Privacy policy

Business Accounting and Taxation (Bath) Ltd. hereinafter referred to as BATB is committed to protecting the privacy of personal data under the new General Data Protection Regulation (GDPR) (May 2018). BATBis registered with the Information Commissioners Office (ICO), which is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

1. Personal Data

This is any personal data you share with us, and could include: your name, your postal address, your email address and your telephone number. This may be used for the following purposes:

  • to respond to your queries;
  • to provide services where requested;
  • to keep you informed about our work, news and offers;
  • to measure trends in the visitors to our website and to improve the web experience for our visitors.

You have the right to request to see, amend or remove any personal information we hold about you. See section 2: Your Rights below.

Confidentiality and data protection

We do not sell or swap your details with any third parties. If further services are required your explicit consent will be required before being actioned. We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. This includes a designated Data Controllerand Data Protection Officer who are responsible for the safeguarding of your personal data.

Special category data

BATB will not store or process special category data.

Legal basis (or bases)

The legal bases on which we process your data are as follows: Consent. We require your consent to store and utilise your data. Each form you complete will have a consent agreement statement. We may use this data to inform you of other books which may be of interest to you.

Contract

By entering into an agreement with BATByou understand that we will store and process such data as you provide on application. Article 6(1)(b) GDPR. Legal Obligation. We have an obligation under the Financial Services legislation in UK to report certain data to official bodies such as HMRC. You will be informed of this whenever possible. Article 6(1)(c) of GDPR.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. Breach Notification

A personal data breach may mean that someone other than the data controller gains unauthorised access to personal data. However, a personal data breach can also occur if there is unauthorised access within an organisation, or if a data controller’s own employee accidentally alters or deletes personal data.

All breaches of the GDPR are to be reported without undue delay to the Information Commissioners Office (ICO) within 72 hours, unless the breach is unlikely to result in any risk to the rights and freedoms of data subjects, and to the data subjects without undue delay unless a specified exemption applies.

Notifications to the data subjects will provide name and contact details of the data controller where more information can be obtained, the likely consequences of the personal data breach and the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

2. Your Rights

Data Subject Rights and Subject Access Requests BATB is fully committed to respecting individuals’ rights including access to personal information held about them in accordance with Article 17 of the GDPR.

Subject access rights

Any individual who makes a valid subject access request is entitled to be:

  • told whether their personal data is being processed;
  • given a description of the personal data, reason for processing and whether it has been shared with any other organisations or persons;
  • given details of the source of the data (where this is available);
  • given the right to rectify, object to, or restrict processing of personal data;
  • given the ‘right to be forgotten’ as set out in Article 17 of the GDPR; and,
  • given details of how long their information will be retained for.

Individuals are only entitled to their own personal data, and not to information relating to other people, unless they are acting on behalf of that person. In these circumstances, written consent will be required.

Full details on individuals rights can be found on the ICO website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ Exempt information

BATBmay not be able to release some information. Information which is exempt from a subject access request includes:

  • personal data where disclosure could prejudice the prevention or detection of crime; and,
  • personal data identifying another person (a third party) whose details cannot be disclosed without their permission.

How to make a request

In order to make a valid subject access request the following must be provided:

  • a clear written request by letter or email.

Proof of identification may be requested to ensure that the personal information requested is provided to the right person.

BATB Ltdwill comply with requests for access to personal information within one month, as required by the Act. All subject access requests should be addressed to:

The Data Controller, Business Accounting and Taxation (Bath) Ltd, 3 Edgar Buildings, George Street, Bath, BA1 2FJ

Email: gladys@gladysyow.com

Changes to this policy

BATBreserves the right to make any changes to this Privacy and Data Protection Policy, and other aspects of this site at any time. Please check this page regularly for any changes. Policy updated:18/05/2018

Policy review date:18/05/2019