My contact details
Email: susan1hall @icloud.com
Telephone: 01223 305704
My GDPR registration numbeZA108527
The personal information I collect.
I currently collect and process the following information:
How I obtain your personal information and use it.
All the personal information I process is provided to me directly by you for the following reasons:
So that I can contact you by phone to arrange a preliminary discussion to decide whether an initial consultation is appropriate.
So that I can meet HMRC requirements regarding my invoices to you
So that I can contact you if a session time needs to be changed.
So that my trustees can contact you in the event of death or a serious illness.
The lawful basis I rely on for processing this information.
Under the UK General Data Protection Regulation (UK GDPR), the lawful basis I rely on is contractual obligation.
Third party with whom I share your personal data.
At the end of the fiscal year, the following documents containing your personal information are passed to my firm of accountants:
A copy of your invoices containing your name and address
An income spreadsheet listing your name
My business bank statement with entries containing your name
My accountant is:
Moore Chartered Accountants
Minerva Business Park
Moore is GDPR registered and compliant with GDPR data protection requirements.
How I store your personal information and for how long.
Your information is securely stored.
Invoices are stored in a locked cabinet and kept for 5 years after the relevant tax year in accordance with HMRC regulations. After this period, they are shredded.
Bank statements are stored in a locked cabinet and on the HSBC business website which is security protected by HSBC. Hard copies will be shredded after 5 years.
An Excel income spreadsheet which contains your name in its listings is stored on my computer via iCloud for 5 years in compliance with HMRC. This is password protected on my computer as well as by Apple security updates and Malwarebytes.
Your emails and your email address are stored on my computer for 5 years and then deleted. This information is protected by password and biometrics as well as by Apple security and Malwarebytes.
Your data protection rights
Under data protection law, you have rights which include:
Your right of access- you have the right to ask me for copies of your personal information.
Your right to rectification- you have the right to ask us to rectify personal information you think is inaccurate.
Your right to erasure- You have the right to ask me to erase your personal information in certain circumstances.
Your right to restriction of processing- you have the right to ask me to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – you have the right to ask me to restrict the processing of your personal information in certain circumstances.
Your right to data portability- You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, I have one month to respond to you.
Please contact me at email@example.com if you wish to make a request.
How to complain
If you have any concerns about my use of your personal information, you can make a complaint to me at firstname.lastname@example.org
You can also complain to the ICO if you are unhappy with how I have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk