1. PKF Cooper Parry LLP and its subsidiary companies (although we'd usually refer to ourselves as "the business", "we" or "us") take the protection of your privacy seriously.
We’ll only use your personal data for two reasons: 1) to deliver the products and services you’ve requested from us, and 2) to meet our legal responsibilities.
2. We’d collect personal data about you when:
3. Here’s the kind of information we might keep hold of:
4. How we use personal data we hold about you
We may process your personal data:
We might use your personal data for more than one of these purposes at the same time.
We might use your personal data to:
5. How long do we keep your personal data?
We’ll hang on to personal data after we have used it, as set out below.
When assessing how long we keep your personal data, we think about:
We’ll keep your data for six years too – even if we stop working with you
Legislation, regulations and our professional indemnity insurers ask us to retain your data after we’ve stopped acting for you. The period of data retention varies but it’s typically five or six years. So, we keep it for six just to make sure. Where we can, we measure how long we keep the data from the end of the accounting period to which it relates.
6. Where there’s a change of purpose
If we need to use your data for another purpose other than the reason we collected it, we’ll only do this if the new purpose is compatible with the original one.
If we think it’s necessary to use your personal data for a new purpose, we’ll let you know and tell you about the legal side of things before we start any new processing of your data.
7. Who has access to your personal data?
We won’t sell or rent your information to third parties.
We won’t share your information with third parties for marketing purposes.
Any of our people with access to your information have a duty of confidentiality. These fall under the ethical standards, which we’re all required to follow.
8. People (or “Third Party Service Providers”) working on our behalf
In some cases, we use other people (or what we call “third party service providers”) to deliver professional advice and cloud-based information storage facilities.
Whenever we use third party service providers, we disclose only the personal information that’s necessary to deliver the service. We also have a contract in place that requires them to keep your information secure and not to use it for their own purposes.
All of our third party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data.
We’ll not release your information to other third parties unless you’ve requested that we do so, or we’re required to do so by law. For example, by a court order or for the purposes of prevention and detection of crime, fraud or corruption.
9. Security measures in place to prevent the loss, misuse or alteration of your personal data
We’ve put security measures in place to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They’ll only process your personal data on our instructions and they’re subject to a duty of confidentiality.
We’ve put procedures in place to deal with any suspected data security breaches. If this happens, we’ll notify you and any applicable regulator of a suspected breach where we’re legally required to do so.
Your data will usually be processed in our offices in the UK. However, to allow us to operate efficient digital processes, we sometimes need to store information in servers located outside the UK. When we do this, your data remains within the European Economic Area (EEA). We’d never transfer your data to somewhere outside the EEA.
10. Your duty to inform us of changes in your personal data
It’s important that the personal data we hold about you is accurate and current. If it changes, please let us know of any changes of which we need to be made aware by getting in touch with your usual PKF Cooper Parry contact or using the contact details below.
11. Your rights in connection with personal data
Under certain circumstances, by law you have the right to:
If you wish to exercise any of these rights, please get in touch with us. Our contact details are below.
It’s worth mentioning: you won’t have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. It’s not like us, but we might even decline to comply with the request in such circumstances.
Also, to confirm your identity, we might need to request specific information from you. This is to ensure your right to access the information or to exercise any of your other rights, and to make sure your personal information isn’t disclosed to anyone who has no right to receive it.
12. Your right to withdraw consent
You have the right to withdraw your consent for us to collect, process and transfer your data at any time. This applies to specific circumstances too, where you might’ve provided your consent. To withdraw your consent, please get in touch using the contact details below.
Once we’ve received notification that you’ve withdrawn your consent, we’ll no longer process your personal data for the purpose or purposes you originally agreed to. That’s unless we have another legitimate basis for doing so.
13. Changes to this privacy notice
We keep this privacy notice under regular review and will place any updates on our website at www.pkfcooperparry.com/privacy-notice. You can get paper copies of this privacy notice by sending an email to firstname.lastname@example.org.
This privacy notice was last updated on 16 May 2018.
14. Contact details
If you have any questions regarding this notice or if you’d like to speak to us about how we process your personal data, please email our Professional Standards Partner, Edward Rands, on email@example.com.
You also have the right, at any time, to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. Here are the ICO’s contact details:
Information Commissioner's Office
Telephone: (0303) 123 1113 (local rate) or (01625) 545 745