It explains how we comply with the GDPR (General Data Protection Regulations), and the PECR (Privacy and Electronic Communications Regulations).
Your right to privacy is important to us. This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR & PECR are adhered to.
Further explanations may be provided for specific pages or features of this website to help you understand how we, this website, and its third parties (if any) interact with you and your computer or device to serve it to you. Our contact information is provided if you have any questions.
Personal data we collect about you
The type of personal data we collect about you and its use depends on what you contact us about, your needs, the relationship you have with us, and the products and services you hold or enquire about.
We are committed to ensuring that your privacy is protected. When you provide certain information by which you can be identified when using this website, it will only be used per this policy statement.
The information that we obtain about you includes your name, address, telephone number, email address, and any other contact details. We also hold information as a data processor when you engage us for accounting services; this information will relate to personal and business information gathered by the Data Controller.
It can also include information which either you give us about your clients or which we obtain about your clients on your behalf. Adderley, Hill & Co Limited shall not involve any other third party in the processing of the data without your consent or the consent of your client if appropriate.
If consent is given, a further processing agreement will be required with the Third Party. Adderley, Hill & Co Limited agree to fulfil the Data Controllers’ obligation to respond to requests from individuals exercising their rights laid down in Chapter III of GDPR – rights to erasure, rectification, access, restriction, portability, object and right not to be subject to an automated decision making.
Adderley, Hill & Co Limited will assist the Data Controller in ensuring compliance with the obligations according to Articles 32 to 36 of GDPR security, notification of data breaches, communication of data breaches to individuals, data protection impact assessments and, when necessary, consultation with the Information Commissioner’s Office.
We may also gather data from our website, contact us forms, for example, to enquire about products and services or to register to receive one of our newsletters.
Sharing your personal information
Adderley, Hill & Co Limited will only share your data where data protection law allows it, with adequate protection and where appropriate will have contracts in place to protect the security and confidentiality of your information for the following purposes:
- To provide you with the information, products, and services that you have requested from us.
- To meet a legal or regulatory obligation.
- To market our products and services by mail and email following your communication preferences.
If we use third-party service providers, we disclose only personal information that is necessary to deliver the service. We will have a contract in place that requires them to keep your information secure and not to use it for their direct marketing purposes. We will not pass your personal data to other organisations without your approval.
Your individual rights
Requesting access to your personal data:
Under the data protection legislation, you have the right to request access to information held about you. You may withdraw that consent at any time when you have provided your consent to the collection, processing, and transfer of your personal data. This will not affect the lawfulness of data processing based on consent before it is withdrawn.
To withdraw your consent, please contact us at firstname.lastname@example.org. You also have the right to:
- Object to the processing of personal data that is likely to cause, or is causing, damage or distress.
- Prevent processing for direct marketing.
- Object to decisions being taken by automated means.
- In certain circumstances, have inaccurate personal data rectified, blocked, erased, or destroyed.
- Receive a copy of the personal information you have provided to us or send it to a third party; this will be provided to you or the third party in a structured, commonly used, and readable format.
- Claim compensation for damages caused by a breach of the Data Protection regulations.
Certain personal data will also be reported to government authorities where required by law and for tax or other purposes. We will not sell your personal data to any third party. Your data is held inside the EEA in a GDPR-compliant and secure manner.
Note that we reserve the right to charge a reasonable fee to comply with your request concerning requests to access personal data. If you are concerned about how we are collecting or using your personal data, we request that you raise your concern with us in the first instance.
Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/.
Storing this information
We hold a client’s data under Legitimate Interest. It will be held for as long as you remain a client of Adderley, Hill & Co Limited, and require us to continue within the original client terms of engagement.
Due to the nature of the service we offer, we may be required to retain personal data even after an account has been closed for legal or operational reasons. You have a right to challenge our legitimate interest if you believe we do not have a valid reason to collect, use, share, or hold your data.
You can withdraw your consent at any time. If you withdraw your marketing consent, you may miss out on information about our products, services, offers, and other news that may be of interest to you. However, we will contact you regarding the administration of your existing accounts and relationship with us.
Data of non-clients will be held for a maximum of two years, where consent is given to keep the data, and renewed consent will be requested. Data, where no consent has been given, will be held for sufficient time for us to manage and respond to the query but will not exceed six months unless specific consent is requested to keep it for a longer period.
Security of your personal information
We use a variety of security technologies and procedures to protect personal information from unauthorised access, use, or disclosure. We secure the personal information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use, or disclosure.
All personal information is protected using appropriate physical, technical, and organisational measures and securely backed up regularly. Adderley, Hill & Co Limited ensures that all employees and other representatives accessing the Data are aware of the terms of this Agreement and have received comprehensive training on Data Protection Laws and related good practice.
A commitment of confidentiality bounds them. If available and where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Downloads and media files
Any downloadable documents, files, or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available, users are advised to verify their authenticity using third party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third-party websites and advise users to verify their authenticity using third party antivirus software or similar applications.
Contact and communication with us
Users contacting us through this website do so at their discretion and provide any such personal details requested at their own risk.
Email mailing list and marketing messages
We operate an email mailing list programme, used to inform subscribers about products, services, and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission.
Subscriber personal details are collected, processed, managed, and stored following the regulations named above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages.
The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription. Email marketing messages may contain tracking beacons/tracked clickable links or similar server technologies to track subscriber activity within email marketing messages.
Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics, and already stored subscriber data.
External website links and third parties
Although we only look to include quality, safe, and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text/banner/image links to other websites.)
Shortened URLs; URL shortening is a technique used on the web to shorten URLs (Uniform Resource Locators) to something substantially shorter. This technique is mainly used in social media and looks similar to this (for example, http://bit.ly/zyVUBo).
Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding. We cannot guarantee or verify the contents of any externally linked website despite our best efforts.
Social media policy and usage
We adopt a Social Media Policy to ensure our business and our staff conducts themselves accordingly online. While we may have official profiles on social media platforms, users are advised to verify the authenticity of such profiles before engaging with or sharing information with such profiles.
We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media. There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms.
You use social sharing buttons at your own discretion and accept that you may publish content on your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
Resources & Further Information
- Overview of the GDPR – General Data Protection Regulation
- Privacy and Electronic Communications Regulations 2003
- The Guide to the PECR 2003
Social media policy and usage