Privacy Policy

A P N Pinfold & Co Limited, trading as Pinfold & Co, Chartered Certified Accountants, is committed to protecting your privacy and personal data. We comply with the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This policy explains what information we collect, how we use it, and how we protect your data.

1. Who Are We?

This policy applies to Pinfold & Co, Chartered Certified Accountants, operating from 8 Deben Mill Business Centre, Old Maltings Approach, Woodbridge, Suffolk, IP12 1BL.

2. Contact for Privacy Concerns

If you have any questions about how we handle your personal data or about this Privacy Policy, please contact us:

  • By Post: Pinfold & Co, 8 Deben Mill Business Centre, Old Maltings Approach, Woodbridge, Suffolk, IP12 1BL
  • By Email: accounts@pinfold.co.uk

We aim to respond to privacy-related queries within 30 days. If you’re unsatisfied, you can also contact the UK Information Commissioner’s Office (ICO) at https://ico.org.uk/concerns/handling.

3. How Do We Collect Personal Data?

We collect personal data both directly and indirectly:

  • Direct Collection: From individuals via business cards, online forms, emails, and other digital means, meetings, or job applications.
  • Indirect Collection: From sources like public registers (e.g., Companies House), clients, and recruitment agencies. We may also collect data from hosted software applications used for delivering our services.

4. What Personal Data Do We Collect?

We collect different types of data to provide our services:

  • Contact Details: Name, company name, job title, phone numbers, email, and postal address.
  • Professional Information: Job history, education, and professional memberships.
  • Family and beneficiary details: for insurance and pension planning services (e.g., names and dates of birth).
  • Financial Information: Taxes, payroll, pensions, investment interests, bank details, and insolvency records.
  • Sensitive Data: Generally, we avoid processing sensitive data, but we may collect information like dietary restrictions for event planning or personal ID documents for regulatory reasons.
  • Children’s Data: We do not collect data from individuals under 13 years of age.

5. Why Do We Collect Personal Data?

We collect and process personal data for the following lawful reasons:

  • Contract: To fulfill our contractual obligations in providing professional services.
  • Legitimate Interests: To deliver services efficiently, such as processing client payrolls or tax returns.
  • Legal Obligations: To meet our regulatory requirements, including reporting to HMRC.

6. Why Do We Need Your Data?

Your data allows us to:

  • Provide professional services like tax advice, audits, and payroll management.
  • Ensure the security of our information systems and websites.
  • Respond to communications or requests from you.
  • Comply with legal obligations related to money laundering, fraud, and financial crime.

7. Marketing Communications

From time to time, we may send you information about products and services that we believe could be beneficial to you. If you wish to opt out of these communications, you can contact us directly with your preferences.

8. Do We Share Your Data with Third Parties?

We will not share your personal data with third parties unless legally required to do so, such as for HMRC reporting or anti-money laundering compliance. We may also share data with IT service providers who store and manage our data, ensuring they comply with strict data protection standards.

9. International Data Transfers

Your data is stored on servers chosen by our specialist IT consultants, located within the European Economic Area (EEA). If we need to transfer data outside of the EEA, we ensure that appropriate safeguards are in place.

10. Your Data Protection Rights

You have the following rights concerning your data:

  • Access: You can ask us if we hold your data and request a copy.
  • Correction: You can ask us to correct any inaccurate or incomplete data.
  • Erasure: You can request the deletion of your data when it’s no longer needed.
  • Processing Restrictions: You can request that we limit how we process your data in certain circumstances.
  • Data Portability: You can request that your data be transferred to another organisation.
  • Right to Object: You can object to your data being used for direct marketing.
  • Withdraw Consent: You can withdraw your consent for us to process your data at any time.

11. How Do We Protect Your Data?

We have put in place security measures to protect your personal data from unauthorised access, loss, or misuse. Access to your data is restricted to authorised individuals only. If you use our online portals, you are responsible for keeping your credentials secure.

12. Data Retention

We retain personal data for as long as necessary to provide our services and to comply with legal obligations. Generally, we retain data for seven years unless a longer retention period is required.

13. Changes to This Privacy Policy

We may update this policy occasionally to reflect changes in regulations or our practices. The latest version will always be available at our offices.

Latest Update: 9th October 2024