Data controller: Susan Hall
Tel: 0116 2888880
The organisation collects and processes personal data relating to its clients and customers to manage the initial and ongoing relationship. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
The organisation collects and processes a range of information about you. This includes but is not limited to:
The organisation may collect this information in a variety of ways. For example, data might be collected through know your client documentation and application forms, obtained from your passport or other identity documents such as your driving licence; from correspondence with you; or through interviews, meetings or other assessments, Companies House and HMRC. Such information may be required as part of our anti- tax evasion policy, or money laundering compliance.
The organisation may seek information from third parties such as Experian or other credit reference agencies
Data will be stored in a range of different places, including in your client file, in the organisation’s operations management systems and in other IT systems (including the organisation’s email and back office system).
The organisation needs to process data to enter into a service contract with you or for service or product provision and contractual relationships arising therefrom and to meet its obligations under those contracts. For example, it needs to process your data to provide you with work quotations and estimates.
In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check your identity and address to ensure Anti Money Laundering and Financial Sanctions obligations have been met.
In other cases, the organisation has a legitimate interest in processing data before, during and after the end of the relationship. Processing client data allows the organisation to
We may process your data, especially your email address, to contact you for Marketing purposes. For example if we are holding an event we think may interest you. We will obtain your consent to contact you for marketing at the beginning of our relationship via our disclosure documents.
You will be able to withdraw your consent at any time throughout the relationship by contacting the data controller.
Your information may be shared internally, with staff if access to the data is necessary for performance of their roles.
The organisation shares your data with third parties in order to process applications as part of a service to which you have consented. The organisation may also share your data with third parties in the context of a sale of some or all of its business. In those circumstances the data will be subject to confidentiality arrangements.
The organisation will not transfer your data to countries outside the European Economic Area.
The organisation takes the security of your data seriously. The organisation has the following policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.
Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
The organisation will hold your personal data depending on the type of policy you have and is subject to strict regulatory retention periods set out by the Financial Conduct Authority or the Office Information Commissioners.
Data obtained which does not proceed to a contractual relationship be entered into will be retained for 2 years then will be archived.
Data obtained which proceeds to a contractual relations between third parties and ourselves will be retained for 5 years unless with regard to financial dealings in which case it will be retained indefinitely. After this time and if there is no ongoing service, the data will be archived.
Data obtained which then proceeds to a contractual nexus will be retained indefinitely so as to be able to provide documentary evidence to our professional regulator in the event of a complaint.
If you would like to exercise any of these rights, please contact Susan Hall at Wigston offices
If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner.
In order for us to provide you with our service and make suitable recommendations to you we will need to obtain and retain your data. If you are unable to do this then we will not be able to provide suitable advice, quotations or estimates and therefore will not be able to enter into a client relationship with you.
For example with regard to drawings, or schedule of works, or product illustrations, in an electronic or written format.