PRIVACY POLICY

This privacy policy provides you with information about how Grosvenor House Practice Limited collects and uses your personal data, in accordance with the General Data Protection Regulation (GDPR) which came into effect on 25th May 2018.

General Principles

Grosvenor House Practice follows the following principles when processing personal data, in line with our duty of confidentiality to you – all data will be:

  • Processed lawfully, fairly and in a transparent manner
  • Collected for specified, explicit and legitimate purposes
  • Adequate, relevant and limited to what serves the purpose
  • Accurate and kept up to date (inaccurate data should be erased)
  • Kept in an appropriate form which allows for identification of data subjects and is kept for no longer than is necessary
  • Processed securely

Data and Data Sharing

The type of data we hold about you to provide your service include:

  • Personal details – i.e. name, address, date of birth and contact information
  • Details of services and correspondence

We will share your personal data with third parties where we are required to by law and where we need to, in order to provide you with your service – i.e. HMRC and Companies House.

Third parties include third party service providers – IT and cloud services, professional advisory services and administration services. All our third party service providers are only allowed to process your personal data in accordance with our instructions and for no other purpose.

Processing your Personal Data

Processing your data can be obtaining, recording, holding or doing anything else with data – i.e. organising, adapting, altering, using, disclosing or removing.

GDPR applies to controllers – a person who decides how and why personal data is processed (Grosvenor House Practice) and processors – a person acting on the controller’s behalf. Processors have to maintain data processing records, document under which lawful basis they process data and inform the data controller in the case of a breach.

Lawful Basis for Processing

Grosvenor House Practice must have a lawful basis for processing personal data.

  • Legal Contract – Processing is necessary for us to have a contract with individuals – i.e. an engagement letter for specific accounting services
  • Legal Obligation – Processing is necessary to comply with a legal obligation under EU laws or regulations we are subject to
  • Legitimate Interests – The controller or processor have a legitimate interest to process data, except where such interests are overridden by the interests, right or freedoms of the data subject
  • Consent – this must be freely given, informed and explicit rather than implied. Specific for the purpose for which it is given and separate from other terms. Consent should be clear, documented, unambiguous and verifiable and have an easy to use option to withdraw.

Your Rights (SARs)

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure (right to be forgotten)
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights re: automated decision making and profiling

You can exercise your rights at any time by contacting us using any of the contact details in our section Contact Us below

Changes

It is important that the personal data we hold about you is up to date and current. Should your personal information change, please notify us as soon as possible.

Any changes to this policy will be updated and publicised here on our website.

Contact Us

If you have any questions regarding this policy, please either email us on info@ghpl.co.uk or telephone us on 01666 503606.

Grosvenor House Practice does not have a Data Protection Officer. Our Director, Tim Brown will oversee data protection matters.

Grosvenor House Practice will always aim to resolve any complaint you might have regarding the handling of your personal data; however, you also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:

Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow
,
Cheshire
,
SK9 5AF
Telephone – 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Website www.ico.org.uk