ROHIT SOLANKI AND ESSAR ACCOUNTANTS - GENERAL DATA PROTECTION REGULATIONS

Privacy Statement – May 2018

The Purposes of Processing Personal Data

The term 'we' or 'us' in this Privacy Policy, refers to the Rohit Solanki and Essar Accountants. We are “processors” of personal information. We will use some, or all, of your personal data to:

1. Enable us to supply professional services to you as our client;
2. Fulfil our obligations under relevant laws in force from time to time (e.g. the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (“MLR 2017”));
3. Comply with professional obligations to which we are subject as a member of the Association of Chartered Certified Accountants (“ACCA”);
4. Use in the investigation and/or defence of potential complaints, disciplinary proceedings and legal proceedings;
5. Enable us to invoice you for our services and investigate/address any attendant fee disputes that may have arisen; and
6. Contact you about other services we provide which may be of interest to you if you have consented to us doing so.

Lawful Basis for Processing

The processing of your personal data is necessary for the contract we have with you (Letter of Engagement) and legal obligations to which we are subject to (e.g. MLR 2017).

Categories of Personal Data Obtained

In addition to personal data obtained from yourself, and maybe your professional adviser(s), we sometimes obtain personal data from HM Revenue & Customs (“HMRC”) and Companies House to assist in the preparation of Accounts, Company Secretarial documents, Payroll, Reports and Tax Returns. When appropriate, we will request personal data from a previous Accountant/Tax Advisor to ensure a smooth handover of your affairs and to accurately prepare your Accounts, Tax Returns and other documents. Rohit Solanki and Essar Accountants does not purchase information about clients or potential clients. We do not obtain any data from people who visit or access our website.

Recipients of Your Personal Data

We may share your personal data with:

1. HMRC & Companies House;
2. Any third parties with whom you require or permit us to correspond;
3. Subcontractors;
4. An alternate appointed by us in the event of incapacity or death;
5. Tax insurance providers;
6. Professional indemnity insurers; and
7. Our professional bodies (ACCA in relation to practice assurance and/or the requirements of MLR 2017 (or any similar legislation).

If the law allows or requires us to do so, we may share your personal data with:

8. The police and law enforcement agencies;
9. Courts and tribunals; and
10. The Information Commissioner’s Office (“ICO”)

We may need to share your personal data with the third parties identified above in order to comply with our legal obligations, including our legal obligations to you. If you ask us not to share your personal data with such third parties, we may need to cease to act. We will ensure that any third party that we deal with have shown us their privacy statements.

Retention Periods of Personal Data

In accordance with recognised good practice within the tax and accountancy sector we will retain all of our records relating to you as follows:

1. Whilst you are a client of Rohit Solanki and Essar Accountants, it is our policy to retain our correspondence files and permanent data files whilst you are a client of ours and for 7 years thereafter. Except where we have a legal obligation to retain files for a specific period, you can request that the delete our correspondence files after you have ceased to be a client;

2. Where Accounts and Tax Returns etc. have been prepared it is our policy to retain information for 7 years from the end of the tax year to which the information relates;

3. Where ad hoc advisory work has been undertaken it is our policy to retain information for 7 years from the date the business relationship ceased; and

4. Where we have an ongoing client relationship, data which is needed for more than one year’s tax compliance (e.g. capital gains base costs and claims and elections submitted to HMRC) is retained throughout the period of the relationship, but should be deleted 7 years after the end of the business relationship unless you as our client ask us to retain it for a longer period.

Subject to the above, our contractual terms provide for the destruction of documents after 7 years and therefore agreement to the contractual terms is taken as agreement to the retention of records for this period, and to their destruction thereafter.

You are responsible for retaining information that we send to you (including details of capital gains base costs and claims and elections submitted) and this will be supplied in the form agreed between us. Documents and records relevant to your tax affairs are required by law to be retained by you for the appropriate time.

The Rights Available to Individuals

Subject to any overriding legal requirements, the GDPR provides the following rights for individuals:

1. The right to be informed about our processing of your personal data;
2. The right to request access of your data;
3. The right to rectification of inaccurate and/or incomplete data;
4. The right to erasure of your personal data;
5. The right to restrict processing of your data;
6. The right to data portability of your data; and
7. The right to object to processing of your data.

There are rights in relation to automated decision making and profiling. Rohit Solanki and Essar Accountants are not involved in such activities.
You have the right to complain to the Information Commissioner’s Office. It has enforcement powers and can investigate compliance with data protection law.

What Personal Data Do We Hold?
We hold personal data such as full names, previous or other names, current and previous addresses, marital status, gender, telephone numbers, email addresses, date of birth, national insurance number, tax reference number, bank account details, copies of the identification documents such passport, driving licence, utility bills, details of your spouse or civil partners, and financial details.

Where and How is Personal Data Secured?
We have computer systems to hold personal data in electronic format. We use commercial company secretarial, tax, payroll and accounting software supplied by Sage Plc, QuickBooks, Wolters Kluwer Limited, plus Microsoft software. The computer systems are password protected and have professional malware and anti-virus software installed, which is up-dated regularly. Data is backed up regularly. Current paper-based data held in files and folders are held in lockable filing cabinets in locked offices.

Some data is held in cloud based systems which are regularly backed up and held in password protected environments. Some locations are outside the European Union but those companies have assured us that they comply with the same GDPR regulations that exist within the European Union

We may amend this privacy notice from time to time but the most up to date version of the privacy notice will be available on our website.

Transfers Outside the UK
We may need to transfer your information outside the UK to other Group companies, service providers, agents, subcontractors and regulatory authorities in countries where data protection laws may not provide the same level of protection as those in the European Economic Area.

Your Communication with Us
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.

Name of the Responsible GDPR Officer
Mr Rohit Solanki, Essar Accountants, Devonshire House, 582 Honeypot Lane, Stanmore, Greater London, HA7 1JS