The Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR) requires organisations that process personal data to meet certain legal obligations. We are a data controller within the meaning of the Act and we process personal data. We are committed to complying with the requirements of the DPA and GDPR. As a result, we confirm that personal information we process will only be held (or otherwise processed) to the extent necessary in order to provide the agreed professional services and for any other purpose specifically agreed.
Personal Information We Collect
We collect personal information that is necessary to provide bookkeeping and tax advisory services to our clients. This information may be obtained in several ways, including:
· Directly from our clients: We may collect personal information directly from our clients, such as when they provide us with their financial records or tax-related documents.
· From other sources: We may obtain personal information from third-party sources, such as government agencies or other professional advisors who have been engaged by our clients.
Personal information that we collect may include:
· Contact information, such as name, address, phone number, and email address
· Financial information, such as income, expenses, and bank statements
· Tax information, such as tax returns and supporting documents
· We may also collect personal information that is publicly available or that you have provided to us with your consent.
How We Use Personal Information
We use personal information to provide bookkeeping and tax advisory services to our clients. This includes:
· Communicating with our clients about their financial and tax affairs
· Preparing and filing tax returns and other tax-related documents
· Maintaining financial records for our clients
We may also use personal information for other business purposes, such as improving our services and complying with legal and regulatory requirements.
How We Protect Personal Information
We take reasonable measures to protect personal information from unauthorized access, disclosure, alteration, or destruction. This includes:
· Limiting access to personal information to authorized personnel
· Computer systems protected by firewalls, designed to prevent unauthorized access to our network and to protect against unauthorized transmission of personal information
· Use of anti-virus and anti-malware software to protect our computer systems against cyber threats.
· Regularly monitoring our systems for vulnerabilities and potential breaches
· Providing training to our staff on privacy and data security practices
We may also engage third-party service providers to assist us in providing bookkeeping and tax advisory services. We require these providers to use personal information only for the purposes for which it was provided and to take appropriate measures to protect it.
Disclosure of Personal Information
We may disclose personal information to third parties in the following circumstances:
· To comply with legal or regulatory requirements
· To respond to a court order or other legal process
· To protect the rights, property, or safety of CF Ledgers, our clients, or others
· To our professional advisors, such as accountants, lawyers, and auditors, for the purpose of providing professional services to us
We will not sell, rent, or trade personal information to third parties for marketing or other purposes without your consent.
Disposing of Personal Information
We retain personal information only as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law. When personal information is no longer needed, we take reasonable measures to dispose of it securely, such as shredding paper records or securely deleting electronic records.
We also take appropriate measures to dispose of personal information that is no longer necessary for legal or regulatory purposes. This includes deleting or destroying personal information in a manner that prevents unauthorized access or us.
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Address: CF Ledgers, 13 Mount Merrion Drive, Belfast, BT6 0FX
Phone Number: 07738292909
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at CF Ledgers, 13 Mount Merrion Drive, Belfast, BT6 0FX.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk