Privacy Policy Notice
The policy: This privacy policy notice is served by Calculus Accounting Limited, 4 Masefield Crescent, Balderton, Newark, Notts NG24 3QG under the website; www.calculusaccounting.co.uk The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use our website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a users computer or device.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
We are registered with the ICO under the Data Protection Register, our registration number is: ZA213402
Data Protection Officer: Mr Mark Kitts
Introduction
We are committed to safeguarding the privacy of our website
visitors and service users.
This policy applies where we are acting as a data controller
with respect to the personal data of our website visitors and service users; in
other words, where we determine the purposes and means of the processing of
that personal data.
We use cookies on our website. Insofar as those cookies are not
strictly necessary for the provision of our website and services, we will ask
you to consent to our use of cookies when you first visit our website.
In this policy, “we”, “us” and
“our” refer to Calculus Accounting Limited and all of its officers
(and employees)
2. How we use your personal data
2.1 In this Section 2 we have set out:
(a) the general categories of personal data that we may
process;
(b) in the case of personal data that we did not obtain
directly from you, the source and specific categories of that data;
(c) the purposes for which we may process personal data; and
(d) the legal bases of the processing.
2.2 We may process
data about your use of our website and services (“usage data”). The
usage data may include your IP address, geographical location, browser type and
version, operating system, referral source, length of visit, page views and
website navigation paths, as well as information about the timing, frequency
and pattern of your service use. The source of the usage data is google
analytics. This usage data may be processed for the purposes of analysing the
use of the website and services. The legal basis for this processing is our
legitimate interests, namely monitoring and improving our website and services.
2.3 We may process
your account data (“account data”). The account data may include your
name and email address. The source of the account data is you or your employer.
The account data may be processed for the purposes of operating our website,
providing our services, ensuring the security of our website and services,
maintaining back-ups of our databases and communicating with you. The legal
basis for this processing is our legitimate interests, namely the proper
administration of our website and business in conjunction with or in addition
to the performance of a contract between you and us and/or taking steps, at
your request, to enter into such a contract.
2.4 We may process
your information included in your personal profile on our website (“profile
data”). The profile data may include your name, address, telephone number,
email address, profile pictures, gender, date of birth, relationship status,
interests and hobbies, educational details and employment details. The profile
data may be processed for the purposes of enabling and monitoring your use of
our website and services. The legal basis for this processing is our legitimate
interests, namely the proper administration of our website and business in
conjunction with or in addition to the performance of a contract between you
and us and/or taking steps, at you request, to enter into such a contract.
2.5 We may process
your personal data that are provided in the course of the use of our services
(“service data”). The service data may include all areas contained
within the “profile data” and in addition financial details relating to you
and/or your business. The source of the service data is you or your employer.
The service data may be processed for the purposes of operating our website, providing
our services, ensuring the security of our website and services, maintaining
back-ups of our databases and communicating with you. The legal basis for this
processing is consent along with our legitimate interests, namely the proper
administration of our website and business and the performance of a contract
between you and us and/or taking steps, at your request, to enter into such a
contract.
2.6 We may process
information relating to our customer relationships, including customer contact
information (“customer relationship data”). The customer relationship
data may include your name, your employer, your job title or role, your contact
details, and information contained in communications between us and you or your
employer. The source of the customer relationship data is you or your employer.
The customer relationship data may be processed for the purposes of managing
our relationships with customers, communicating
with customers, keeping records of those communications and promoting our
products and services to customers. The legal basis for this processing is
consent and our legitimate interests, namely the proper management of our
customer relationships.
2.7 We may process
information relating to transactions, including purchases of goods and services
that you enter into with us and/or through our website (“transaction
data”). The transaction data may include your contact details, your card
details and the transaction details. The transaction data may be processed for
the purpose of supplying the purchased goods and services and keeping proper
records of those transactions. The legal basis for this processing is the
performance of a contract between you and us and/or taking steps, at your
request, to enter into such a contract and our legitimate interests, namely the
proper administration of our website and business.
2.8 We may process
information contained in or relating to any communication that you send to us
(“correspondence data”). The correspondence data may include the
communication content and metadata associated with the communication. Our
website will generate the metadata associated with communications made using
the website contact forms. The correspondence data may be processed for the
purposes of communicating with you and record-keeping. The legal basis for this
processing is our legitimate interests, namely the proper administration of our
website and business and communications with users.
2.9 We may process
any of your personal data identified in this policy where necessary for the
establishment, exercise or defence of legal claims, whether in court
proceedings or in an administrative or out-of-court procedure. The legal basis
for this processing is our legitimate interests, namely the protection and
assertion of our legal rights, your legal rights and the legal rights of
others.
2.10 We may process
any of your personal data identified in this policy where necessary for the
purposes of obtaining or maintaining insurance coverage, managing risks, or
obtaining professional advice. The legal basis for this processing is our
legitimate interests, namely the proper protection of our business against
risks.
2.11 In addition to
the specific purposes for which we may process your personal data set out in
this Section 2, we may also process any of your personal data where such
processing is necessary for compliance with a legal obligation to which we are
subject, or in order to protect your vital interests or the vital interests of
another natural person.
2.12 Please do not
supply any other person’s personal data to us, unless we prompt you to do so.
3. Providing your personal data to others
Other than where necessary because of either our contracted services with you or your company or legal processes governing the contracted work for you or your company we do not disclose your personal data to any third party.
4. International transfers of your personal data
4.1 We do not disclose your personal data to anyone outside the
countries outside the European Economic Area (EEA).
4.2 You acknowledge
that personal data that you submit for publication through our website or
services may be available, via the internet, around the world. We cannot
prevent the use (or misuse) of such personal data by others.
5. Retaining and deleting personal data
5.1
This Section 5 sets out our data retention policies
and procedure, which are designed to help ensure that we comply with our legal
obligations in relation to the retention and deletion of personal data.
5.2 Personal data
that we process for any purpose or purposes shall not be kept for longer than
is necessary for that purpose or those purposes.
5.3 We will retain
your personal data as follows:
(a) Name
(b) Date of Birth
(c) Address
(d) Contact details, including email address and phone number
(e) Tax & National Insurance references
(f) Marital status
(g) Nationality
(h) Full financial information
We will continue to hold the data while there is an on-going
business relationship with you and/or your business. In the event that the
relationship ends, we will retain the information for the statutory period
required by Law for the type of data held, other than data which we think may
be of continuing significance.
You may request the deletion of your data at any time except
for data which we are legally obliged to retain. Please bear in mind that if
you request this while we are still providing services to you or your business,
this will render us unable to continue to provide those services.
6. Security of personal data
6.1 We will take appropriate technical and organisational precautions
to secure your personal data and to prevent the loss, misuse or alteration of
your personal data.
6.2 We will store
all your personal data on secure servers, mobile devices, and in secure manual
record-keeping systems.
6.3 We do not retain
cardholder data.
6.4 Data relating to
your enquiries and financial transactions that is sent from your web browser to
our web server, or from our web server to your web browser, will be protected
using encryption technology where possible
6.5 You acknowledge
that the transmission of unencrypted (or inadequately encrypted) data over the
internet is inherently insecure, and we cannot guarantee the security of data
sent over the internet.
6.6 You should
ensure that your password is not susceptible to being guessed, whether by a
person or a computer program. You are responsible for keeping the password you
use for accessing our website confidential and we will not ask you for your
password (except when you log in to our website).
7. Amendments
7.1 We may update this policy from time to time by publishing a new
version on our website.
7.2 You should check
this page occasionally to ensure you are happy with any changes to this policy.
7.3 We will notify
you of significant changes to this policy by email or through physical
documentation..
8. Your individual rights
Under the GDPR your rights are as follows.
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
8.1 In this Section we have summarised the rights that you have under
data protection law. Some of the rights are complex, and not all of the details
have been included in our summaries. Accordingly, you should read the relevant
laws and guidance from the regulatory authorities for a full explanation of
these rights.
8.2 Your principal
rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
8.3 You have the
right to confirmation as to whether or not we process your personal data and,
where we do, access to the personal data, together with certain additional
information. That additional information includes details of the purposes of
the processing, the categories of personal data concerned and the recipients of
the personal data. Providing the rights and freedoms of others are not
affected, we will supply to you a copy of your personal data. The first copy
will be provided free of charge, but additional copies may be subject to a
reasonable fee.
8.4 You have the
right to have any inaccurate personal data about you rectified and, taking into
account the purposes of the processing, to have any incomplete personal data
about you completed.
8.5 In some
circumstances you have the right to the erasure of your personal data without
undue delay. Those circumstances include: the personal data are no longer
necessary in relation to the purposes for which they were collected or
otherwise processed; you withdraw consent to consent-based processing; you
object to the processing under certain rules of applicable data protection law.
However, there are exclusions of the right to erasure. The general exclusions
include where processing is necessary: for exercising the right of freedom of
expression and information; for compliance with a legal obligation; or for the
establishment, exercise or defence of legal claims.
8.6 In some
circumstances you have the right to restrict the processing of your personal
data. Those circumstances are: you contest the accuracy of the personal data;
processing is unlawful but you oppose erasure; we no longer need the personal
data for the purposes of our processing, but you require personal data for the
establishment, exercise or defence of legal claims; and you have objected to
processing, pending the verification of that objection. Where processing has
been restricted on this basis, we may continue to store your personal data.
However, we will only otherwise process it: with your consent; for the
establishment, exercise or defence of legal claims; for the protection of the
rights of another natural or legal person; or for reasons of important public
interest.
8.7 You have the
right to object to our processing of your personal data on grounds relating to
your particular situation, but only to the extent that the legal basis for the
processing is that the processing is necessary for: the performance of a task
carried out in the public interest or in the exercise of any official authority
vested in us; or the purposes of the legitimate interests pursued by us or by a
third party. If you make such an objection, we will cease to process the
personal information unless we can demonstrate compelling legitimate grounds
for the processing which override your interests, rights and freedoms, or the
processing is for the establishment, exercise or defence of legal claims.
8.8 To the extent
that the legal basis for our processing of your personal data is:
(a) consent; or
(b) that the processing is necessary for the performance of a
contract to which you are party or in order to take steps at your request prior
to entering into a contract,
and such processing is carried out by automated means, you have
the right to receive your personal data from us in a structured, commonly used
and machine-readable format. However, this right does not apply where it would
adversely affect the rights and freedoms of others.
8.9 If you consider
that our processing of your personal information infringes data protection laws,
you have a legal right to lodge a complaint with a supervisory authority
responsible for data protection. You may do so in the EU member state of your
habitual residence, your place of work or the place of the alleged
infringement.
8.10 To the extent
that the legal basis for our processing of your personal information is
consent, you have the right to withdraw that consent at any time. Withdrawal
will not affect the lawfulness of processing before the withdrawal.
8.11 You may
exercise any of your rights in relation to your personal data by written notice
to us or by email.
9. Personal data of children
We do not hold personal data of minors.
If we have reason to believe that we hold personal data of a person under that age in our databases, we will delete that personal data.
10. Updating information
Please let us know if the personal information that we hold about you needs to be corrected or updated.
11. Internet cookies used by our service providers
We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.
Some cookies are required to enjoy and use the full functionality of this website.
We use a cookie control system which allows you to accept the use of cookies, and control which cookies are saved to your device / computer. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.
Managing cookies
Most
browsers allow you to refuse to accept cookies and to delete cookies. The
methods for doing so vary from browser to browser, and from version to version.
You can however obtain up-to-date information about blocking and deleting
cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
Important Note: Blocking all cookies will have a negative
impact upon the usability of many websites.
If you block cookies, you will not be able to use all the
features on our website
Resources & further information