Privacy Policy
Zest Tax Limited takes the protection and privacy of personal data seriously. Our Fair Processing Notice’s explain how we use, protect and store personal data before, during and after being a contact of ours.
Summary
Do we transfer your personal data outside of the EU or EEA?
Your data is kept in the EU or EEA.
Do we use any automated decision making?
We do not use any automated decision making.
Technical security
Retention periods
Server logs are kept up to one year, after which they are deleted automatically.
Your Rights
You have several rights in respect of our processing of your personal data, these are:
- we no longer need it
- if we are processing your personal data by consent and you withdraw that consent
- if we no longer have a legitimate ground to process your personal data or,
- we are processing your personal data unlawfully.
- To object to our processing if it is by legitimate interest.
- To restrict our processing if it was by legitimate interest.
- To request that your personal data be transferred from us to another company if we were processing your data under a contract or with your consent and the processing is carried out automated means.
- I am a prospective client or a client
- I am just browsing your website
- I am a supplier
- I am a prospective employee
- I am a visitor to the office
If you want to exercise any of these rights, please contact us using the details below.
For more information about how we use your personal data, please read the notice that applies best to you:
Contact us
You have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone – 0303 123 1113 (local rate) or 01625 545 745
Website – https://ico.org.uk/concerns
Contact us
You have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone – 0303 123 1113 (local rate) or 01625 545 745
Website – https://ico.org.uk/concerns
I am a prospective client or a client
Our processing is either because we have a contract with you, you wish to have a contract with us, we have a legal obligation to process the data or the processing is a legitimate activity.
When you are a client or wish to become a client of Zest Tax, we collect and process your personal data:
We process the following data to provide you with tax services and to contact you:
You have the right to unsubscribe to our marketing at any time. If you do choose to unsubscribe, we will keep your name and email address on a suppression list so that we don’t email you again by accident. If you are on our suppression list, you will still receive communications that are necessary to the performance of your chosen services, or notifications to avoid you missing deadlines and/or incurring penalties.
In order to provide you with the most appropriate services, we may need to process the personal data of your family members (name, address, DOB and other potential personal data or financial data).
How long do we hold your personal data?
In accordance with HMRC guidance, we will hold the personal data that was collected for the purposes of providing you with tax services, while you are a customer and for seven years. After this, it will be destroyed.
If you have started the process to become a client and then change your mind before the engagement process is underway we will destroy it immediately. If the engagement process has commenced we will hold your data for six years, after which it will be destroyed.
We will hold your name, email and phone number to send you marketing information for as long as you would like us to. If you withdraw your consent, we will hold this data for five years in a suppression list so that we don’t market to you against your wishes. This is a legitimate activity for us.
Who do we share your personal data with?
Depending on your chosen services and our requirements, we may share your personal data with the following recipients:
Our software, technology applications, database providers (MailChimp, IRIS Software Ltd, Microsoft) necessary for recording, securing and updating your personal details and administering services internally as well as external communications
I am just browsing your website
What data we hold
We generate log files from various servers. This will include an IP address assigned to you or to your internet service provider.
Technical data
We use the logs from our servers to help with our company’s security as well as to look at visitor behaviour, for example, which website pages get the most traffic or are the most popular.
I am a supplier
We collect and process personal data about our suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) in order to manage the relationship, contract, to receive services from our suppliers and, where relevant, to provide professional services to our clients. The personal data is generally business card data and will include name, employer name, phone, email and other business contact details and the communications with us
We use personal data for the following purposes under legitimate interest:
I am a prospective employee
We ask for personal data from job candidates to assist us with our recruitment processes. If your application is successful and you become employed by us, this information will become part of your personnel/HR file. Please note that we only accept CVs for current vacancies. We do not accept CVs sent ‘on spec’ and they will be deleted upon receipt.
What data we hold
As a job candidate, we will process the following information about you:
We use your name, address, contact details and work history to assess your application. We are processing your personal data based on your consent. If you submit your CV to us, that is a clear affirmative action that indicates to us that you have consented to us processing your personal data. We will request information about you from your referees and will use this to assess your job application.
We will process your passport in order to check that you have the right to work in the UK. If you would prefer not to provide this information, we will not be able to assess your application.
Third parties
We do not transfer your personal data to third parties except the following:
Retention periods
I am a visitor to the office
CCTV
There are signs in our office showing that CCTV is in operation. The images captured are securely stored and only accessed on a need to know basis (e.g. to investigate an incident). We use the CCTV images for the legitimate purposes of promoting security and safety of our personnel and members of the public, preventing and detecting crime and establishing, exercising and defending legal claims. We may disclose CCTV images to law enforcement bodies as requested and permitted by data protection law.
Visitor records
We require visitors to sign in using a device at reception and keep a record of visitors for a short period of time. Our visitor records are securely stored and only accessible on a need to know basis (e.g. to investigate an incident).
Our legal basis for processing personal data
By law, we need a legal basis for processing personal data.
We process your name because we have a legal obligation. You cannot enter our office without signing in using the device. This information is held securely. We need to know who is in the building for fire regulations.
We process your image on CCTV because we have a legitimate interest in the safety and security of our staff and visitors.
Who do we share visitor’s information with?
We share visitor’s information with the following, when required: