PRIVACY NOTICE  - CLIENTS

The Privacy Worx Ltd (including associated undertakings and licensees) is committed to protecting and respecting your privacy.

This notification sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

For the purpose of data protection legislation, including the UK Data Protection Act 2018, the UK General Data Protection Regulation (GDPR), the UK Privacy and Electronic Communications Regulations 2003 (PECR), and other applicable legislation, The Privacy Worx Ltd, including all subsidiaries, is a

controller and our contact details are:


71-75 Shelton Street

Covent Garden

London

WC2H 9JQ

Information we collect

Personal information is any information that can be used to identify a living individual. When contracting with us for our services, we collect your name and contact details, job title, bank details (only if Sole Traders or Partnerships).

Source of Information

We may receive and process information about you from:

  • yourself (data you provide)

  • ourselves (data we generate)

Lawful Basis

Our lawful basis for processing this data is: 

  • our contract with you for the provision of Data Protection & Privacy compliance or other related services;

  • our legal obligations (including our obligations under the Finances Act 2008)

The consequences for you if we are unable to process this data would be:

we would not be able to continue to provide the contracted services or would not be able to provide the same quality of service.

Retention

Any data related to payments between us will be retained for 7 years to conform with our legal obligations regarding record keeping under the Finance Act 2008. 

Other data may be kept for up to 7 years from termination of the contract in case there are queries, unless you request that we delete the data beforehand.

Recipients

To the extent that is necessary to meet our legal obligations and manage and satisfy our contract with you, your data may be shared with:

  • our software and IT Solutions Partners

  • bankers (sole traders, partnerships)

  • other professional advisors or suppliers (at your request)

Uses made of the information

We use information hold about you in the following ways:

  • to communicate with you

  • to provide the contracted services

Disclosure of your information

Where we may occasionally be required to disclose certain information to additional third parties. We will disclose data only when and to the extent that we have a legal obligation to do so.

Such third parties may include:

  • law enforcement (by warrant or subpoena)

  • courts, tribunals or other judicial bodies

Transfer outside the UK

We may transfer your data to cloud or software service providers who may store or process your data outside the UK. 

Where we do this, we will only transfer personal data using lawful transfer mechanisms and if there are adequate protections in place to ensure that your rights and freedoms are protected, and UK data protection legislation is not undermined.

At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted or anonymised and or turned into statistical or analytical data.

Your rights

Data protection legislation states that you have the following qualified rights regarding your personal data:

  • Access – you may request we provide you with the data we hold

  • Rectification – you may request we correct any inaccurate data

  • Erasure – you may request we erase your data

  • Restriction – you may request we stop processing your data but retain it

  • Portability – you may request we provide you or a nominated party with your data in a commonly used, structured and machine-readable format

You can exercise your rights in relation to the personal data processed by us at any time by using the postal address above or by contacting us at dpo@theprivacyworx.com

If you wish to object to the processing or make a complaint about how we have handled your personal data, please email dpo@theprivacyworx.com and we will investigate the matter.

If you are not satisfied with our response or believe we are not processing your data in accordance with the law, you can contact a National Data Protection Authority which, in the UK is the Information Commissioner’s Office.

Reviewing of this Privacy Notice

In the future, we may revise this Privacy Policy and make changes, if necessary. If we do, we’ll let you know about any material changes, either by notifying you on this website or by sending you an email, which you have provided us.