Progression accountancy: our Privacy policy
Introduction
We are committed to safeguarding the privacy of our clients. This section lets you know what happens to the personal data that you give us, or any other data that we collect from or about you.
This policy follows the General Data Protection Regulations effective from 25 May 2018.
Why we hold data
As chartered certified accountants governed by the ACCA, we need to hold data about our clients (as individuals and of their business):
because we have a legal obligation under tax legislation & laws
because we have a legal obligation under anti money laundering regulations
in order for us to comply with our regulatory body (the ACCA)
in order for us to provide the services that we've been engaged to do
in order for us to submit information and forms to Companies House and / or HMRC
The data we hold
Your name
Your date of birth
Your marrital status
Your contact details (email, address, telephone number)
Your NI number
Your tax references & tax codes
Any of the above data in relation to your employees
Information relating to your employees in terms of payroll, such as rates of pay, etc
Information relating to workplace pension schemes that we have either set up for you or have instigated their set up
Your Companies House authorisation code
Your driving licence, utility bill & passport, and results of Anti Money Laundering Due Diligence Checks
Information needed to complete personal tax returns for you
Information needed to complete any other work for you
Business registration documents, accounts, business and personal tax returns / certificates filed with Companies House and / or HMRC
Who your business banks with
Your bank account number and sort code
We have access to the data contained in your Xero subscription
Details about any Xero Add-ons that you use in your business, as well as access to the data contained in this.
All data is processed lawfully.
Data is collected only for the purposes of providing services to you & to meet your obligatory requirements.
Data is protected under our data security measures.
Data is as accurate as it can be within our systems, and is based on what we have been told and / or know. Please let us know straight away of any changes by emailing us here
How we obtain data
By you sending it to us
By you making it available to us
From Companies House
From HMRC
From third parties, such as previous accountants
By undertaking Anti Money Laundering Due Diligence Checks
From your own Xero subscription
Where data is held - we use the following third party services, accessed via Chrome:
Google services: View Privacy Policy
Xero: View Privacy Policy
Mailchimp: View Privacy Policy
How data is shared
We only share data when we are legally obliged to, or to enable us to complete work for you.
In order for us to complete some aspects of our services for you, we may need to work alongside our trusted referral partners (for financial planning, business advice, R&D tax credit claims, and specialist tax advice). Where required & appropriate, we will share your name, your best contact details, and a very brief synopsis of the query, to enable them to contact you. Any other data will only be shared with them as requested by either you or them, once you are working with them. They will hold & store all data that they obtain during their work with you, and we will only hold copies of any of that data if either you or them share it with us, or we request it to enable us to provide services to you. Where appropriate or needed, they will complete their own AML Due Diligence Checks, and they have their own policies surrounding data protection which you should request & review.
Data will be shared via an Accountant's Reference Letter
Personal data may need to be disclosed to law enforcement agencies, Companies House or HMRC - we will always check that any requests are legitimate & wholly necessary
We are legally obliged to send returns & forms (that contain data) to Companies House (e.g., final accounts)
We are legally obliged to send returns & forms (that contain data) to HMRC (e.g., tax returns)
Access to your Xero data is controlled by the subscription holder (this will either be us or you), and the subscription holder can change or remove access to individuals as required and / or requested.
What we do with the data
Undertake Anti Money Laundering Due Diligence Checks
Provide services to you
Submit returns to Companies House and HMRC
Send client email newsletters about Xero, your business, as well as any other business related opportunities
Subject access requests
You have the right to request what data we hold about you, and confirmation of how we are currently using this data
We always confirm & verify the identity of the person making the request before sending anything
We will reply within 1 month of the request being made
Our data security measures
Our devices are password protected
Our devices are either locked, or taken with us, when we leave our workstation
Devices are logged with Google Admin, therefore can be accessed remotely
We use two-step verification to access Xero
If we are your Xero subscription holder, then we will only grant access or modify access permissions to users on your request
If we request data from you via Xero, please send data to us by replying & uploading documents as necessary
On occasions where data can only be given to us on paper or by any other portable media (as a pre-agreed arrangement), it will be kept at our home at our workstation
Any attachments that we receive via Gmail are saved to Google Apps / Xero / etc, as appropriate
Retention of data
On occasions where data is given to us on paper or by any other portable media, this will be returned to you when we have finished our work
We keep data during the time that we are providing services to you, and in the time after we provide services, for as long as we are legally obliged to under tax legislation. In line with HMRC guidelines: 5 years after the submission deadline for which tax year that data relates to. [For e.g., data relating the 2021 tax year, the submission deadline is 31 January 2022, so data is held until 31 January 2027]
In terms of your Xero data and any Xero Add-ons that you use, if you no longer want us to have access to this, then you can revoke our access (or if we can transfer access / ownership, then we will request that you accept that transfer). You can also revoke the access of anyone else who currently has access
The right to be forgotten
We only keep data for as long as we are legally obliged to under tax legislation (and in line with HMRC guidelines)
If you are no longer a client, we will not routinely send you email newsletters, however you can unsubscribe at any time you like.
Your rights
You have the right to request what data we hold about you, and confirmation of how we are currently using this data.
Your principal rights under data protection law are:
The right to access data
The right to rectify data
The right to erasure
The right to restrict processing of your data
The right to object to our processing of your data
The right to data portability
The right to complain to a supervisory authority
The right to withdraw consent.
Please email us, using "data information request" in the subject line.
Our details
This website is owned and operated by Progression Accountancy (Derbyshire) Ltd. We are registered in England and Wales, under registration number 09495206, and our registered office is at 28 Talbot Crescent, Hasland, Chesterfield, Derbyshire, S41 0AW.
You can contact us:
by calling Scott on 07890525638
by calling Hayley on 07793318755
Our data protection officer's contact details are:
Hayley Bradshaw, please email here.
Updates to this policy
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes.