Ashgates Privacy Notice - Accountants and Business Advisors based in Derby

Audit Privacy Notice

Audit Privacy Notice:

This Privacy Policy sets out how DJH Audit Limited obtain, store and use your personal information when you are a client, interact with us, visit the Ashgates website or the DJH website – or where we otherwise obtain or collect your personal information.

This privacy policy applies to all the products and services we offer and DJH Audit Limited will be the data controller of your data.

Where this Privacy Policy refers to “we”, “our” or “us” below, this shall mean DJH Audit Limited.

Our Details
The Data Protection Officer (DPO) is listed below, as well as ways to contact them:
Suzy Dawson-Newbury
The Glades
Festival Way
Stoke-on-Trent
ST1 5SQ
Telephone: 01782 279615
Email: GRC@djh.co.uk

How we collect or obtain personal information about you
We collect information about you from different places including:
• directly from you
• from a third party acting on your behalf e.g. an intermediary or broker
• from publicly available sources
• when we generate it
• from other organisations

Personal information we collect or obtain about you
The information we collect includes:
• name and contact details, such as an address, email, telephone number and DOB, to set you up as a client and perform our onboarding checks.
• employment and payroll history
• taxation information and history
• information about your circumstances and the matter you have asked us to deal with
• financial information such as bank details, bank statements and details of investments

How is your personal information used
We will use the information to fulfil a contractual service as detailed in an engagement letter, to meet legal obligations or for other purposes such as:
• to confirm your identity and address
• to carry out your instructions
• to improve our services
• to offer other services we believe may benefit you unless you ask us not to.

Who we may share your personal data with
We will not disclose, sell, or distribute your personal data to third parties unless we have your permission to do so. We may, however, share your data with:
• Group employees, agents and or professional advisors
• with our Group companies for the purpose of performing your engagement
• to inform you of products and services we believe may benefit you – unless you ask us not to
• with other third parties who provide services to us in relation to performing our engagement with you, for example (Xero, Sage and HMRC)

We will only disclose personal data to third parties if we are legally obliged to do so, to assist with the performance of our engagement with you or at your request.
Transferring personal data outside the United Kingdom (UK)

We may transfer personal data we collect about you outside the UK in order to perform our engagement with you.
Before agreeing to transfer data outside the UK we check to ensure that there are adequacy regulations under the Data Protection Act 2018 in relation to each country which ensures that their regulations will be deemed to provide an adequate level of protection for your personal information for the purpose of the UK Data Protection Legislation.
Where there are no adequacy regulations we have binding contractual agreement with the relevant third parties to ensure that your personal data is treated by those third parties in a way that is consistent with and which respects the UK Data Protection Legislation.

How long we store your personal information
We will keep your information for as long as you have a relationship with us. If you disengage as a client, we will keep it where we are legally required to do so and for legitimate purposes only. We are required under UK tax law to keep your basic personal data (name, address, tax details) for a period of time, and we will do this for a minimum of six years after which time it will be destroyed. The information we use for marketing purposes will be retained until you notify us that you no longer wish to receive communication from us.

How we secure your personal information
We understand your personal data is very important to you and as such we will ensure we have appropriate policies, procedures and technical measures in place to prevent unauthorised access or unauthorised processing of personal data. Our data protection policies and procedures assist in ensuring our compliance with the data protection laws and that your personal data is controlled and processed securely.

If a data breach should occur, we will notify you of any such breach that could result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage against an individual.

Our use of cookies and similar technologies
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Depending on the browser you use you should be able to control what cookies are placed on your device through the browser settings. You can find out about cookies, how to see what cookies have been set, how to manage and delete them

We do not store any personal data in the cookies that we use and store your information anonymously.

We use Google Analytics to help us run our website, by monitoring the activity and traffic both to and through our website. By using cookies stored on users’ devices, it creates reports giving us statistical and other information about our website. Details captured during your visit will include, but not be limited to, traffic data, location data, weblogs and other communication data and the resources you access. However, all data collected is anonymous and will not identify you as an individual. Google stores this activity information, and you can view Google’s privacy policy and opt out of being tracked by Google Analytics across all websites.

Your rights in relation to your personal information
You have a number of rights relating to your information:
• The right to be informed about the processing of your personal data
• The right to have the personal data corrected if it is inaccurate and to have incomplete personal data completed
• The right to object to the processing of your personal data
• The right to restrict processing of your personal data
• The right to have your personal data erased or forgotten
• The right to request access to your personal data and information about how we process it
• The right to move, copy or transfer your personal data.

Changes to your information and how to complain
If at any point you believe the information we process about you is incorrect, you can exercise your rights as we have listed above and we will action your requests, subject to our legal responsibilities. If you wish to make a complaint about how we have handled your personal data, then do please contact our data protection officers via the contact details supplied above. If you are not satisfied with how we deal with your complaint or believe we are processing your personal data not in accordance with the data protection laws, you can complain to the Information Commissioner’s Office.

Review of this Policy
We keep this policy up to date and it was last updated in July 2024.