At JFA we value our clients' privacy and are committed to keeping data safe. This notice descibes how we collect and use personal data about our clients and in certain circumstances, for example when we provide payroll services, their employees, in accordance with the General Data Protection Regulations ( GDPR ).
JFA Chartered Accountants is the practice name of JFA Accountancy Limited, a limited company registered in England and Wales under number 04930568 and our registered office is at 24 Foregate Street, Worcester, WR1 1DN. For the purposes of the Data Protection Legislation and this notice, we are the " data controller ".
We obtain personal data about our clients when they engage us to provide services to them. The kind of information we hold about clients may include personal details such as name and address, financial details relating to business and personal finances, and information relating to tax and VAT affairs.
We may process personal data for purposes necessary for the performance of our contract with clients and to comply with our legal obligations. This may include processing personal data for employees, subcontractors, suppliers or customers of our clients.
We will only retain personal data for as long as is necessary to fulfil the purposes for which it is collected. When assessing what retention period is approprite for personal data, we take into consideration the requirements of our business and the services provided, any statutory or legal obligations, and the types of personal data we have collected.
We will share personal data with third parties where we are required to by law, where it is necessary to administer the relationship between our clients and ourselves, or where we have another legitimate interest in doing so. " Third parties " includes HM Revenue & Customs, our IT service providers, banking services and professional advisory services.
We have put in place commercially reasonable and appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way. In addition, we limit access to personal data to our employees, agents, contractors, and other third parties who have a business need to know. They will only process personal data on our instructions and are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify clients and any applicable regulator of a suspected breach where we are legally required to do so.
Any questions in connection with this privacy notice or relating to our treatment of personal data should be directed to our registered office.