Larking Gowen LLP takes the protection of your privacy very seriously. This privacy policy explains how we use any personal information that we collect about you.
How do we collect information about you?
We obtain information about you when:
- you engage us for professional services,
- when you enquire about a potential engagement with us,
- when we are engaged to act as a data processor on behalf of a data controller (for example, when we carry out our payroll services on behalf of an employer),
- when you provide us with your personal details upon applying for a role within the firm, when you contact us via our website, sign up to receive our mailings or to attend one of our events.
The information collected will generally be obtained directly from you or from a third party which you have provided authority to as your agent. If we are acting as a data processor, the information may be passed to us via the data controller.
What type of information do we collect about you?
For our professional services, the information collected may relate to your personal and financial circumstances, for us to provide the service that we have been engaged to undertake. For example, we may record your name, address, telephone number, email address, date of birth, unique tax reference, national insurance number, bank account details, data in relation to your personal taxation circumstances, data regarding your business activities, etc.
This could be a service for which either you or a third party have engaged us. For example, we may need to obtain personal data when we are acting as a data processor on behalf of a data controller (such as when we have been engaged to undertake payroll services for an employer or bookkeeping services for a client).
For job applications, this information may include your personal contact details, date of birth, education and skills, previous employment details, interests, ethnic origin, medical conditions, marital status, and CV.
If you have actively consented to receive electronic marketing material, we will hold details of your name and contact information. You can unsubscribe at any point by emailing bd@larking-gowen.co.uk, phoning or writing to us (please see the “Contact information” section below).
For website event bookings, we will record your personal contact details, plus any special dietary requirements (if applicable).
Our website is compliant with EU regulations on cookies. If you visit our website to read or download information, such as news stories or articles, all of the information we collect is statistical only and not personally identifiable. You can disable cookies at any point, read more about this in our Cookie Policy (www.larking-gowen.co.uk/privacy-and-cookie-policy/).
If you attend an event or visit our offices, we may hold images captured by photographers or CCTV cameras.
Why do we need to collect and use your personal data?
Our primary lawful basis for processing personal data is for the performance of our contracts with our clients and staff. This includes the processing of personal data when we are engaged by a data controller to provide our services as a data processor.
The information that we collect is essential for us to be able to carry out the agreed contract effectively. Without collecting personal data we would be unable to fulfil our legal and regulatory obligations.
We will also use this data to notify clients of any news that we feel is relevant to our duty of care (for example, updates relating to changes in tax legislation or industry specific information). Where possible, we will communicate these updates electronically.
For marketing purposes, we will only contact you electronically if you have given us consent to do so. You are entitled to unsubscribe at any point and request to be removed from our marketing database.
We may also contact you from time to time if we feel you or your organisation has a legitimate interest in knowing information about our products or services. You are entitled to unsubscribe and be removed from the marketing database at any point by emailing bd@larking-gowen.co.uk, telephoning or writing to us (please see the “Contact information” section below).
How will we use the information about you?
In general terms, and depending on which services we are engaged to deliver, as part of providing our agreed services we may use your information to:
For our business services (including those that we provide as a data processor):
- contact you by post, email or telephone
- verify your identity where this is required
- understand your needs and how they may be met
- maintain our records in accordance with applicable legal, regulatory and corporate governance obligations and good practice, ensuring our business policies are adhered to
- process financial transactions (this may include credit scoring and checking)
- prevent and detect crime, fraud or corruption
- complete our agreed services (such as completion of your personal tax return or business accounts), along with assisting in the gathering of information as part of investigations by regulatory bodies or in connection with legal proceedings or requests
- for operational reasons, such as recording transactions, training and quality control, ensure the confidentiality of commercially sensitive information
- investigate complaints
- market our business
- improve our services
For our applicants and staff:
- consider you for a position within the firm
- maintain our records in accordance with applicable legal, regulatory and corporate governance obligations and good practice, ensuring our business policies are adhered to
- report regulatory statistics such as diversity and gender pay gap information
- where necessary, security vetting (such as DBS / CRB checks)
Who might we share your information with?
If you are our client, in order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, accountancy or legal services as well as product and platform providers that we use to manage book-keeping services for you (where applicable).
Where third parties are involved in processing your data, we disclose only the personal information that is necessary to deliver the service. We have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they will only act in accordance with our written instructions.
Where it is necessary for your personal data to be forwarded to a third party we will use appropriate security measures to protect your personal data in transit.
To fulfil our obligations in respect of prevention of money-laundering and other financial crime we may send your details to third party agencies for identity verification purposes.
We will not share your information for marketing purposes with companies outside our group of companies.
Any staff with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow.
If you are a member of staff, if there is a need to complete security vetting checks (such as DBS / CRB checks) in relation to work, we may need to pass your information on to the relevant third party for review. This is the only occasion when a third party processor is used in relation to staff personal data.
Transfer of your data to other countries
In the course of carrying out our engaged services, we may transfer your data to other countries, which may not have the same legal protections for your data as the UK.
Where data is being transferred outside of the European Economic Area, we take steps to ensure that your data is adequately protected in accordance with UK legal requirements. Where we are in a contractual relationship with the recipient, such protection will normally consist at minimum of appropriate contractual protections agreed between us and the recipient.
How long do we keep hold of your information?
In principle, your personal data should not be held for longer than is required under the terms of our contract for services with you. However, we are subject to regulatory requirements to retain data for specified minimum periods. We also reserve the right to retain data for longer than this where we consider it is in your interest for us to do so.
With regards to client data (and data which we obtain whilst acting as a data processor on behalf of a data controller), we will retain your personal data for a minimum of 7 years.
For marketing purposes, where you have consented to hear from us, if we haven’t made contact within 2 years, we will remove you from our database (unless you have already asked to be removed).
For human resources purposes, where you have applied for a position within the firm, we will retain your application for a minimum of 6 months from the closure of the vacancy unless you were successful (in which case, this record will then move to your staff file). For staff, we will retain your personal data for a minimum of 6 years after your employment ceases.
Security precautions in place to protect the loss, misuse or alteration of your information
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best efforts to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Your data will usually be processed in our offices in the UK and stored within UK-based data centres. We take the security of your data seriously and so all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.
We are proud to have been accredited a Certificate of Assurance from the Cyber Essentials scheme. For reference, our certificate number is IASME-A-01932.
Your rights
Access to your information
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please contact us using the details noted below in the “Contact information” section.
When your personal data is processed electronically, you have the right to ask us to move your personal data to another organisation.
Correcting your information
We want to make sure that your personal information is accurate, complete and up-to-date and you may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information
You have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above.
Restricting how we may use your information
In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Objecting to how we may use your information
Where we use your personal information to perform tasks carried out in the public interest then, if you object to this use and ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
Please contact us in any of the ways set out in the “Contact information” section below if you wish to exercise any of these rights.
Changes to our privacy policy
We keep this privacy policy under regular review and will place any updates on our website. Paper copies of the privacy policy may also be obtained from each of our offices on request.
This privacy policy was last reviewed on 01 May 2018.
Contact information
If you have any questions about our privacy policy or information we hold about you please use the following contact details:
Data Privacy Officer: Richard White
Email address (general): privacy@larking-gowen.co.uk
Email address (marketing opt-outs): marketing@larking-gowen.co.uk
Post: Richard White
Larking Gowen LLP
Prospect House
Rouen Road
Norwich
NR1 1RE
Telephone number: 0330 024 0888
Complaints
We seek to resolve directly all complaints about how we handle your personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office at:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone – 0303 123 1113 (local rate) or 01625 545 745
Website: https://ico.org.uk/concerns
Cookie policy
This website (www.larking-gowen.co.uk) uses cookies to store information on your computer. Cookies help us to provide you with the best experience out of the website.
If you have any questions about the following information please email lg@larking-gowen.co.uk
Managing cookies
Most web browsers allow you to control the cookies stored on your computer through your browser’s settings. To find out more about cookies, including how to see what cookies have been stored and how to manage and delete them, visit www.aboutcookies.org.
Removing or disabling cookies
You may choose to remove or block cookies at any time by adjusting your browser settings, but in some cases, this may impact your experience of our website.
Our use of cookies
The information below lets you know what cookies this site uses and what they are.
This site uses session cookies. These are temporary cookie files, which are erased when you close your browser.
Third Party Cookies
Google Analytics
_ga
_gid
_gat_gtag
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site.
The information collected is anonymous and does not identify a visitor. The data includes the number of visitors to the site, where visitors have come from and the pages they visited.
Select this link for an overview of privacy at Google.
Select this link to opt out of being tracked by Google Analytics across all websites.