Purpose of this notice
This notice describes how we collect and use personal data about you, in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018 and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK (‘Data Protection Legislation’).
Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
Unicorn Accountants is an accountancy and tax advisory firm. We are registered in England and Wales as a limited company under number: 12649768 and our registered office is at 71-75 Shelton Street, London, Greater London, United Kingdom, WC2H 9JQ.
For the purpose of the Data Protection Legislation and this notice, we are the ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.
We have appointed a Data Protection Officer. Our Data Protection Officer is our Data Protection Point of Contact and is responsible for assisting with enquiries in relation to this privacy notice or our treatment of your personal data. Should you wish to contact our Data Protection Point of Contact you can do so using the contact details noted in the 'contact us' section below.
What type of information do we collect from you?
The personal information we collect from you will vary depending on which services you engage us to deliver. The personal information we collect might include your name, address, telephone number, email address, your Unique Tax Reference (UTR) number, your National Insurance number, bank account details, your IP address, which pages you may have visited on our website and when you accessed them.
How is your information used?
In general terms, and depending on which services you engage us to deliver, as part of providing our agreed services we may use your information to:
- Contact you by post, email or telephone
- Verify your identity where this is required
- Understand your needs and how they may be met
- Maintain our records in accordance with applicable legal and regulatory obligations
- Process financial transactions
- Prevent and detect crime, fraud or corruption
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Who has access to your information?
- We will not sell or rent your information to third parties.
- We will not share your information with third parties for marketing purposes.
- Any staff with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow.
Transferring personal data outside the European Economic Area (EEA)
We will not transfer the personal data we collect about you outside of the EEA
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Why might you share my personal data with third parties?
We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.
Which third-party service providers process my personal data?
“Third parties” includes third-party service providers and other entities within our group OR the members of our firm’s network. The following activities are carried out by third-party service providers: IT and cloud services.
All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
What about other third parties?
We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
Changes to this notice
Any changes we may make to our privacy notice in the future will be shown on this link. This privacy notice was last updated on 29th November 2020.
If you have any questions regarding this notice or if you would like to speak to us about the manner in which we process your personal data, please email our Data Protection Point of Contact, Teodora Dimitrova, Director firstname.lastname@example.org or telephone our Data Protection Point of Contact on 020 8064 0454
You also have the right to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner's Office