Umbrella Bookkeeping Ltd understands its obligations in regards to your fundamental right to a private life and has implemented systems and controls to ensure your rights and freedoms are protected.
Umbrella Bookkeeping Ltd undertakes to meet its obligations under the Data Protection Act, the Privacy and Electronic Communications Regulations and the EU General Data Protection Regulation (GDPR).
Because the processing is necessary:
You have the right to object to processing for these purposes and we shall cease unless we can show we have compelling legitimate grounds to continue.
We will use the information provided to protect members of the public against dishonesty, money laundering or fraudulent activities. This must necessarily be carried out without your explicit consent to ensure this function is not prejudiced.
We only collect information that is necessary to carry out the purposes listed above. This includes information you supply and data we receive from reference agencies. Where practical and lawful we will inform you about any personal data we receive about you from third parties that you may be unaware of.
We will ensure that your data is only accessible to authorised people in our firm and will remain confidential at all times. Appropriate security measures will be in place to prevent unauthorised access, alteration, disclosure, loss, damage or destruction of your information. If we have a contract with another organisation to provide us with services or a service on our behalf to process your personal information, we’ll make sure they give reassurances regarding appropriate security measures in place and only process your information in the way we’ve authorised them to. These organisations won’t be entitled to use your personal information for their own purposes. If necessary, our security teams will check them to make sure they meet the security requirements we’ve set.
We may share your information with:
We do not usually transfer any of your personal data outside of the EU except when we need to perform pre-contractual measures (credit and identity checks) or because the checks we request are necessary for important reasons of public interest. Some companies, like Creditsafe Business Solutions Ltd, may transfer data outside of the EU to countries which do not, in the view of the EU Commission, offer an adequate level of protection. In such cases Creditsafe encrypts any data it sends to other agencies and only transfers information necessary to carry out checks.
A list of countries used to perform checks include: Germany, Netherland, Belgium, France, Sweden, Norway, Finland, Luxembourg, Switzerland, Liechtenstein, Spain, USA, Estonia, Latvia, Lithuania, Poland, Slovakia, Czech Republic, Hungary, Slovenia, Bosnia, Serbia, Montenegro, Croatia, Macedonia, Kosovo, Albania, Bulgaria, Romania, Ukraine, Austria, Denmark, Moldova, Portugal, Italy, Canada, Brazil, Greenland, China, India, Australia, Russia, South Korea, Taiwan, Mexico, South Africa, New Zealand, Hong Kong, UK.)
We do not currently carry out any direct marketing, however in the future, we may use the information provided now and in the future to carry out direct marketing activities as these are legitimate interests pursued by us. Sometimes this includes, with your consent, sharing data with product providers for their marketing activities. You can choose which method you’d prefer us to use to contact you (by email, telephone, SMS or post) and you have the right to object at any time to the use of your personal data for this purpose and we will cease marketing activity. Just let the person who gave you this form know about your preferences.
We do not use automated processes when making decisions and you will not be subject to a decision based on automated processing, including profiling.
In line with The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 we may record incoming or outgoing telephone conversations for the following purposes:
The Financial Conduct Authority lays down rules relating to how long information should be held for and we will keep your information to meet these requirements. We will not keep your information for longer than is necessary.
You may at any time ask for a copy of the information we hold about you – it is your legal right. We will provide you with a copy of any non-exempt personal information within one month unless we ask you for an extension of time. To protect your personal data, we will ask you to verify your identity before we release any information. We may refuse your request if we are unable to confirm your identity.
You have the right, on grounds relating to your situation, at any time to object to processing which is carried out as part of our legitimate interests or in the performance of a task carried out in the public interest. We will no longer process your data unless we can demonstrate there are compelling legitimate grounds which override your rights and freedoms or unless processing is necessary for the establishment, exercise or defence of legal claims. You have the right to object at any time to processing your personal data for marketing activities. In such a case we must stop processing for this purpose.
In addition to the rights above the additional following rights:
To exercise any of these rights please contact us (details below).
You can contact our data protection officer about any data protection or marketing issues by: