How we use your information
This privacy notice tells you what to expect when Charter Tax Consulting Ltd (CTC)collects personal information. It applies to information we collect about you.To enable us to provide the services we have agreed and for other related purposes – including updating and enhancing customer records, analysis for management purposes and statutory returns, crime prevention and legal & regulatory compliance – we may obtain, use, process and disclose personal data about you.
We may collect and process the following data about you:
- Information that you provide by filling in forms on our site www.charter-tax.com
- Information that you provide to us by post, telephone, e-mail or face to face.
- If you contact us, we will keep a copy of that correspondence.
- Information collected from third parties whilst providing our services to you.
Visitors to our websites
When someone visits www.charter-tax.comwe use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We do not make, and do not allow Googleto make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website where visitors have come to the website from and the pages they visited.
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We will retain your data for as long as it is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into account the consideration:
- The requirements of our business and the services provided;
- Any statutory or legal obligations;
- The purposes for which we originally collected the personal data;
- The lawful grounds on which we based our processing;
- The types of personal data we have collected;
- The amount and categories of your personal data; and
- Whether the purpose of the processing could reasonably be fulfilled by other means.
People who contact us via social media
We may use a third-party provider to manage our social media interactions. If you send us a private or direct message via social media the message will be stored by us for three months. It will not be shared with any other organisations.
People who email us
Any email sent to us, including any attachments, may be monitored for security reasons and for compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
People who make a complaint to us
When we receive a complaint we createa file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. We usually have to disclose details of the complaint to our Professional Indemnity Insurance Broker and Insurer. We may be required to provide a copy of our file to the Financial Ombudsman Service should an adjudicator be required to consider the complaint case. We are regulated by the ICAEW who can do inspections and ask to view a sample of our files. This data may include names or details that identify the specific data subject.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained indefinitely from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
People who use our services
CTCprovide a range of services to clients who are deemed to be Data Subjects. We process data provided by the Data Subject and other sources in order to deliver the appropriate products and services to Data Subjects.
We have to hold the details of the people who have requested our services in order to provide those services to them. However, we only use these details to provide the client has requested and for other related purposes.
Job applicants, current and former employees
CTCis the data controller for the information provided during the employment process. Should you have any queries about the process or how we handle your information please contact us at email@example.com.
Third Parties and use of data processors
Data processors are third parties who provide elements of our service for us. We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.
“Third parties” includes third party-party service providers. The following activities are carried out by third-party service providers. IT and cloud services, professional advisory services, administration services, marketing services and banking services.
All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
We may also share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.
CTC uses a third-party service to help maintain the security and performance of the website. To deliver this service it processes the IP addresses of visitors to our website.
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you. From 25 May 2018 the General Data Protection Regulations (GDPR) come into force.
Access to personal information (Portability)
Data Subjects may submit a Subject Access Request (SAR) - in order to obtain a copy of the personal data that we hold about them in a structured and portable manner. All SAR requests should be sent to:
Data Protection Officer
Charter Tax Consulting Ltd
1 Bedgebury Business Park
Confirmation of whether, and where, the controller is processing their personal data
CTC is a Data Controller and a Processor. CTC undertakes data processing within the EEA.
Right of Data subjects to erasure (Right to be forgotten)
Data Subjects may notifyCharter Tax Consulting Ltdif they wish to exercise their right to erasure. Such a withdrawal of Consent does not affect the lawfulness of processing based on consent prior to the withdrawal. Data Subjects that exercise this right will be removed from any marketing or future contact. CTC may retain a copy of any personal data and be retained by CTC if the processing is likely to be necessary for the establishment, exercise or defence of legal claims.
Right of rectification
CTC will seek to ensure that inaccurate or incomplete data will be rectified. Data Subjects have the right of rectification.
Right to object to processing for the purposes of Direct Marketing
Data Subjects may notify the Firm if they wish to exercise their right to be removed from any Direct Marketing activities. CTC may still contact the Data Subject in order to fullfill any contractual obligations concerning the policies and services provided.
Disclosure of personal information
In many circumstances we will not disclose personal data without consent. However, when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 30 May 2018.
How to contact us
Data Protection Officer
Charter Tax Consulting Ltd
1 Bedgebury Business Park