GDPR Privacy Notice EFJ Consulting Privacy Notice
GDPR compliant
For clients, suppliers, and contacts
We ask you to read our privacy notice. It covers essential information like who we are, how and why we collect, store, use, and share your personal information, your rights about your private information, and how to reach us and administrative authorities in the event you have a complaint.
When EFJ Consulting processes your data, we are required to comply with the Data Protection Act 1998 (“DPA”) up to and including the 24th May 2018 and from the 25th May 2018, the General Data Protection Regulation 2016 (“GDPR”) (the DPA and GDPR are together referred to as the “Data Protection Legislation”)
EFJ Consulting is a firm of Chartered Certified Accountants regulated by the Association of Chartered Certified Accountants (ACCA). We collect, use, and be responsible for certain personal information about you in our business with you. When we do so, we are regulated under the General Data Protection Regulation, which applies across the European Union (including in the United Kingdom). We are also the data controller of that personal information for those laws.
In the course of our business dealings as the providers of professional services, we collect the following private information when it is presented to us and classified as below:
Clients: Contact details (business address, individual name, telephone number, and email address, date of birth), financial information, data to prove clients’ identity information about clients’ circumstances, and as provided to us by our customers;
Suppliers: Contact details of suppliers who present/have rendered goods or services to us as individuals or on account of their employer’s company (“the Supply Contract”);
Contacts: Contact details of individuals who have been connected with us and have given personal information to enable us to contact them.
We collect data available on public records (e.g., Companies House, client’s website). We do not obtain private information from any other sources except data transferred and or requested by us from the tax advisors and client’s previous auditors.
If you are our consumer and you have given us, or we have collected your data, we use that information to allow us to provide our assistance to you;
If you are our Supplier and you must give us personal data, we utilize that knowledge to enable us to get in contact with you in Contact and to the degree of our Supply Contract;
Suppose you are our Connection (counting previous customers). In that case, we utilize the personal data you have given to us to contact you about our policies. Other data about our community that we accept will apply and be required to you.
We don’t routinely share individual data. On Clients’ directions, we may need to give personal data where the administrations provide a distinguished outsider provider. We will find a way to ensure that any data transmitted will be constrained to what is vital for the particular reason and prepared as per GDPR standards.
We will share personal knowledge with law implementation or other authorities if required by relevant law.
We do not assign any of your data to third companies without your prior consent. We will use your data within our organization, our subcontractors, and any associates. We will take the appropriate steps to ensure that any data shared with our subcontractors and partners will be limited to what is necessary for the specific goal. We will have a strict confidentiality contract with them and have made essential checks about their data protection policy.
If you are our client, we will hold your data for so long as you continue to be a client of EFJ Consulting;
If you are our Supplier, we will contain your name and location (incl. phone and email) for up to 7 years later the Supply Agreement is finished, and past that, we will keep that data for since we sensibly figure we may need to get in contact with you about additional, similar products and investments that you may have the ability to fulfill to us;
Suppose you are a Contact (counting previous customers). In that case, we will hold your contact points of interest just since we sensibly think that the data we may provide to you is vital to and essential to you. We will erase your detailed contact elements if you ask that us not keep on transferring such data to you or whenever on the off opportunity that we have the impulse to assume that the data is outdated. For the most part, we will keep your information for a time of 7 years after you last reached us.
If you are a Consumer, we depend on how we need to have and utilize that data to execute our agreement with you as the legitimate premise on which we gather and use your information.
If you are a Supplier, we likewise depend on our authentic advantages as the legitimate premise to gather and utilize your information (notwithstanding authoritative need). Our genuine benefits in such a manner are two-overlap. Right off the bat, we may need to reach you about the Supply Contact. Also, we may need to get in touch with you about other comparable merchandise and administrations.
If you are a Contact (counting previous customers), we depend on our real blue interests as the legal premise to gather and utilize your information. Our genuine services keep you trained of our occasions, administrations, and other data about our community we sensibly consider may hold any importance with you. It will be limited to data sent to you by email to your business email address. With each correspondence, you will be given a sensible and transparent alternative to quitting facilitate exchanges and request that we erase the individual data we hold about you. We have considered the danger of mischief to your protection rights and your information security and have inferred that the hazard is negligible given (I) the strategy, volume, and substance of the correspondences that we may send to you (which will be neither unnecessary nor liable to offend) (ii) the kind of information (your subtle contact elements) that we procedure for this reason, and (iii) your entitlement to quit assist interchanges and to request that we erase your data from our records whenever
Any unrequested contact by electronic communication to an individual (not business) record will regard your e-security rights by being limited to utilizing e-contact points of interest that you furnished to us. Regarding the supply by us to management, you paid us for or enquired about beforehand and restricted to the same or similar services.
We don’t trust that there will probably be any genuine outcomes to you regarding our data utilization. The potential products that we have identified are:
The danger of the personal data that we hold about you being accidentally lost, utilized, or got to in an unapproved way. We have discovered a way to secure against this (please observe additional data under the heading “Keeping your own data secure” beneath).
You may, infrequently, get spontaneous similarities from us. Be that as it may, we don’t believe that the recurrence, person, or way of these exchanges will chance any rupture of your protected rights.
Transfer of your knowledge out of the EEA
For the most component, we don’t plan to assign your data out of the EEA. Be that as it may, already in a while, we may use MailChimp as a way to get in touch with you about essential data. It will include a portion of your knowledge (name and email address) being exchanged outside the EEA to the United States. MailChimp ensures the Privacy Shield structure.
Under the General Data Protection Regulation, you have various necessary rights complimentary. In summary, those incorporate rights to:
fair handling of data and clarity over how we utilize your personal information
access to your data and specific other additional data that this Privacy Notice is as of now thought to address
require us to remedy any errors in your data which we hold
require the deletion of personal data concerning you in specific cases
receive the personal data concerning you which you have given to us, in an established, generally utilized, and machine-clear organization and have the privilege to communicate that information to an outsider in particular circumstances
object whenever to the administration of individual data concerning you for coordinate showcasing
item to choices being taken via robotized indicates which create specific impacts affecting you or comparably essentially influence you
the objection in certain different circumstances to our kept preparing of your data
otherwise, limit our preparation of your data in specific circumstances
claim remuneration for harms caused by our data security breach
For additional information on each of those claims, incorporating the conditions they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual rights under the General Data Protection Regulation.
email, call, or keep in touch with us (contact subtle elements beneath),
let us have enough data to distinguish you,
let us have confirmation of your personality and address (a duplicate of your driving permit or passport and a current utility bill), and
let us know the data to which your request relates to
Keeping your personal information secure
We have proper safety measures set up to keep individual data from being coincidentally lost, utilized, or got to in an unauthorized way. We constrain access to your data to the individuals who have a real and genuine business need to know it. Those managing your data will do as such just in an accepted way and are liable to confidentiality responsibility.
We additionally have systems set up to manage any reflected information security breach. We will inform you and any controls of a presumed information security breach where we are legitimately needed to do as such.
We can solve any query or matter you may raise about how we use your knowledge.
If you think we have treated your data illegally or that we have not complied with GDPR, you can communicate your concerns to the supervisory authority in your field. The supervisory authority in the UK is the Information Commissioner’s Office (“ICO”). You can visit the ICO on 0303 123 1113 or get in impact via other centers, as set out on the ICO website – https://ico.org.uk/concerns/.
Modifications to this retreat notice
This retirement notice was issued in May 2018.
We may change this privacy declaration from time to time. When we do, we will notify you via our website.