This privacy notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you when you use this website and our wider services. We are required to notify you of this information under the General Data Protection Regulation (GDPR).
1. WHO WE ARE
Avesta Accounting Solutions Limited collects, uses and is responsible for certain personal information about you. When we do so, we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
In this privacy notice, references to “Avesta Accounting”, “we” or “us” means Avesta Accounting Solutions Limited.
2. DATA PROTECTION PRINCIPLES
We will comply with the data protection principles when gathering and using personal information, as set out in our GDPR data protection policy.
3. THE PERSONAL INFORMATION WE COLLECT AND USE: INFORMATION COLLECTED BY US
In the course of providing our services, we collect some or all of the following personal information when you provide it to us as applicable:
Identity Data includes first name, last name and date of birth.
Contact Data includes email address and telephone numbers.
Technical Data includes internet protocol (IP) address browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Marketing and Communications Data includes your preferences in receiving marketing from us.
Professional Data includes any information we may collect while providing our services to you.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
The provision of the above stated personal information is required from you to enable us to perform our duties as your accountant or book-keeper. We will inform you at the point of collecting information from you, which information you are required to provide to us. Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with an answer to an enquiry). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.
4. THE PERSONAL INFORMATION WE COLLECT AND USE: INFORMATION COLLECTED FROM OTHER SOURCES We also obtain personal information from other sources as follows: clients, their directors and employees, HMRC, other accountants, business partners, solicitors, debt collection agencies, IT providers, local authorities and information held in the public domain.
We collect information about you when you fill in any of the forms on our website i.e. sending an enquiry, signing up for an event, filling in a survey, giving feedback etc. Website usage information is collected using cookies.
Cookies are text files put on your computer to collect standard internet log information and visitor behaviour information. This information is then used to track visitor use of the website and to create statistical reports on website activity. For more information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note in a few cases some of our website features may not function because of this.
Analytics – e.g. how visitors use our website. We use Google Analytics to store information about how visitors use our website so that we may make improvements and give visitors a better user experience.
Google Analytics is a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you e.g. name, address etc. and we do not share the data.
IP addresses – An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. Avesta Accounting do not have access to any personal identifiable information and we would never seek this information. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have from particular regions.
Internet Based Advertising – We use LinkedIn, Facebook, Google and Twitter advertising services and as such there are tracking codes installed on our website so that we can manage the effectiveness of these campaigns. We do not store any personal data within this type of tracking.
5. HOW WE USE YOUR PERSONAL INFORMATION
We will typically collect and use this information where:
we need to perform the contract we are about to enter into or have entered into with you.
It is necessary for the purposes of our legitimate interests or those of a third party, but only if these are not overridden by your interests, rights or freedoms.
We need to comply with a legal or regulatory obligation. This includes requirement for the purposes of our money laundering checks, such as a copy of your passport. This data will only be processed for the purposes of preventing money laundering and terrorist financing, or as otherwise permitted by law or with your express consent.
We seek to ensure that our information collection and processing is always proportionate. We will notify you of any material changes to information we collect or to the purposes for which we collect and process it.
6. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
Personal information such as names and contact information such as addresses, telephone numbers and email addresses may be shared only if necessary.
Our work for you may require us to pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing the Services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the Services and we have contracts in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We will not share your information for marketing purposes with companies so that they may offer you their products and services.
We will share personal information with law enforcement or other authorities if required by applicable law.
7. WHERE YOUR PERSONAL INFORMATION MAY BE HELD
Information may be held at our offices, IT service providers, at the relevant properties and by representatives and agents as described above where applicable. As part of the services offered to you through this website, the information which you give to us may be transferred to countries outside the European Union (“EU”). For example, some of our third-party providers may be located outside of the EU. Where this is the case we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy. By submitting your personal data, you’re agreeing to this transfer, storing or processing. Where our third-party supplies are in the US we have ensured that their services fall under the “Privacy Shield” whereby participating companies are deemed to have adequate protection and therefore facilitate the transfer of information from the EU to the US.
If you use our services while you are outside the EU, your information may be transferred outside the EU to give you those services.
8. HOW LONG YOUR PERSONAL INFORMATION WILL BE KEPT
We will hold personal data throughout the period we are contracted to provide our services to you. We will also retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
9. REASONS WE CAN COLLECT AND USE YOUR PERSONAL INFORMATION
We rely on contract and legitimate interest for reasons of security and management of services as the lawful basis on which we collect and use your personal data.
10. YOUR RIGHTS
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
fair processing of information and transparency over how we use your use personal information
access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
require us to correct any mistakes in your information which we hold
require the erasure of personal information concerning you in certain situations
receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
object at any time to processing of personal information concerning you for direct marketing
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual rights under the General Data Protection Regulation. If you would like to exercise any of those rights, please:
email us at firstname.lastname@example.org or write to us at 60 The Marlowes, London NW8 6NA and provide us enough information to identify you and state the information to which your request relates, including any account or reference numbers.
11. KEEPING YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. If you think that any part of our process is not secure please email us at email@example.com.
12. HOW TO COMPLAIN
We hope that we can resolve any query or concern you raise about our use of your information. The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/.
13. CHANGES TO THIS PRIVACY NOTICE
We may change this privacy notice from time to time, and when we do we will inform you.