At Peers and Associates, we take your privacy seriously. This policy (together with our terms of business notice) sets out the basis on which we Peers and Associates Limited, will process any personal data we collect from you, or which you provide to us.
Personal data relates to any information about a natural person that makes you identifiable which may include (but is not limited to):
- Names and contact information ie emails and telephone numbers
- National Insurance Numbers
- Employment history
- Employee numbers
- Credit History
- Personal tax
- Payroll and accounting data.
For the purpose of accountancy, we act as the data controller. For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.
The data controller is Peers & Associates Limited, 18 Hardys Drive, Hardys Gate, Manchester, M26 2TL Registered Company number 08352484 .
For the purposes of payroll, we act as the data processor, using information supplied to us by your employer – the data controller. A “data processor” is a person or organisation which processes personal data for the controller.
Data processing is any operation or set of operations performed upon personal data, or sets of it, be it by automated systems or not. Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.
We aim to keep personal information secure to ensure that we comply with our obligations under the Data Protection Act 1998 (the DPA) and the General Data Protection Regulation (the GDPR) from May 2018.
Should you have any concerns about your privacy or the personal information we hold, then please do not hesitate to contact us by telephone or by email at email@example.com .
- We’ll only collect and use your information where we have lawful grounds and legitimate business reasons to do so.
- We’ll be transparent in our dealings with you and tell you how we’ll collect and use your information.
- If we collect your information for a particular purpose we’ll only use it for that purpose, unless you’ve been otherwise informed and given your permission where relevant.
- We won’t ask for more information than we need for the purposes for which we’re collecting it.
- We’ll update our records when you tell us that your details have changed.
- We’ll periodically review your personal information to ensure we don’t keep it for longer than is necessary.
- We’ll ensure that your information is securely disposed of at the end of the appropriate retention period.
- We’ll observe your rights under applicable privacy and data protection laws and will ensure that queries relating to privacy issues are dealt with promptly and transparently.
- We’ll train our staff on their privacy obligations.
- We’ll ensure we have appropriate physical and technological security measures to protect your information regardless of where it’s held.
When you use our services, there are a number of ways in which you provide information and other data to us. You may give us information about yourself by filling in forms, providing information and feedback or by corresponding with us by phone, email or otherwise. By using our services, you consent to us processing and collecting this data, on the terms and for the reasons which are explained in our terms of business and engagement letters.
HOW YOUR INFORMATION IS USED
We may use your information:
- to carry out our obligations under any contracts between you and us, and provide you with services and information that you request from us
- to provide you with information about other services we offer that are similar to those you’ve already enquired about or received
- to provide you with information that you have consented to receive
We will not use your data for marketing purposes or share your data with any third party marketing companies without your permission.
For Business to Business Clients and Contacts our lawful reason for processing your personal information will be “legitimate interests”. Under “legitimate interests” we can process your personal information if: we have a genuine and legitimate reason and we are not harming any of your rights and interests.
For Business to Consumer Clients and Contacts our lawful reason for processing your personal information will be “A contract with the individual” eg to supply goods and services you have requested, or to fulfil obligations under an employment contract. This also includes steps taken at your request before entering into a contract.
We will retain and process your personal information for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
In terms of payroll provision, your employer is ultimately responsible for the accuracy of any data that they pass onto us for processing. Please report any concerns directly to them so they can update the information and pass onto us accordingly if relevant.
All information you provide to us is stored on our secure servers electronically and in secured paper files. We use appropriate procedures and security features to try to prevent unauthorised access. We have checked the privacy and security policies with our software providers to ensure the safety or any data that we hold about you.
Unfortunately, the transmission of information via the internet isn’t completely secure. Although we endeavour to protect your personal data, we can’t guarantee the security of data transmitted over the internet. Any transmission of data is at your own risk.
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to third parties in the following circumstances: –
- to any prospective seller or buyer of all (or part of) our business or assets;
- The Pensions Regulator (TPR) and/or other regulatory or governing bodies for the purposes of compliance monitoring
- government bodies, departments or other third parties, and departments for research and statistical purposes such as HM Revenue & Customs, the Department for Work and Pensions, Direct Earning Attachment providers
- third-party processors including pension such as NEST and the People’s Pension
- If we are required to do so by law, any applicable regulatory and statutory obligations or to protect the rights, property, or safety of ourselves or others. This may include disclosing to other companies and organisations in connection with illegal activities, fraud protection and credit risk reduction or situations involving potential threats to the physical safety, property or rights of any person
- any third party where you’ve given your consent.
ACCESS TO INFORMATION
You have the right to access the information which we hold about you. If you wish to exercise this right, please send your request to firstname.lastname@example.org . We will reply within at least one month.
From 25 May 2018, depending on the circumstances, you may also have the right to:
- request erasure of personal information we hold about you
- request restriction of processing of such information
- object to the processing of such information
- request a copy of such information in a portable format
If you have concerns about the way we handle your personal data, you can contact the ICO or raise a complaint. Any breaches of personal data that are detected or reported to us, will be investigated as a matter of urgency and reported to the ICO within 72 hours for assistance.
We may occasionally amend this privacy notice to keep it up to date or to comply with legal requirements. You should regularly check this privacy notice for updates.