Privacy Statement

1.1            This page explains how and why NTLA (also referred to as “we”, “our” and “us”) uses personal data about our clients (referred to as “you”).

1.2            You should read this privacy notice, so that you are able to understand how we are using your personal data. Please also read any other privacy notices that we may issue in the future.

1.3            We may update this privacy notice from time to time to reflect changes to the type of personal data that we process and/or the way in which it is processed. We will update you on material changes to this notice by communicating this through updates on the NTLA Website. We also encourage you to check this page from time to time.

2.              NTLA’s data protection responsibilities

2.1            “Personal data” is any information that relates to an identifiable natural person. Examples of your personal data include your name, address, contact details, etc. In addition, information that combined, allows your identification may also amount to your personal data, such as your first name and UTR.

2.2            The term “process” means any activity relating to personal data, including, by way of example, collection, storage, use, consultation and transmission.

2.3            On engagement, or if you are a client then NTLA is the "controller" of your personal data. This is a legal term – it means that we make decisions about how and why we process your personal data and, because of this, we are responsible for making sure it is used in accordance with data protection laws.

3.              What types of personal data do we process and where do we get it from?

3.1            We process many different types of personal data about you for lots of reasons (which are set out in the table below) but the main reason we process data is because you have asked us to act on your behalf as an Accountant and Tax Advisor.

3.2            If any of the personal information you have given to us changes, such as your contact details, it is your responsibility to inform us without delay by updating your information by contacting the us on 01793 686 434 or info@ntla.co.uk

3.3            We cannot administer or act on behalf of you without your personal data. Where we don’t need your personal data, we will make this clear, for instance we will explain if any data fields in our application processes are optional and can be left blank.

3.4            This information may be provided by you or your previous accountant.

4.              What do we do with your personal data, and why?

4.1            We process your personal data for particular purposes in connection with your engagement with us, and the management and administration of our organisation

4.2            We are required by law to always have a so-called “lawful basis” (ie a reason or justification) for processing your personal data.

4.3            There are a number of different lawful bases for processing. The information below sets out the personal data we process, the different purposes for which we process that personal data and the relevant lawful basis on which we rely for that processing. For some processing activities, we consider that more than one legal basis may be relevant – depending on the circumstances.    

​

General Administration

Name, contact details, Telephone numbers, email address, postal address.          

This process is necessary to comply with our legal obligations.    

To comply with our customer due diligence obligations.

To contact you if we need to update you with any changes.

 

Finance

Bank account details      

This process is necessary for the purposes of legitimate interests pursued by us.

To process direct debit mandates

To collect fees due in relation to work carried out.

To refund overpayments

 

Individual tax affairs

Name, Address, Date of Birth, UTR Number, NI Number, Bank account details, Email Address.     

This process is necessary for the purpose of legitimate interests pursued by us.  

To allow us to complete and file tax returns on your behalf.

To be able to contact HM Revenue and Customs on your behalf.

 

Litigation

Any personal data required for the purpose of bringing or defending legal claims.

This process is necessary for the purpose of legitimate interests pursued by us.  

Any personal data required for the purposes of bringing or defending legal claims.

 

Payroll

Name, Address, Date of Birth, NI Number.           

This process is necessary for the purpose of legitimate interests pursued by us.  

To be able to process payroll on behalf of an employer.

​

​

4.4            Please note that where we have indicated in the table above that our processing of your personal data is either:

4.4.1           necessary for us to comply with a legal obligation; or

4.4.2           necessary for us to complete the work you have instructed us to carry out.

4.4.3          necessary for us to process payroll on behalf of your employer.

 

and you choose not to provide the relevant personal data to us, we will not be able to provide the relevant services you have instructed for us to carry out.

5.              Who do we share your personal data with, and why

5.1            Sometimes we need to disclose your personal data to other people outside NTLA.

5.2            From time to time we may ask third parties to access your tax file, either for review or specific complex tax affairs. These third parties will process your personal data on our behalf (as our processor). We will disclose your personal data to these parties, only where necessary, so that they can perform those functions. Before we disclose your personal data to other people, we will make sure that they have appropriate security standards in place to make sure your personal data is protected and we will enter into a written contract imposing appropriate security standards on them. Examples of these third party service providers include our IT systems software and maintenance, back up, and server hosting providers.

5.3            We have set out below a list of the categories of recipients with whom we may share your personal data, where it is necessary to do so:

• Organisations providing goods and/or services on our behalf, including third party contractors. These may include organisations providing back-up storage services and other IT services;

• HM Revenue & Customs

• Companies House

• Police and law enforcement;

• Courts;

• Legal Advisors;

• Consultants and other professional advisors; and/or

• Any other Third parties, where authorised or directed by you to do so.

• Your employer

5.4            At all times we will comply with our obligations under applicable Data Protection Laws.

6.              Retention

6.1            Any personal data processed as part of your engagement with us will normally be held for a period of 7 years from the end of your engagement with us, except where we are:-

• legally required to retain the information for longer;

• legally required to delete the information within a specified period of time; or

• where the personal data is required in relation to any legal or other type of dispute, either with you or with a third party.

 

7.              Your rights

7.1            You have the right to request the following, in respect of the processing of any of your personal data:

• access to your personal data;

• have any incorrect personal data corrected or erased;

• the restriction of the processing of your personal data whilst any request to have incorrect personal data corrected or erased is being considered;

• to object to any processing of your personal data undertaken on either public interest or legitimate interest grounds;

• a copy, provided in a structured, commonly used and machine readable format, of any personal data that you have provided us, where the information is processed on the basis of your consent or in the course of a contract between you and us.

 

7.2            Where we process your personal data solely on the basis of your consent, you are entitled to withdraw your consent at any point, in writing. If you chose to this, this means that we will be unable to further process your personal data for that purpose, but any processing undertaken prior to the withdrawal of your consent would still be deemed lawful.

7.3            However, we may not be able to comply with your requests, where the information falling within the scope of your request is exempt, due to the circumstances and/or purposes to which we are processing this information. If this is the case, we will respond to your request explaining the reasons why we are unable to comply with your request e.g. a legal obligation.

If you wish to exercise any of the above rights, or are dissatisfied or have any questions in relation to how NTLA uses and/or process your personal data please contact info@ntla.co.uk

 

 

 

7.4            If you are dissatisfied with the outcome of your request or how we have processed your personal data, you are also entitled to lodge a complaint with the Information Commissioner’s Office, who can be contacted at:

telephone:      0303 123 1113

email:            casework@ico.org.uk

post:              Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF