Privacy Policy

Legal & Privacy
This is the website of GRC Accountants Ltd. For more information about our business, please visit www.grcaccountants.co.uk

About GRC Accountants Limited
For the purpose of the Data Protection Act 1998, the data controller is GRC Accountants Limited, a company incorporated and registered in the United Kingdom, with company number 08021649 with registered office at 166 Banks Road, West Kirby, Wirral CH48 0RH. Call 0151 321 2340 for further information.

We are registered to carry on audit work in the UK by the ACCA. Details about our registration can be viewed at http://www.accaglobal.com/uk/en/member.html under reference number 2616375.
All information provided by GRC Accountants in this website, including any information contained in our blog, has been prepared for general information and illustration purposes and does not form a business or professional services relationship between the reader and GRC Accountants Ltd.

Although we have taken due care in the preparation of all information contained in this website and blog, any reliance on the information concerned is solely at the user’s risk. You should always take professional advice in relation to your individual circumstances and this information should not be used as a substitute for consulting with professional accountancy and tax advisers.

Before taking any action relating to your financial situation, you should consult a professional adviser. GRC Accountants accepts no responsibility for any errors or omissions in the information obtained from this website and blog and GRC Accountants accepts no liability for any loss (whether personal or business) resulting from reliance on any information contained in this website and blog.

This GRC Accountants website contains links to other third party services and websites. We cannot provide any warranty (implied or otherwise) as to the accuracy or source of information contained in those websites or information you may download. Links from the GRC Accountants website to third party websites do not constitute any endorsement of these third party organisations or companies.

Collection of personal data
The extent and type of information we receive from you on our external website depends on what you do when visiting our sites. If you visit our site to read or download information, such as news stories or articles, all of the information we collect - such as the domain from which you access the Internet, the date and time you access our site, and the Internet address of the website from which you linked directly to our site - is anonymous. Information about the number of visitors and their use of the site and will only be used for statistical purposes to make our site more useful and attractive to you.

If you provide us with personal data we will use it to process your online requests, to provide information or services to you or your organisation and to let you know about other GRC Accountants information and services in which we feel you might be interested. For example, if you send us an email message requesting information about GRC Accountants, we will use your email address and other information you supply to respond to your request. If we intend to use your personal information to tell you about our other services, we will tell you so and give you an opportunity to decline to receive such communications. Your personal information will be retained only for as long as necessary to fulfil the purposes for which the information was collected or as required by law.

Protection of personal data
We do not share personal information with third parties except as necessary to carry out our business, your requests or as required by law or other legal processes. We will never sell your personal information to third parties.

GRC Accountants has security policies and procedures in place to protect your personally identifiable information from loss, misuse, alteration or unintentional destruction. Our personnel who have access to the data have been trained to maintain the confidentiality of such information.

Links
Our website contains links to other websites but this online privacy statement applies only to the personal data collected via this website (www.grcaccountants.co.uk), which is operated by GRC Accountants Ltd. We are not responsible for the privacy practices of other sites and would encourage visitors to check the privacy policy of every site they visit.

Direct marketing
You may at any time amend or update your personal information or request us to stop using your personal data for direct marketing purposes by contacting us at [email protected]

Editor
The editor of this website is the Director of GRC Accountants Ltd.
Gareth Cooper
166 Banks Road,
West Kirby, Wirral
CH48 0RH


Website Privacy Statement
GRC Accountants takes the security of and our legal responsibilities around your personal data seriously. This statement explains relevant information about our processing of your personal data collected via this website.

The personal data we process as a result of your visiting our website depends on the data you provide to us.  If you access our site but do not interact further with us, we will only process the data contained in cookies (see ‘Cookies’ for more info).  Should you decide to interact with us by, for example, submitting a request form we will process the data that you provide for the purposes stated on the enquiry form. Some fields within our forms are mandatory as without them we will be unable to make further contact with you to answer your request.

By providing us with your personal data you give us your consent to use it to provide you with the requested service. Should you provide us with business contact details we may also use those contact details in pursuit of our legitimate interests in promoting and developing our business.

All personal data submitted through this site may be used by us in an anonymised form to assess and improve the services delivered herein and for our wider business development activities.
GRC Accountants Ltd. is the Data Controller for all personal data you provide us with via our website.
We do not share your personal data collected through this website with third parties unless you become or are a client where different data processing conditions apply.  Please review the relevant privacy statement if you are an existing client of our services. We do not sell or rent your personal data for any purpose.

For any questions, queries or other data protection matters, our Data Protection Officer can be contacted by emailing: [email protected]

Data Subject Rights
GRC Accountants Ltd. acts as the Data Controller for all personal data submitted through our website.  Accordingly you may exercise a number of rights over your data including:
-       Accessing the personal data we hold about you
-       Asking us to correct any of your personal data we hold which are inaccurate
-       Request to have your personal data deleted
-       Put in place restrictions on our processing of your data
-       Asking us to transfer your data to another controller (data portability)

We will handle all of your data subject rights in accordance with the requirements of the GDPR and any national laws.  Should you need to exercise any of your data subject rights please contact our Data Protection Officer on: [email protected]

If you are dissatisfied with the way we have handled your personal data and we are unable to resolve the issue for you, you may take the matter to the Information Commissioner’s Office.  Further details can be found via their website at www.ico.org.uk.

Duration of Processing
We retain and manage all information submitted through this website in accordance with our Data Retention Policy and only hold it for as long is necessary.

Data Security
Data transferred over the internet by us and through this website are protected using encryption technologies to ensure they remain secure.

Please note that communications over the internet cannot be guaranteed as secure.  Whilst we take appropriate steps to protect your data we cannot guarantee that it will remain secure in transit. Once data reaches your network it is your responsibility to ensure it remains secure.

Changes to this statement
This statement was last updated in May 2018.  Any changes will be published on this page and we recommend you check here regularly to ensure you remain in agreement with our data processing activities.

Should any significant changes be made which may directly impact on the way you interact with us through this website, we will make these clear to you at the start of your interaction with our site.


Clients Privacy Statement
The following information applies to those individuals who receive services from us or who are seeking to do so. These conditions apply in addition to those of use of our website. Where any conflict arises between the Website conditions and these conditions, and you are an existing client of our services, the conditions contained in this ‘Clients Privacy Statement’ section shall prevail.

Types of Personal Data Processed
The types of personal data processed will vary depending on the data you require us to process in order to deliver to you with the requested service(s) and in accordance with our engagement terms with you. You may ask us to process both ‘personal data’ as defined in Article 4(1) GDPR and or ‘Special category Personal Data’ as defined in Article 9(1) GDPR.

Data Subjects
Personal data we process and on your behalf may include: client and prospect data, your staff data, your contractor data and your supplier data.

Legal Basis for Data Processing
It will be your responsibility as the Data Controller to ensure you provide us with data for processing activities for which you have identified a legal basis for such processing.  We will not accept responsibility for your providing us data without a legal basis for doing so.

Where we require personal data from you for our own purposes we normally do so on the following legal bases as defined under GDPR:
● Contract entry and performance: In order to commence working with you as a client we are legally required to take certain steps, such as assuring ourselves of your identity.  In order to do so we require some personal data from you.  During the course of our engagement with you we require to continue processing personal data about you to enable us to deliver the service(s) to you.
● Our legitimate interests: We may also use your personal data on the basis of our own legitimate interests in promoting our services and developing our services and assessing our performance. Activities promoting our services include business to business marketing which you may opt-out of at any time.  Opt-out can be achieved by responding using the unsubscribe options contained within the information you have received or by emailing our Data Protection Officer at [email protected].
● Legal obligations: certain statutory obligations apply to GRC Accountants work which require us to process personal data and in some circumstances to provide it to third parties such as law enforcement.  Where such obligations arise we will, insofar as is possible without breaching any other duty we owe to those services, advise you of our intention to process your data for their purposes.
Should we require any Special Category Personal Data from you we will ask for your permission to process this data.

Duration of Processing
We will process personal data on your behalf for so long as you instruct us to do so.  At the cessation of our activities on your behalf it is your choice as to what happens to the personal data you have provided to us.  We will work with you to carry out your reasonable instructions.

Personal data we collect for our own purposes will be managed in accordance with our Data Retention Policy which reflects current legal obligations.

Use of sub-processors
As part of our service delivery it is necessary for us to use sub-processors.
Our IT support is largely provided by parties external to GRC Accountants.  Some solutions we utilise are cloud based and our need to rely upon those systems varies depending upon the services we deliver to you.

Most sub-processors do not engage directly with your data and simply provide secure storage solutions for the data we process. Sub-processors are prohibited from using your personal data for their own purposes.

Data Transfers
GRC Accountants utilise a number of suppliers to provide us with IT and other associated services for the delivery of our business and services to you.  In many cases, the suppliers we use will be granted access to the data we are processing in order to provide us with technical assistance. Such processing activities are not directly related to our principal services to you and are considered ancillary to our own internal activities.

As part of our service delivery we process limited personal data for the purposes of, including but not limited to, data storage, back up, destruction, billing, client management, conflict checking and know-how.
By asking us to act as a Data Processor on your behalf you permit us to use EU standard contractual clause agreements with our chosen sub-processors on your behalf.  

Your Data Subject Rights
Where we act as a Data Controller for your data you may exercise a number of rights.
You may:
-       Request access to the personal data we hold about you
-       Ask us to correct any data which are inaccurate
-       Request to have your personal data deleted
-       Put in place restrictions on our processing of your data
-       Ask us to transfer your data to another controller (data portability)

We will handle all exercise of your data subject rights in accordance with the requirements of GDPR and any national laws at the time of your request.  Requests should be submitted in writing to our Data Protection Officer [email protected]

If at any point you are dissatisfied with the way we have handled your personal data and we are unable to resolve the matter for you, you may take your complaint to the Information Commissioner’s Office.  Further details can be found via their website at www.ico.org.uk.

Should we receive a request from you or one of your staff, clients, customer, contractors or prospects, to exercise data subject rights but we are only acting as a Data Processor, we will forward your request to you as Data Controller to process.  Unless you explicitly instruct us not to we will advise the data subject that we have passed their request to you.

Data Security
GRC Accountants has put technological and managerial controls, including policies and procedures, in place to protect your personally identifiable information from loss, misuse, alteration or unintentional destruction. Our personnel who have access to the data have been trained to maintain the confidentiality of such information.

Please note that no communications over the internet can be guaranteed as secure.  Whilst we take appropriate steps to protect your data we cannot guarantee that it will remain secure in transit.  Once data reaches your network it is your responsibility to ensure it remains secure.

Marketing emails
Some of our marketing emails may contain web beacons, web bugs, cookies or other similar technologies which enable us to understand whether you open, read, or delete the message and any interaction you make with links contained therein.  When you click on a link in a marketing email you receive from us we may also use cookies to log what pages you view, in accordance with our cookies policy.

Targeted emails from us may include additional data privacy information as required by applicable privacy laws.

Changes to this Statement
We recommend you check this statement on a regular basis to ensure you remain in agreement with the activities we carry out in respect of processing personal data.

Should we make significant changes to the way we process data, we will draw your attention to the relevant part(s) of this statement through email and or other appropriate communications as part of our engagement activities with you.

Any changes to our ‘Website’ privacy notice shall be managed in accordance with the terms stated thereunder.

For any enquiries, please contact: [email protected]