​
CJ Ramsay & Associates Accountants are committed to protecting and respecting your privacy. We will only use your personal information to deliver the accountancy, taxation, audit and/or business advice services you have requested from us, and to meet our legal responsibilities to HM Revenue & Customs and Companies House.
​
This Policy together with our terms of use and any other documents referred to on it, explains when and why we collect personal information about people who visit our website www.cjramsayaccountants.co.uk. It explains how we use it, the conditions under which we may disclose it to others and how we keep it secure.
​
We may change this Policy from time to time so please check this page occasionally to ensure that you are happy with any changes. By using our website, you are agreeing to be bound by this Policy.
​
The Data Protection officer is Chris Ramsay who can be contacted about anything to do with your personal data and data protection, including to make a subject access request, using the following details:
​
Email address: office@cjramsay.co.uk
Telephone number: 07989 390914
Introduction
The Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR) requires organisations that process personal data to meet certain legal obligations. We are a data controller within the meaning of the Act and we process personal data. We are committed to complying with the requirements of the DPA and GDPR. As a result we confirm that personal information we process will only be held (or otherwise processed) to the extent necessary in order to provide the agreed professional services and for any other purpose specifically agreed.
Who are we?
CJ Ramsay & Associates Accountants whose. We are a registered company: Condor Accountants t/a CJ Ramsay & Associates Limited Company Registration No: 12339644 (England & Wales)
How do we collect information from you?
We obtain information about you when you engage us to deliver our accountancy, taxation, audit and/or business advice services and when you use our website. For example, when you contact us about products and services, or if you register to receive one of our newsletters or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our service, participate in social media functions on our site, enter a competition or survey and when you report a problem with our site.
What type of information is collected from you?
The personal information we collect from you will vary depending on which accountancy, taxation, audit and/or business advice services you engage us to deliver. The personal information we collect might include your name, address, telephone number, email address, your Unique Tax Reference (UTR) number, your National Insurance number, bank account details, your IP address, which pages you may have visited on our website and when you accessed them.
How is your information used?
In general terms, and depending on which accountancy, taxation, audit and/or business advice services you engage us to deliver, as part of providing our agreed services we may use your information to:
-
carry out our obligations arising from any contracts entered into by you and us according to the provisions of UK laws and professional regulations (e.g anti-money laundering requirements)
-
contact you by post, email or telephone
-
verify your identity where this is required
-
understand your needs and how they may be met
-
maintain our records in accordance with applicable legal and regulatory obligations
-
process financial transactions
-
seek your views or comments on the services we provide
-
notify you of changes to our services
-
prevent and detect crime, fraud or corruption
-
prepare and file accounts and tax returns
-
provide advice on tax and national insurance liabilities
-
provide ad-hoc advice.
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically five or six years. To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.
We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Where we use subcontractors they will comply with General Data Protection Regulation (GDPR) requirements.
Information which may be given to others
In order for us to provide the agreed services, we may provide personal data about you to:
-
HMRC
-
other third parties you require us to correspond with (for example, finance providers, pension providers(including auto-enrolment) and investment brokers.
-
subcontractors who are bound by the same professional and ethical obligations as the principals and employees of the practice
-
an alternate appointed by us in the event of incapacity or death
-
tax insurance providers
-
professional indemnity insurers
-
our professional body Institute of Chartered Accountants in England and Wales (ICAEW) or an external reviewer in relation to quality assurance.
We need to give information to these other parties in order to fulfil our contractual obligations to you and therefore it is not possible to opt out of the provision of information to these parties. If you ask us not to provide information we may need to cease to act. If the law allows or requires during the period of our contractual arrangements or after we have ceased to act we may give information about you to:
-
the police and law enforcement agencies
-
courts and tribunals
-
the Information Commissioner’s Office (ICO).
In addition, after we have ceased to act we may give information about you to:
-
our professional indemnity insurers or legal advisers where we need to defend ourselves against a claim
-
our professional disciplinary body where a complaint has been made against us in order to defend ourselves against a claim
-
your new advisers or other third parties you ask us to give information to.
Retention of information
When acting as a data controller and in accordance with recognised good practice within the tax and accountancy sector we will retain all of records relating to you as follows:
-
where tax returns and accounts have been prepared it is our policy to retain information for seven years from the end of the tax year to which the information relates.
-
where ad-hoc advisory work has been undertaken it is our policy to retain information for seven years from the date the business relationship ceased.
-
where we have an ongoing client relationship permanent information (the data supplied by you and others which is needed for more than one year’s tax and accounts compliance) including, for example, capital gains base costs and claims and elections submitted to HMRC, are retained throughout the period of the relationship but will be deleted seven years after the end of the business relationship unless we are asked to retain it for a longer period by our clients.
-
under the Money Laundering Regulations (MLR 2017) personal data must normally be destroyed within specified time limits but where contractual agreement is in place this is taken as agreement under Regulation 40 (5) MLR 2017 to retain records for the longer period of seven years.
​​
Who has access to your information?
-
We will not sell or rent your information to third parties.
-
We will not share your information with third parties for marketing purposes.
-
Any team member with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow.
​​
We may share your information with selected third parties including:
-
Business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
-
Analytics and search engine providers that assist us in the improvement and optimisation of our site.
-
Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
Third Party Service Providers working on our behalf:
We may pass your information to our third party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf for example to process payroll or basic bookkeeping. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Third Party Service Providers we work in association with:
We work closely with various third party product providers to bring you services designed to help you to manage your business and finances. When you enquire about or enter into a contract with one of these service providers, the relevant third party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. In some cases, they will be acting as a data controller of your information and therefore we advise you to read their Privacy Policy. These third party service providers will share your information with us which we will use in accordance with this Privacy Policy.
How you can access and update your information:
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email or write to us, or call us using the ‘Contact information’ noted below.
You have the right to ask for a copy of the information CJ Ramsay & Associates holds about you.
Data security
We have put in place appropriate and proportionate security measures to address the risk of personal data being lost, used, altered or accessed in an unauthorised way. We limit access to personal data to those who have a business need to access it, and who will only process the personal data on our instructions.
​
Whilst we strive to protect your personal information, we take steps to ensure that it’s treated securely. Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. We cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
​
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Use of 'cookies'
The CJ Ramsay & Associates website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. This helps us to improve our website and deliver a better more personalised service.
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies off may result in a loss of functionality when using our website.
Links to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of the UK
Your data will usually be processed in our offices in the UK. However, to allow us to operate efficient digital processes, we may transfer personal data that we collect about you to servers located outside the UK, within the European Economic Area (EEA) or the United States. We take the security of your data seriously and so all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.
Before agreeing to transfer data outside of the UK, we check to ensure there are adequacy regulations under the Data Protection Act 2018 in relation to each country. This ensures that their regulations will be deemed to provide an adequate level of protection for your personal information for the purpose of the UK Data Protection Legislation.
Where there are no adequacy regulations, we have binding contractual agreement with the relevant third parties to ensure that your personal data is treated by those third parties in a way that is consistent with and which respects the UK Data Protection Legislation.
Your choices
We may occasionally contact you by post / email / telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated under ‘Contact information’ below.
We will not contact you for marketing purposes by email, phone, post or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us.
Requesting information held about you (the right to access)
Requests to see records and other related information that the firm holds about you are known as ‘subject access requests’ (SAR). We have set out further details on SARs below.
Requests in writing
Please provide all requests in writing to the individual at the top of this notice. To help provide the information on a timely basis you may need to provide copies of id and proof of address.
Asking someone else to make a subject access request on your behalf: You can ask someone else to request information on your behalf – for example, a friend, relative or solicitor. We must have your authority to do this. This is usually a letter signed by you stating that you authorise the person concerned to write to for information about you, and/or receive our reply.
When we won’t release information
The law allows us to refuse your request for information in certain circumstances – for example, if you have previously made a similar request and there has been little or no change to the data since the original request.
The law also allows us to withhold information where, for example, release would be likely to:
-
prejudice the prevention or detection of crime
-
prejudice the apprehension (arrest) or prosecution of offenders
-
prejudice the assessment or collection of any tax or duty
-
reveal the identity of another person, or information about them.
Where we are unable to consent to your request we will set out the reasons in writing.
Putting things right (the right to rectification)
Should information you have previously supplied to us be incorrect, please inform us immediately so we can update and amend the information we hold.
​
Deleting your records (the right to erasure)
In certain circumstances it is possible for you to request us to erase your records and further information is available on the ICO website (www.ico.org.uk). If you would like your records to be erased, please inform us immediately and we will consider your request. In certain circumstances we have the right to refuse to comply with a request for erasure and if applicable we will supply you with the reasons for refusing your request.
​
Restrictions on processing (the right to restrict processing and the right to object)
In certain circumstances you have the right to ‘block’ or suppress the processing of personal data or to object to the processing of that information. For further information refer to the ICO website (www.ico.org.uk). Please inform us immediately if you want us to cease to process your information or you object to processing so that we can take the appropriate action.
​
Withdrawal of consent
Where you have consented for us to contact you with details of other services we provide we may continue to process your data and contact you for that purpose after our contractual relationship ends. You may withdraw consent for the firm to contact you in relation to details of other services we provide at any time during the performance of the contract or thereafter. We will then cease to process your data but only in connection with contacting you with details of other services we provide. Note that the withdrawal of consent does not make the other bases on which we are processing your data unlawful. We will therefore still continue to process your data under the terms of our contract and for other reasons set out in this privacy notice.
Obtaining and reusing personal data (the right to data portability)
The right to data portability only applies:
-
to personal data an individual has provided to a controller;
-
where the processing is based on the individual’s consent or for the performance of a contract; and
-
when processing is carried out by automated means
You may be able to request your personal data in a format which enables it to be provided to another organisation. We will respond to any requests made without undue delay and within one month. We may extend the period by a further two months where the request is complex or a number of requests are received but we will inform you within one month of the receipt of the request and explain why the extension is necessary
.
Please contact us in any of the ways set out in ‘Contact information’ below if you wish to exercise any of these rights.
Changes to our privacy notice
We keep this privacy notice under regular review and will place any updates on www.cjramsayaccountants.co.uk
This privacy notice was last updated on 31 March 2022.
Contact information
The accuracy of your information is important to us.
If you change email address, or any of the other information we hold is inaccurate or out of date, please
email us at: office@cjramsay.co.uk
Alternatively, you can telephone us on 07989 390914
​