“We'd love to help you and your business make more, keep more and pass more on. To find out if any of our services can help your business take a look around our site or call us as we'd love to talk about your business”
The Profit Key 2018 Ltd (“we”, “our”, “us”) respects your privacy. We understand that how your personal data is used and shared matters to you, and we take the privacy of those who use our services very seriously.
Glossary of Terms
What is personal data?
Personal data relates to any information about a natural person that makes you identifiable which may include (but is not limited to):
Names and contact information ie e-mails and telephone numbers
National Insurance Numbers
Payroll and accounting data
What is sensitive personal data?
Sensitive personal data refers to the above but includes genetic data and biometric data. For example:
Religious or philosophical beliefs and political opinions
Racial or ethnic origin
Biometric data (eg photo in an electronic passport)
What is a Data Controller?
For General Data Protection Regulation purposes, the “Data Controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed and is bound by the requirements of the GDPR.
The Data Controller is The Profit Key 2018 Ltd,10 Lower Church Street, Ashby de la Zouch, Leics, LE65 1AB.
The Data Protection Officer is Ian Rodgers, Director (please refer to ‘Contact Details’ at the end of this Policy).
What is Data Processing?
Data processing is any operation or set of operations performed upon personal data, or sets of it, be it by automated systems or not. Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.
What do we mean by Business to Business?
Plc, Ltd, LLP incorporated partnerships, trusts and foundations, local authorities and government institutions.
What do we mean by Business to Consumer?
Private clients, sole traders, unincorporated partnerships, trusts and foundations.
What information do we collect about you and how?
You agree that we are entitled to obtain, use and process the information you provide to us to enable us to discharge the Services (as defined in our Letter of Engagement and supporting Schedules) and for other related purposes including:
Updating and enhancing client records
Analysis for management purposes
Carrying out credit checks in relation to you
Legal and regulatory compliance
We collect information about you when you fill in the form on our website ‘contact us’.
How will we use the information about you and why?
At The Profit Key 2018 Ltd we take your privacy seriously and will only use your personal information to provide the Services you have requested from us, detailed in your Letter of Engagement and supporting Schedules and as we have identified above. We will only use this information subject to your instructions, data protection law and our duty of confidentiality.
For Business to Business Clients and Contacts our lawful reason for processing your personal information will be “legitimate interests”. Under “legitimate interests” we can process your personal information if: we have a genuine and legitimate reason and we are not harming any of your rights and interests.
For Business to Consumer Clients and Contacts our lawful reason for processing your personal information will be “A contract with the individual” eg to supply goods and services you have requested, or to fulfil obligations under an employment contract. This also includes steps taken at your request before entering into a contract.
We may receive personal data from you for the purposes of our money laundering checks, such as a copy of your passport. This data will only be processed for the purposes of preventing money laundering and terrorist financing, or as otherwise permitted by law or with your express consent.
Our work for you may require us to pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing the Services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the Services and we have contracts in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We collect information on our website to process your enquiry. We will not share your information for marketing purposes with companies so that they may offer you their products and services.
Persons/Organisation to whom we may give personal data
We may share your personal data with:
Any third parties with whom you require or permit us to correspond
An alternate appointed by s in the event of incapacity or death
Tax insurance providers
Professional indemnity insurers
Our professional body (ACCA) and/or the Office of Professional Body Anti-Money Laundering Supervisors (OPBAS) in relation to practice assurance and/or the requirements of MLR 2017 (or any similar legislation).
If the laws allow or requires us to do so, we may share your personal data with:
The police and law enforcement agencies
Courts and tribunals
The Information Commissioner’s Office (“ICO”)
You have certain rights as a data subject under the General Data Protection Regulation (GDPR), which governs the collection, processing and disposal of personal data by organisations such as ours.
In relation to personal data about you, you have the right:
to be informed about how and why we collect and use the data
to be given access to the data we hold
to have any inaccurate or incomplete data rectified
to ask us to delete personal data, earlier than we might already dispose of it
to prevent us from processing the data further
to object to us using the data for particular purposes
We provide contact details at the end of this Policy for you to use if you have any complaint about our processing of your personal data. If you are not satisfied with the way we deal with this issue, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), which is the body in charge of supervising personal data use in the UK.
How and where do we store your data?
We will only keep your data as long as we need it for the purpose(s) for which it is collected, and/or for as long as we have your permission to hold it. Your data will only be stored in the UK.
Retention of personal data
When acting as a data controller and in accordance with recognised good practice within the tax and accountancy sector we will retain all of our records relating to you as follows:
where tax returns have been prepared it is our policy to retain information for 6 years from the end of the tax year to which the information relates
where ad hoc advisory work has been undertaken it is our policy to retain information for 6 years from the date the business relationship ceased
where we have an ongoing client relationship, data which is needed for more than one year’s tax compliance (e.g. capital gains base costs and claims and elections submitted to HMRC) is retained throughout the period of the relationship, but will be deleted 6 years after the end of the business relationship unless you as our client ask us to retain it for a longer period.
Our contractual terms provide for the destruction of documents after 6 years and therefore agreement to the contractual terms is taken as agreement to the retention of records for this period, and to their destruction thereafter.
You are responsible for retaining information that we send to you (including details of capital gains base costs and claims and elections submitted) and this will be supplied in the form agreed between us. Documents and records relevant to your tax affairs are required by law to be retained by you as follows:
Individuals, trustees and partnerships:
with trading or rental income: five years and 10 months after the end of the tax year
otherwise: 22 months after the end of the tax year.
Companies, LLPs and other corporate entities
six years from the end of the accounting period.
Where we act as a data processor as defined in DPA 2018, we will delete or return all personal data to the Data Controller at the termination of the contract.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees’ agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Accessing your data
You are entitled to make a Subject Access Request under the GDPR. This means that you may request a copy of any personal data we hold about you, free of charge. We will provide any or all information in response to your request if you contact us on Ian Rodgers, Director, the Profit Key 2018 Ltd, (please see ‘Contact Details’ at the end of this Policy).
We do not guarantee that any email sent to us will be received or that the contents will remain private during transmission. If you are concerned about this please consider other means of communication. You are responsible for ensuring any electronic message or information you send to us is free from any virus or defect that may harm our systems in any way.
An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. The Profit Key 2018 Ltd does not have access to any personal identifiable information and we would never seek this information. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have from particular regions.
Amending the Policy
We may change this policy from time to time, in response to changes in the law or for operational reasons and the updated policy will be published on our website.
If you have any questions about this Policy, or you wish to make a Subject Access Request, then please contact us as follows, making your request or query clear:
Telephone: 01530 416555
Postal address: The Profit Key 2018 Ltd, 10 Lower Church Street, Ashby de la Zouch LE65 1AB.