This policy applies to the following businesses:
Simpson Accountancy Limited - Registered Company number 06910625, Essex Accountants Ltd – Registered Company number 08233401 Registered office Unit 6, Cherry Tree Farm, Blackmore End Road, Sible Hedingham, Essex, CO9 3LZ and Alison Hurrell Ltd Registered Company number 06717149, Registered office 44 Church Street, Bocking Essex, CM7 5JY. Registered in England and Wales.
Simpson Accountancy respects your privacy and we are committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
What is personal data?
Personal data relates to any information about a natural person that makes you identifiable which may include (but is not limited to):
What is sensitive personal data?
Sensitive personal data refers to the above but includes genetic data and biometric data. For example:
What is a Data Controller?
For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.
The data controller is Simpson Accountancy Ltd, Essex Accountants Ltd and Alison Hurrell Ltd.
The data protection officer is Debbie Simpson, Director who can be contacted at the above address.
What is a Data Processor?
A “data processor” is a person or organisation which processes personal data for the controller.
What is Data Processing?
Data processing is any operation or set of operations performed upon personal data, or sets of it, be it by automated systems or not. Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.
What do we mean by Business to Business?
PLC, LTD, LLP incorporated partnerships, trusts and foundations, local authorities and government institutions.
What do we mean by Business to Consumer?
Private clients, sole traders, unincorporated partnerships, trusts and foundations.
What information do we collect about you and how?
Simpson Accountancy, as a Data Controller, is bound by the requirements of the General Data Protection Regulations (GDPR).
We collect information about you when you fill in our contact form via the website. Website usage information is collected using cookies.
Analytics – eg how visitors use our website
We use Google Analytics to store information about how visitors use our website so that we may make improvements and give visitors a better user experience.
An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. Simpson Accountancy Ltd do not have access to any personal identifiable information and we would never seek this information. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have from particular regions.
How will we use the information about you and why?
At Simpson Accountancy Ltd we take your privacy seriously and will only use your personal information to provide the Services you have requested from us, detailed in your Letter of Engagement and as we have identified above. We will only use this information subject to your instructions, data protection law and our duty of confidentiality.
For Business to Consumer Clients and Contacts our lawful reason for processing your personal information will be “A contract with the individual” eg to supply goods and services you have requested, or to fulfil obligations under an employment contract. This also includes steps taken at your request before entering into a contract.
We may receive personal data from you for the purposes of our money laundering checks, such as a copy of your passport. This data will only be processed for the purposes of preventing money laundering and terrorist financing, or as otherwise permitted by law or with your express consent.
Our work for you may require us to pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing the Services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the Services and we have contracts in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We will not share your information for marketing purposes with companies so that they may offer you their products and services.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. If you think that any part of our process is not secure please email us at .
How long will we hold your data for?
We will only retain your personal data for as long as necessary to fulfil the purpose we collected it for, including for the purposes of satisfying any legal accounting or reporting requirements.
Access to your information, correction, portability and deletion
What is a Subject Access Request?
This is your right to request a copy of the information that we hold about you. If you would like a copy of some or all your personal information, please email or write to us at the following address: Debbie Simpson, Simpson Accountancy Ltd, Unit 6, Cherry Tree Farm, Blackmore end road, Sible Hedingham, Essex, CO9 3LZ. We will respond to your request within one month of receipt of the request. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Objections to processing of personal data
It is your right to lodge an objection to the processing of your personal data if you feel the “ground relating to your particular situation” apply. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims.
It is also your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if:
(a) The processing is based on consent or on a contract, and
Your Right to be Forgotten
Should you wish for us to completely delete all information that we hold about you for:
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
How to contact us