Privacy Policy

Scope

This policy is intended to provide you with important information about how we process your personal data. This includes details of what personal data we hold, how we store it, what we do with it, why we hold it and how long we hold it for. 

The contents policy apply to both clients and prospective clients of Lewis Ball and Co. In order to provide you with the services detailed in our letter of engagement Lewis Ball and Co, must hold and process personal data. We use this information to; conduct Customer Due Diligence checks that we are obliged to conduct under law; meet our obligations detailed under our letter of engagement; and, provide you with any additional services we may agree with you to provide. 

We hold your personal data on cloud-based accountancy software provided by Taxfiler, our outlook emails systems, as spreadsheets stored locally on our computers and, in some instances, as physical printouts stored in locked filing cabinets. 


What is personal data?

Personal data relates to any information about a natural person that makes you identifiable which may include (but is not limited to):


  • Names and contact information i.e. emails and telephone numbers
  • National Insurance Numbers
  • Employment History
  • Personal Tax
  • Payroll and accounting data


What is sensitive personal data?

Sensitive personal data refers to the above but includes genetic data and biometric data. For example:


  • Medical Conditions
  • Religious or philosophical beliefs and political opinions
  • Racial or ethnic origin
  • Convictions
  • Biometric data (e.g. phot in an electronic passport)


What is a Data Controller?

For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.

The data controller is Lewis Ball & Co, William House, 32 Bargates, Christchurch, Dorset BH23 1QL.

The data protection officer is Dawn Wilson, who can be contacted at the above address or on dawn@lewisball.co.uk or by calling 01202 475252.


What is a Data Processor?

A “data processor” is a person or organisation which processes personal data for the controller.


What is Data Processing?

Data processing is any operations or set of operations performed upon personal data, be it by automated systems or not. 


What information do we collect about you and how?

Lewis Ball & Co, as a Data Controller, is bound by the requirements of the General Data Protection Regulations (GDPR).You agree that we are entitled to obtain, use and process the information you provide to us to enable us to discharge the Services (as detailed in our Letter of Engagement and supporting Schedules) and for other related purposes including:


  • Updating and enhancing client records
  • Analysis for management purposes
  • Carrying out credit checks in relation to you
  • Statutory returns
  • Legal and regulatory compliance
  • Crime Prevention

Use of cookies

Cookies are small files saved to the user's computer's hard drive that track, save and store information about the user's interactions and usage of the website, through its server to provide the users with a tailored experience within this website.

We do not use cookies to collect information that identifies you personally.

This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer's hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.

Should users wish to deny the use and saving of cookies from this website onto their computer's hard drive, they should take necessary steps within their web browser's security settings to block all cookies from this website and it's external serving vendors.


How will we use the information about you and why?

At Lewis Ball & Co we take your privacy seriously and will only use your personal information to provide the Services you have requested from us, detailed in your Letter of Engagement and supporting schedules. We will only use this information subject to your instructions, data protection law and our duty of confidentiality.

Our lawful reasons for processing your personal information will be “legitimate interests” (we can process your personal data if we have genuine and legitimate reason and we are not harming any of your rights and interests) or “A contract with the individual” (to supply goods and services you have requested).

We may receive personal data from you for the purposes of our money laundering checks, such as a copy of your passport. This data will only be processed for the purpose of preventing money laundering and terrorist financing, or as otherwise permitted by law or with your express consent.

Our work for you may require us to pass your information to other third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing the Services to you on your behalf. 


How long will we hold your data?

During the course of our relationship with you we will retain personal data which is necessary to provide services to you.

We will take all reasonable steps to keep your personal data up to date throughout our relationship.

We reserve the right to retain data for as long as is required thereafter where we believe it is in our legitimate interests to do so.

You have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.


How can I access the information you hold about me?

Your rights under the Data Protection Act are as follows:


1. The right to be informed

2. The right of access

3. The right to rectification

4. The right to erasure

5. The right to restrict processing

6. The right to data portability

7. The right to object

8. Rights in relation to automated decision making and profiling


Please note that you have the right to request the above, however, when we receive your request we may object to your request if we do not agree with it. In such a case we will notify you by email and ask for your comments about our decision.

We will however inform you if the request has been granted or not.

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email our Data Protection Officer on dawn@lewisball.co.uk or write to us using the contact details noted below. You will be required to complete a Subject Access Request form and provide us with proof of your identity in order for us to comply with your request and depending on the work involved a charge might be made.

We have an obligation to ensure that your personal information is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.


What can you do if you are unhappy with how your personal data is processed?

You also have a right to lodge a complaint with the supervisory authority for data protection. In the UK this is:


Information Commissioner’sOffice 

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF


Changes to our privacy policy

We will keep our privacy policy under regular review and we will inform you of any changes when they occur. This privacy policy was last updated on 21st May 2018.


How to contact us

Please contact us if you have any questions about our privacy policy or information we hold about you: 


by email at enquiries@lewisball.co.uk


Or write to us at:


Lewis Ball & Co

William House

32 Bargates

Christchurch

Dorset

BH23 1QL