Phoenix Accountancy Service Ltd – Privacy Policy
Phoenix Accountancy is a trading name of Phoenix Accountancy Service Ltd (Company Registration No. 08778431) and our registered office is 21 Heath Drive, Romford, Essex, RM2 5QH.
We are a Controller for the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679).
In the EU’s General Data Protection Regulation (GDPR), Personal Data is defined as “…any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.”
Our representative for the purpose of data protection compliance is Rutu Shah who can be contacted at
[email protected]
Privacy Policy purpose and how it applies
We respect your privacy and your rights to control your personal data (data). We will always protect your data, be clear about the data we collect from you and the reasons why. We do not and will not sell your data to third parties.
We will only use your data when the law allows us to. Most commonly, we will use your data in the following circumstances:
- Where it is necessary for our legitimate business interests (or those of a third party) and your interests and
fundamental rights do not override those interests
- Where we need to perform the contract for services we are about to enter into or have entered into with you
- Where we need to comply with a legal or regulatory obligation.
This Privacy Policy (the ‘Policy’) explains the data we collect from you, either directly or indirectly, why and how we use it. It explains how we protect your data, the choices you can make about the data we collect and how you can control these decisions.
Please read this Policy carefully
Types of information We collect, Why and How
We will only collect personal data from you that we consider to be necessary in the context and purpose in which it’s given.
Through your use of our services we may also collect personal data from you about someone else. If you provide us with
personal data about someone else, you must ensure that you are authorised to disclose that data to us and that, without us
taking any further steps required by applicable data protection or privacy laws, we may collect, use and disclose such personal data for the purposes described in this Policy. You must, therefore, take reasonable steps to ensure that the third party concerned is aware of and consents to the various matters detailed in this Policy, including: the fact that their personal data is being collected; the purposes for which that data is being collected; the intended recipients of that data; and the third party’s right to obtain access to the data (including details of how to request access). Where requested to do so, you must assist us with any requests by the third party to access or update the personal data you have collected from them and provided in connection with our Services.
You may be required to provide information when:
- Learning about Phoenix Accountancy
- Enquiring about Our services
- Forming a company
- Subscribing to Our services
- Recommending Phoenix Accountancy to Others
Learning about Phoenix Accountancy
In order to gain more information about Phoenix Accountancy, you may visit our website or landing pages, or for example speak to one of our accountants, use our online tools or download one of Our guides. At these times you may voluntarily provide personal information about yourself.
What info we collect:
The type of personal information collected may include full name; phone numbers; email addresses; business type; income; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.
Why we collect:
To make sure you find the information you’re looking for and for us to make recommendations to you about our products and services. To follow up your enquiry, provide you with discounts on services, give you access to business guides, to share news about industry and updates. Additionally, your IP address helps us to understand geographic information about our website visitors.
How we collect:
Data is collected through online forms, email, telephone, live chat or in person.
Enquiring about Our Services
Depending on the type of service you purchase from us you may be asked to share information so we can provide a formal quote, respond to your enquiry, determine the products best suited for you and to complete the transactions.
What we collect:
The type of personal information collected may include full name; home/business postal address; phone numbers; email addresses; payment information; business type/trade; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; purchase inquiry and history; products, services or content provided.
Why we collect:
To carry out our obligations to provide services you’ve engaged us to deliver or to perform. To provide a quote, form policy documents, complete the transactions and to follow up your purchase or enquiry.
We do not store any card payment data and only use payment information in connection with the purchase made.
How we collect:
Data is collected through online forms, email, telephone, live chat or in person.
Forming a Ltd company
If you have asked us to form a limited company on your behalf you will be asked to provide information relating to yourself, the limited company you want to form and related third parties such as additional directors or shareholders, if you have any. This information is needed so your company can be registered with Companies House.
What we collect:
The type of personal information collected may include full name; home/business postal address; phone numbers; email addresses; registered office/service address; date of birth; title; nationality; company details, to include share split, person of significant control; authentication data, for example passport number, national insurance number; place of birth; payment card information; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; purchase inquiry and history; products, services or content provided.
Why we collect:
To check company name availability and ensure the company is formed correctly with the correct company officers and company information. To comply with legal and regulatory compliance, to include crime prevention. To provide the right guidance, answer your questions and to complete the transactions.
Subscribing to Our services
If you subscribe to one of our accounting services, you may be asked to provide information relating to you and/or your business. The information required will depend on the type of service you’re subscribing to. You may also be asked to provide information about third parties i.e. additional employees, directors or shareholders. We may also seek your permission to contact external third parties to gain items such as professional clearance or assignment schedules.
What we collect:
The type of personal information collected may include full name; home/business postal address; registered office address; business name/type; phone numbers; email addresses; job title; date of birth; place of birth; title; nationality; marital status; national insurance number; tax codes; HMRC UTR numbers; government issued identification, including passport numbers; sanction and watch list data; details of any other business involvement including shareholding; payment card information; bank account data; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; username and passwords for accessing and using our services, purchase inquiry and history; products, services or content provided.
Why we collect:
To verify your identity for legal/regulatory compliance and crime prevention. To carry out our obligations to provide services you’ve engaged us to deliver or to perform. To configure your accounting/payroll software correctly and provide the right support and advice.
How we collect:
Data is collected through online forms, email, telephone, live chat, in person or by post.
Using our accounting services
During the course of your engagement with us you may be asked to provide additional information and to keep us informed of any changes to your circumstances or that of your business.
What we collect:
The type of personal information collected may include changes in marital status; changes of home/business postal address; other sources of income; investment activities; changes to your company structure, to include changes to company officers; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.
Why we collect:
To carry out our obligations to provide services you’ve engaged us to deliver or to perform. Support you in managing your affairs, provide the right guidance and support at the right time, ensure you continue to be subscribed to the right service for you, to notify you about changes to our services, make suggestions/recommendations to you about other products and services. For related purposes such as updating and enhancing our client records, improving our services, troubleshooting, testing, data analysis, research, profiling, statistical and survey purposes. Analysis for management and marketing purposes and statutory returns, legal and regulatory compliance and crime prevention.
How we collect:
Data is collected through online forms, email, telephone, live chat, in person or by post
Referring Phoenix Accountancy to Others
We have a Refer a friend program where you have the opportunity to earn referrals. It is imperative that you seek explicit permission from your referral before submitting their information to us.
What we collect:
The type of personal information collected may include full name; business name; telephone and mobile numbers and email address
Why we collect:
To enable us to contact your referral to discuss our services with them.
How we collect:
Data is collected through online forms, email, live chat and telephone.
How we use the personal data we collect about you?
Processing data constitutes as collecting, storing and using. We will process this data in accordance with the GDPR. We will do our utmost to keep your information accurate and up to date and not keep it longer than is necessary. Phoenix Accountancy may issue occasional reminders to all customers to keep their contact details up to date and will update them accordingly.
Please be advised that there is information that we are required to keep in accordance with the law, such as information needed for tax and audit purposes. Personal data may be held for longer than these periods, however this will depend on the individual needs of the company.
We also uses the data we collect to provide you with our services and to communicate with you.
We use the data for the following purposes:
- Providing, and enhancing our products and services
- Compliance
- Security, Safety and issue resolution
- Business Operations
-
Communication, Marketing and Advertising
Compliance
We use data to ensure we comply with relevant regulation and law. This includes needing to verify your identity if you subscribe to our accounting services. This verification involves:
(a) a full electoral roll search (your consent is not required for this);
(b) credit reference agencies placing a soft search footprint on your electronic file and your data being accessed by third parties for the specific purpose of anti-money laundering, credit assessment, ID verification, debt collection, asset reunification, tracing and fraud prevention.
Security, Safety, and Dispute Resolution
We use data to protect the security and safety of our services and our clients, to detect and prevent fraud, to resolve disputes and enforce our agreements.
Outgoing and incoming telephone calls from and to our accountants or support teams are recorded for training and monitoring purposes. This process helps us to maintain high standards of service and resolve issues.
Business Operations
We use data to run business operations to provide you with our services, profile our user base and develop anonymised aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions and report on the performance of our business.
Communication, Marketing and Advertising
We use the data we collect to deliver and personalise our communications with you.
For example, we may contact you by email or other means of electronic communication to inform you about our services, invite you to take part in a events, notify you about offers and promotions, new business activities and changes to our services.
If you become a member, subscribe to or purchase one of our services you will also receive service-related communications. These will include service support communications.
Will we share or disclose your personal data with anyone else?
We do not sell data about our clients and we only share or disclose your data as authorised in this Polic
We may share or disclose information with the following types of third parties
Suppliers:
We work with a variety of third party suppliers to fulfil our services such as accounting software providers, website hosting, online product purchases and email communications. We share your personal data as necessary to complete any transactions or provide a product or service you have requested. These suppliers work on our behalf for the purposes described in this Policy. We impose strict contractual obligations on suppliers to ensure data is secure, protected and treated in accordance with this Policy and we will take all steps reasonably necessary to maintain compliance with these obligations.
Subcontractors:
We occasionally subcontract elements of Our service provision to other parties. We will always ensure that we have appropriate contractual arrangements in place.
Legal/Regulatory Bodies:
To the extent that we are duty bound by any applicable legal or regulatory requirement to cooperate with any competent legal or governmental authority or agency, we shall do so in accordance with applicable law. This may involve disclosure of your personal data and we will have no legal liability for such disclosures. Please note that, depending on circumstances, We may be forbidden from advising you of the fact that your personal data has been disclosed to or requested by such third parties.
Under Section 330 of the Proceeds of Crime Act 2002 we have a duty to report to the Serious Organised Crime Agency (SOCA) if we know, or have reasonable cause to suspect, that you or anyone connected with your business are or have been involved in money laundering. Failure on our part to make a report where we have knowledge, or reasonable grounds for suspicion, would constitute a criminal offence. We are obliged by law to undertake this reporting to SOCA, but are under no obligation to make you aware of this reporting. In fact, we may commit the criminal offence of “tipping off” under Section 333 of the Proceeds of Crime Act 2002 if we were to inform you that a report had been made. In consequence, neither Our principals nor staff may enter into any correspondence or discussions with you regarding such matters.
Other Parties:
with whom it might be necessary to complete a financial or corporate transactions such as a merger or sale of asset.
Communication
You can opt out of receiving certain direct communications from us
If you wish to stop receiving promotional or marketing related emails from us, you can do so by following the instructions included in every email sent to you via the “unsubscribe” link. We respect your choice, and we will stop sending you emails once you unsubscribe. It may take up to 14 days to process your request.
Please note, if you have become a member, subscribed to any of our services regardless of your preferences we will continue to communicate with you for service emails, policy updates, or significant information about our services.
Cookies and Other Similar Technologies
We use cookies and similar technologies like pixels, tags and other identifiers to help us personalise our websites and services for you, remember your preferences, understand how users are using our websites and services and help customise our marketing offerings.
By visiting our websites or using our services you agree that you are happy for us to set cookies and similar technologies for the purposes described in this Policy.
Cookies
A ‘cookie’ is a small data file that is sent to your computer’s cookie file when you visit a website. When you visit the website again the cookie allows that site to recognise your browser.
How to control cookie settings
Most web browsers allow you to control cookies through their settings preferences, however if you limit the ability of websites to set cookies, you may impact your overall user experience.
You can learn about how to control cookie settings on popular web browsers, by visiting:
Marketing and Advertising
We use several marketing tools in support of our advertising efforts.
Phoenix Accountancy may wish to contact you for marketing purposes, however we would contact you for additional consent for that purpose if not already given.
Where we store and process data
By submitting your personal data, you agree to its transfer, storing and processing
Most personal data is stored electronically on servers or computer systems with controlled access and controlled environments.
Other personal data may be kept in paper form within our office, if needed, although in the main copies are destroyed after they have been scanned into computer systems.
How we secure your information?
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure.
For example, any personal data transferred to us over the internet is protected with Secure Sockets Layer / Transport Layer Security (SSL/TLS) Encryption Certificate technology. This ensures that all personal data transferred is encrypted to prevent eavesdropping and tampering.
While no Service is completely secure, we take precautionary measures and have strict security standards to help prevent data loss, theft, misuse and unauthorised access, disclosure, alteration and destruction or other like incidents that might affect the security of your personal data.
These measures include encryption, password protection, anti-malware, dual factor authentication, user profiles, backup/disaster recovery systems, restriction of access to premises and computer systems, as well as use of relevant third party service providers to provide security.
We impose strict contractual obligations on suppliers, subcontractors and partners to ensure data is secure, protected and treated in accordance with this Policy and we will take all steps reasonably necessary to maintain compliance with these obligations.
If you have any questions about the security of your data, you can contact us at [email protected]
Our retention of your information
We retain personal data for as long as necessary to provide our services or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly.
For example, the default standard retention period for accounting records is six years plus current, otherwise known as six years + one. This is defined as six years after the last entry in a record followed by first review and/or destruction to be carried out in the additional current + one accounting year.
If we need to alter your data processing we will inform you.
Our retention of your information
We retain personal data for as long as necessary to provide our services or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly.
For example, the default standard retention period for accounting records is six years plus current, otherwise known as six years + one. This is defined as six years after the last entry in a record followed by first review and/or destruction to be carried out in the additional current + one accounting year.
If we need to alter your data processing we will inform you.
Your rights
You can find detailed information about your rights under Data Protection legislation on the UK Information Commissioner’s website at ico.org.uk
Can you find out about the personal data that we hold about you?
If you want to see what personal data we hold on you and how it is processed, you may contact us to request this. This is known as a Data Subject Access Request (DSAR) and you must request this in writing (either by post or email), providing the necessary identification before any information is released.
There is no charge for this service. However, we can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive and we may also charge a reasonable fee to comply with requests for further copies of the same information.
If Phoenix Accountancy do store any of your personal data, you may request information on the following:
- Identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
- Contact details of the GDPR owner, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of Phoenix Accountancy or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
What forms of ID will you need to provide in order to access this?
Phoenix Accountancy will accept the following forms of ID when information on your personal data is requested:
Passport; Photo Driving Licence; Utility Bill (from the last three months); Notarised ID Document.
Contact details of the GDPR Owner
If you wish to submit a DSAR, or have any questions regarding this privacy statement, you must do so in writing using the following information.
Address:
Phoenix Accountancy Service Ltd 1st Office
21 Heath Drive,
Romford,
RM2 5QH
Phoenix Accountancy Service Ltd 2nd Office
1st floor, 14 Cornwall place,
Buckingham,
Mk18 1SB.
Email: [email protected]
Telephone: +44 (207) 993 2737
Policy Changes
Phoenix Accountancy Service reserves the right to change this privacy policy and will post any revisions on our website,
(www.phoenix-accountancy.co.uk)