This privacy statement explains how Little Fish Accountants Limited use any personal data we collect about you.
We take all reasonable steps to ensure data privacy and we will only ever use your personal information to meet our legal responsibilities and to deliver the services you require us to provide.
This notice covers:
• How we collect your information
• What type of information we collect
• How we use your information
• How long we keep your data for
• Who has access to your information
• Third Party Service Providers working on our behalf
• How you can access and update your information
• Security precautions in place to protect the loss, misuse or alteration of your information
• Your choices
• Your rights
• Website cookies
• Changes to our privacy notice
• Contact information
How we collect your information
We obtain personal information about you when you engage us to deliver our services and/or when you contact us about our services.
What type of information we collect
The personal information we collect from you will vary depending on which services you require us to deliver. The personal information we collect will primarily include your name, address, telephone number, email address, date of birth, your Unique Tax Reference (UTR) number, your National Insurance number along with proof of address and some form of photo identification.
How we use your information
Depending on which services you engage us to deliver we may use your personal information to:
• contact you by post, email or telephone
• verify your identity where this is required
• understand your needs and how they may be met
•To enable us to supply professional services to you as our client.
•To enable us to invoice you for our services and investigate/address any attendant fee disputes that may have arisen.
•To contact you about other services we provide
which may be of interest to you if you have consented to us doing so.
• maintain our records in accordance with applicable legal and regulatory obligations
• process financial transactions
• prevent and detect crime, fraud, money laundering or corruption
How long we keep your data for
We are often required by legislation, other regulatory requirements and our insurers to retain your data including where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically six years. To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.
Where we consider your data may be of continuing significance we may retain your personal information for longer than seven years. However you should not rely upon this. If you require us to retain any document for longer periods please tell us in writing and request an acknowledgement of your request. A fee may be charged for this service.
Who has access to your information
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Any staff with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow. Each year, all Partners and staff are reminded of their responsibilities and sign an annual declaration confirming their understanding of, and adherence to, their duty of confidentiality.
Third Party Service Providers working on our behalf
In providing our services we may need to pass your information to third parties including for example
• any third parties with whom you require or permit us to correspond
• an alternate appointed by us in the event of incapacity or death
• tax insurance providers
• professional indemnity insurers
• our professional body AAT and/or the Office of Professional Body Anti- Money Laundering Supervisors (OPBAS) in relation to practice assurance and/or the requirements of MLR 2017 (or any similar legislation)
When we use third party service providers, we disclose only the personal information that is necessary to deliver the relevant service.
We may also pass your data to third parties where we are required to do so by law, for example, by a court order or for the purposes of prevention and detection of crime, fraud, money laundering or corruption.
Please be assured that other than third party service providers or where we are required by law we will not release your information to third parties unless you have requested that we do so.
How you can access and update your information
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email or write to us, or call us using the ‘Contact information’ noted below.
You have the right to ask for a copy of the information Little Fish holds about you. Such requests are known as ‘subject access requests’ (“SARs”).
Please provide all SARs in writing marked for the attention of Donna Copley.
To help us provide the information you want and deal with your request more quickly, you should include enough details to enable us to verify your identity and locate the relevant information. For example, you should tell us:
1. your date of birth
2. previous or other name(s) you have used
3. your previous addresses in the past five years
4. personal reference number(s) that we may have given you, for example your national insurance number or your tax reference number.
5. what type of information you want to know
If you do not have a national insurance number, you must send a copy of:
• the back page of your passport or a copy of your driving licence; and
• a recent utility bill.
DPA 2018 requires that we comply with a SAR promptly and in any event within one month of receipt. There are, however, some circumstances in which the law allows us to refuse to provide access to personal data in response to a SAR (e.g. if you have previously made a similar request and there has been little or no change to the data since we complied with the original request).We will not charge you for dealing with a SAR.
You can ask someone else to request information on your behalf – for example, a friend, relative or solicitor. We must have your authority to respond to a SAR made on your behalf. You can provide such authority by signing a letter which states that you authorise the person concerned to write to us for information about you, and/or receive our reply.
Where you are a data controller and we act for you as a data processor (e.g. by processing payroll), we will assist you with SARs on the same basis as is set out above.
Putting things right (the right to rectification)
You have a right to obtain the rectification of any inaccurate personal data concerning you that we hold. You also have a right to have any incomplete personal data that we hold about you completed. Should you become aware that any personal data that we hold about you is inaccurate and/or incomplete, please inform us immediately so we can correct and/or complete it.
Security precautions in place to protect the loss, misuse or alteration of your information
Whilst we strive to protect the personal information we receive, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Your data will always be processed in our offices in the UK.
We may occasionally contact you by post, email or telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated under ‘Contact information’ below.
As part of the registration process for our e-newsletters, we collect personal data. We use that data to email you based upon your newsletter preferences ie. the information you’ve asked us to tell you about. From time to time we may contact you to update your newsletter preferences. You may change your preferences or unsubscribe at any time by using the contact information noted below.
We don’t rent or trade email lists with other organisations or businesses.
: You have the right to request a copy of the personal information about you that we hold.
Correcting your information: We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
: You have the right to ask us to delete personal information about you where:
• you consider that we no longer require the information for the purposes for which it was obtained
• you have validly objected to our use of your personal information – see ‘Objecting to how we may use your information’ below
• our use of your personal information is contrary to law or our other legal obligations
• we are using your information with your consent and you have withdrawn your consent – see ‘withdrawing consent to use your information’ below.
Deletion of your information is of course subject to the requirements of legislation, other regulations and our insurers as outlined in the section ‘How long we keep your data for’
: In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal
information unless there are overriding legitimate grounds to continue.
: Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Please contact us in any of the ways set out in ‘Contact information’ below if you wish to exercise any of these rights.
Changes to our privacy notice
We keep this privacy notice under regular review and will place any updates on www.littlefishaccountants.co.uk. Paper copies of the privacy notice may also be obtained using the contact details below.
This privacy notice was last updated on 24th May 2018.
Please get in touch with one of your usual Little Fish contacts or alternatively contact Donna Copley on 01302 337773 or via email at firstname.lastname@example.org or by post at Little Fish Accountants,12 High Street, Carcroft, Doncaster, DN6 8DP
We seek to resolve directly all complaints about how we handle your personal information. In addition you also have the right to lodge a complaint with the Information Commissioner’s Office at:
Information Commissioner’s Office
Telephone – 0303 123 1113 or 01625 545 745
|Monday - Thursday||09:00 - 16:30|
|Friday||09:00 - 16:00|
12 High Street
26A Wharncliffe Industrial Estate
If you have any queries or wish to make an appointment please contact us:
Tel: 01302 337773