Privacy Policy

Image by Marten Bjork

Cashtrac understands that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of all our clients and everyone who visits our website or is in receipt of our monthly newsletter. We will only collect and use personal data in ways that are described here and in a manner that is consistent with our obligations and your rights under the law.


Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of our Privacy Policy is deemed to occur upon your first use of our services. If you do not accept and agree with this Privacy Policy, you must stop using our services immediately.

 

Definitions and Interpretation
In this Policy, the following terms shall have the following meanings: “Personal Data" Means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to us. This definition shall, where applicable, incorporate the definitions provided in the Data Protection Act 1998 and EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”) “We/Us/Our” Means Cashtrac Ltd (trading as Cashtrac Accountancy Services) a limited company registered in England under company number 05831093. Our registered office and main trading address is 15 Westgate House, Gloucester GL1 2RU Information about Us Our website and social media pages are owned and operated by the company Our VAT number is 923930621 Our Data Protection Officer is Karen King, and can be contacted by email at karen@cashtrac.co.uk, by telephone on 01452 413800, or by post at the registered office address Cashtrac Ltd March 2018.


What does this policy cover?
This Privacy Policy applies to any or all use of our website, our social media pages and use of our accountancy & bookkeeping services. Your Rights As a data subject, you have the following rights under the GDPR, which this Policy and our use of your personal data have been designed to uphold: The right to be informed about our collection and use of personal data; The right of access to the personal data we hold about you The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you (we only hold your personal data for a limited time to comply with our professional obligations. If you would like us to delete it sooner, please contact us The right to restrict (i.e. prevent) the processing of your personal data The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation) The right to object to us using your personal data for particular purposes Rights with respect to automated decision making and profiling If you have any cause for complaint about our use of your personal data, please contact us using the details provided. We will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

What data do we collect?
Depending upon your use of services, we may collect some or all of the following personal and non-personal data:

  • Full name(s)

  • Date of birth

  • Gender

  • Business/company name

  • Job title

  • Profession

  • Contact information such as email addresses and telephone numbers 

  • Demographic information such as post code, preferences, and interests

  • Financial information such as bank accounts, credit/debit card numbers

  • IP address

  • National Insurance & various tax reference numbers

  • Driving licence &/or passport details

How do we use your data?
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will always comply with our obligations and safeguard your rights under the Data Protection Act 1998 and GDPR. Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (e.g. by subscribing to emails or acceptance of an engagement contract), or because it is in our legitimate interests. Specifically, we may use your data for the following purposes:

  • Supplying our products and/or services to you (please note that we require your personal data to enter into a contract with you).

  • Personalising and tailoring our products and services for you

  • Replying to emails from you

  • Supplying you with emails that you have opted into (you may unsubscribe or opt-out at any time by providing your request in writing or via email to karen@cashtrac.co.uk.

Communications with regulatory authorities
With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email, telephone, text message or by post with information, news, and offers on our products and services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the Data Protection Act 1998, the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003. Your personal data including records compiled while providing our services to you will be retained for a minimum of 8 years from the date of completion of the service. This is to ensure compliance with the regulations enforced by our professional accountancy body and those of HMRC & Companies House.

 

How and where do we store your data?
We only keep your personal data for as long as we need to to use it as described above and/or for as long as we have your permission to keep it. Some or all of your data may be stored outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). You are deemed to accept and agree to this by using our services and submitting information to us. If we do store data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the Data Protection Act 1998 and the GDPR
including:
We ensure any software we use to store or process your data subscribes to the very highest security protocols and where applicable use all suitable encryptions available. Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure data collected.

 

Do we share your data?
In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority. We may sometimes contract with third parties to supply products and services to you on our behalf. These may include payment and data processing, delivery of services, advertising, and on occasion marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.


What happens if our business changes hands?
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by us. In the event that any of your data is to be transferred in such a manner, you will be informed of the changes.


How can you control your data?
In addition to your rights under the GDPR, when you submit personal data to us, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of confirming your details). You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving. 

How can you access your data?
You have the right to ask for a copy of any of your personal data held by us (where such data is held). Under the GDPR, no fee is payable and we will provide any and all information in response to your request free of charge.


Contacting Us
If you have any questions about this Privacy Policy, please contact us by email, by telephone, or by post. Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you.


Changes to our Privacy Policy
We may change this Privacy Policy from time to time and without notice. Any changes will be immediately posted on our website and you will be deemed to have accepted the terms of the Privacy Policy on your first use of any our services thereafter. We recommend that you check this page regularly to keep up-to-date.

 

Cashtrac Accountancy Services
October 2020