We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Who we are
Abbey Taylor Ltd collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
The personal information we collect and use
Information collected by us
In the course of activities on our clients’ behalf we collect the following personal information when you provide it to us:
- the name, address, National Insurance number, passport number and/or driving licence number and contact information of our clients
- information relating to the situation our clients are in so far as necessary to understand the issue for which we are instructed.
Information collected from other sources
We also obtain personal information from other sources as follows:
- name, address and date of activity
- name, address and value of shares, accounting information, and obligations entered into documents relating to a company in which you and/or others has an interest from Companies House.
- name, address and date of birth from third-party data collectors.
How we use your personal information
We use your personal information to:
- verify the validity of the identity information given by you or on your behalf;
- register property and share transfers if applicable;
- obtain insurance;
- engage in dispute resolution and court proceedings;
- negotiate with third parties;
- submit tax returns and other necessary or legally required forms to public authorities and government organisations;
- comply with our legal and regulatory obligations;
- carry out other activities ancillary to providing services.
Who we share your personal information with
We routinely share your name and proposed address details with our third party suppliers, such as those who provide search information. For a list of our third party suppliers please contact us. This data sharing enables us to provide you with a high quality service and comply with our legal and regulatory obligations as follows:
|Who information is shared with||Reason for sharing information|
|Search providers||· to enable you to rely on insurance backed search results|
|Identity verification providers||to prevent fraud and to comply with our legal and regulatory obligations|
|The courts||· to enable procedural requirements to be complied with in cases where proceedings are intended or have been issued.
· Where a case is filed in court on your behalf.
|Creditors||· to enable us to liaise with 3rd Party’s
· Accountants; PPI claims company’s, Licencing Agency’s and Agents acting on behalf of Clients.
|Our authorising bodies and accountants||
|The owners and operators of our case management software||
|Our email provider (with consent)||
Some of those third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’. We will share personal information with law enforcement or other authorities if required by applicable law. We will not share your personal information with any other third party.
Whether information has to be provided by you, and if so why
The provision of name, address, driving licence/passport and verification of address is required from you to enable us to comply with our regulatory obligations as we are required to positively identify our client. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
How long your personal information will be kept
We will hold name address and contact details, and information relating to any matter for which we have been instructed for the period we are required to retain this information by applicable UK tax law (currently 6 years)). Our case management systems provider will keep the file in an encrypted form for 7 years following closure of our account with them, unless we request its destruction before then.
Reasons we can collect and use your personal information
We rely on the following as the lawful basis on which we collect and use your personal data
|REASON||Provision in the GDPR|
|processing is necessary for the performance of a contract or to take steps at your request before entering into a contract. Most of the data we hold on your behalf will fall within this category.||Article 6.1 (b)|
|processing is necessary for compliance with a legal obligation to which we, as the controller of that data, are subject.||Article 6.1(c)|
|processing is necessary for protecting your vital interests or those of another natural person.||Article 6.1(d)|
|processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, as the controller of that data.||Article 6.1(e)|
|processing is necessary for the purposes of the legitimate interests pursued by us, as the controller of that data or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.||Article 6.1(f)|
|In the context of personal data racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation processing of personal data is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.||Article 9.1(f)|
Our legitimate interests are to continue trading as Insolvency Practitioners. In order to do so, we are required to undergo compulsory audits and as a result our accounts and files are subject to inspection by third party auditors – ICAEW.
Consequences of our use of your personal information
We are able to provide you with a high quality INSOLVENY service.
Transfer of your information out of the EEA
Communication by email does not follow a defined path across the Internet and therefore personal data may be received by third parties in countries which are not within the EEA. Such countries do not have the same data protection laws as the United Kingdom and EEA. For that reason, communication with you or others who are involved in your case or who may be contacted by us in relation to it by email requires your consent. Otherwise, we will not transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
- claim compensation for damages caused by our breach of any data protection laws]
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation. If you would like to exercise any of those rights, please:
- email, call or write to us
- let us have enough information to identify you,
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let us know the information to which your request relates, including any account or reference numbers, if you have them
If you would like to unsubscribe from any [email newsletter] you can also click on the ‘unsubscribe’ button at the bottom of the newsletter. It may take up to 21 days for this to take place.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information. The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice was published on 17 May 2018. We may change this privacy notice from time to time, when we do we will inform you via email, text, post or fax, depending on your preferences.
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you. If you wish to contact us, please: email Abbey Taylor, or write to The Manager c/o Abbey Taylor Ltd No.6, Twelve O’Clock Court, 21 Attercliffe Road, Sheffield S4 7WW.
Or call on 01142922402 or FAX on 01142922403
Do you need extra help?
If you would like this notice in another format (for example: audio, large print,) please contact us (see ‘How to contact us’ above).