Wellers (“we”, “us”, or “our”) is committed to protecting and respecting the personal data that we hold. Personal data is any data relating to an identified or identifiable living person.
This privacy statement governs why and how we collect and use personal data in the course of our business. This privacy statement also provides information about individuals’ rights. It applies to personal data provided to us, by individuals themselves and by others. We may use personal data provided to us for the purposes described in this privacy statement or as made clear before collecting personal data.
When collecting and using personal data, our policy is to be transparent about why and how we process personal data. We process personal data for various purposes. The means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose are set out below.
Personal data is provided directly by the individual concerned, by a third party, or obtained from publicly available sources. Where we receive personal data that relates to an individual from a third party, we request that the third party informs the individual of the necessary information regarding the use of their data. Our clients may refer data subjects to this privacy statement.
We have policies, procedures and training in place in respect of data protection, confidentiality and information security. We regularly review our measures with the objective of ensuring their continuing effectiveness.
All information you provide to us is stored on our secure servers. Where you have a password which enables you to access our portal, you are responsible for keeping this password confidential. Please do not reveal the password to anyone.
The transmission of information over the internet is not necessarily secure. We will do our best to protect your personal data, however, we cannot guarantee the security of data that you send to our website or which you email to us; any data that you send is at your own risk. Once we receive information from you, we will use strict procedures and security features designed to prevent unauthorised access to your data.
This privacy policy tells you what to expect when Wellers collects personal information. It applies to information we collect in connection with/relating to:
The data that is processed is dependent on the service that is being provided and on the recipient of the service.
Where data is collected for client services, it is used in a number of ways. Data is processed in accordance with a letter of engagement between us and our client. We provide a range of professional services to our clients, which include:
How long the data is retained for
We retain the personal data processed by us for as long as is considered necessary for the purposes for which it was collected or as required by applicable law or regulation (typically 6 years). We may keep data for longer in order to establish, exercise, or defend our legal rights and the legal rights of our clients.
Personal data may be securely archived with restricted access and other appropriate safeguards where there is a need to continue to retain it.
The data we hold
The data we hold relating to business contacts includes such items as: name, employer, business address, phone numbers, email address and other business contact information.
Why the data is processed
Where personal data on business contacts is held, it is used for a number of purposes, such as:
How long the data is retained
We retain the personal data processed by us for as long as is considered necessary for the purposes for which it was collected.
The data we hold
We collect personal data including names, address, contact details and bank details in relation to our suppliers.
Why the data is processed
Personal data relating to suppliers is used to manage the contract between us and the supplier.
How long the data is retained
We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected. Data may be held for longer periods where required by law or regulation and in order to establish, exercise or defend our legal rights.
We collect personal data from our employees as part of the administration and management of our business.
Our staff handbook explains what data we hold, how we process it and our data retention policy.
The data we hold
The data we hold relating to job applicants includes data provided in CVs, on application forms and in references provided by third parties.
Why the data is processed
All of the information obtained relating to applicants during the application process is only used for the purpose of progressing the application, or to fulfil legal or regulatory requirements as necessary.
How long the data is retained
Personal data collected in relation to applicants is held for as long as necessary in order to fulfil the purposes for which it was collected, or for a maximum of two years where those purposes are no longer necessary.
The data we hold
The data that we hold depends on what data was entered and for what purpose. Personal data entered so as to engage with the functionality of our website, may include:
In instances where data is collected automatically, for example information about your computer and visits to the website, this may include technical information such as:
Other data collected about an individual’s visit will include:
This website is not intended for or targeted at children under the age of 13. We do not knowingly collect information about children under this age. If you believe we have collected information about a child under 13 then please contact us using the contact details stated in this policy so that we may delete this information.
Our website uses cookies to distinguish individuals from one another. This helps us to provide a more personal experience when individuals browse our website and also allows us to improve our website. For information on why we use cookies and for what purpose, please refer to our cookie policy.
There are a number of reasons why we will process the personal data that an individual may provide to us when visiting our website. Examples of these include:
How long the data is retained
We retain the personal data processed by us in a live environment for as long as is considered necessary in accordance with the purpose(s) for which it was collected. Typically this could be for up to 6 years in keeping with the relevant law and regulation.
In addition, personal data may be securely archived with restricted access and other appropriate safeguards put in place should there be a need to continue to retain it.
We do not sell data to any third parties. We do not provide information to third parties for their own marketing purposes and we do not undertake mailings for third parties.
Personal data is only shared with third parties when we are legally permitted to do so.
We may provide personal data to (or share data with):
Where we share your data with such agents, we require explicitly that they acknowledge and adhere to our privacy policy and data handling policies.
The personal data we collect is processed in the UK and European Economic Area (EEA) and is, therefore, protected by the UK an EEA data privacy laws. Should information be stored or processed outside of the EEA, we would put agreements in place with our third party suppliers to ensure the data is protected to an equivalent standard as would be required in the UK and EEA.
Under the GDPR you have rights in relation to any of your personal data held by us as a data controller. Specifically these are:
If you wish to exercise any of these rights, please email dataprotection@wellersaccountants.co.uk.
Where legally permitted we will notify clients if we receive a request from a data subject to exercise their rights under the General Data Protection Regulation (“GDPR”).
Wellers tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. If you want to make a complaint about the way we have processed your personal information, you can contact us by email or post at the addresses detailed below. We will look into and respond to this accordingly.
You also have the right to lodge a complaint with the UK data protection regulator, the Information Commissioner’s Office (“ICO”). For further information on your rights and how to complain to ICO, please refer to the ICO website https://ico.org.uk/
Wellers (a partnership with address of 8 King Edward Street, Oxford OX1 4HL) is registered as a data controller under registration number Z5192527.
If you have any questions about this privacy statement or how and why we process personal data, please contact us at:
Data Protection Officer
Wellers
8 King Edward Street
Oxford
OX1 4HL
Email: dataprotection@wellersaccountants.co.uk
Phone: 0333 241 6000
Click below for office location details