the Information Commissioner’s Officer); or
(c) we reasonably believe that there has been any incident which resulted in the accidental or unauthorised access to, or destruction, loss, unauthorised disclosure or alteration of, the client personal data.
Upon the reasonable request of the other, we shall each co-operate with the other and take such reasonable commercial steps or provide such information as is necessary to enable each of us to comply with the data protection legislation in respect of the services provided to you in accordance with our engagement letter with you in relation to those services.
Implementation of the Policy
This Policy is effective as of 2nd March 2020. No part of the Policy is retrospective in effect and applies to matters occurring on or after 2nd March 2020.