Privacy Policy

For the purposes of this privacy statement we are the DATA CONTROLLER. We are responsible for deciding how we hold and use your personal data. Under GDPR legislation we are required to notify you on the information contained below. We are committed to protecting your personal data in accordance with the Data Protection Act 2018 (DPA 2018) and the General Data Protection Regulations (GDPR).

We obtain personal data about you from the following:

• You instruct us to act in respect of the services we provide
• You or your employer engages us to provide our services
• You contact us via our website, email, telephone or post
• From publicly available resources e.g. Companies House or your employer

Any personal data we hold about you may include but is not limited to:

• Full name
• Contact details – mobile numbers, email addresses, office/home addresses
• National Insurance Numbers
• Employment History
• Employee Numbers
• Credit History
• Personal Tax
• Payroll & Accounting data

Any data we may hold on you in respect of the services we provide may include but is not limited to:

• Medical conditions
• Racial or ethnic origins
• Convictions
• Biometric data e.g. photo in an electronic passport/driving license

We process personal data for several purposes and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.

We may receive personal and sensitive (biometric) data from you for the purposes of our money laundering and client checks, for example, a copy of your passport or driving license. This data will only be processed for the purposes of preventing money laundering, terrorist financing or as otherwise permitted by law or with your express consent.

Our policy is to collect only the personal data necessary for agreed purposes and we ask clients to only share personal data where it is strictly needed for those purposes. We collect personal data from our clients or from third parties acting on the instructions of the relevant client.

We process personal data to provide professional services such as tax advice, general or specific business advice as part of the range of services we offer. We also process personal data in the administration and management of our business.

Your business contact details are used to provide you with information about our services and other information which we think will be of interest to you, unless you tell us not to.

We are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.

We take the security of your data we hold seriously. We have a policy including procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.

We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect your data.

We may be required to use third parties located in other countries to help us run our business. As a result, personal data may be transferred outside the countries where we and our clients are located. This includes countries outside the European Union ("EU"). If this should occur, rest assured, we will only do so having carried out appropriate due diligence and in accordance with data protection laws.

Under the DPA (2018) and GDPR, individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights.

Personal data processed is kept by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our retention policy period for records and other documentary evidence created in the provision of services is 7 years.

If at any point you do not wish for Hogbens Dunpy to hold your data e.g. cessation of your contracted services with our company. Then you have the right to request we delete any information held on you unless otherwise obligatory under our own regulations.

Under the ‘Subject Access Request’ you have the right to ask for a copy of the information which we hold about you. If this is the case, please write to the following address:

Email: richard@hogbensdunphy.co.uk and michelle@hogbensdunphy.co.uk

By Post: Third Floor, 104—108 Oxford Street, London, W1D 1LP

We take the security of your data we hold seriously. We have a policy including procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.

We take steps to make sure that the data you provide us with is treated securely. To send company emails we use end to end Transport Layer Security (TSL) encryption. However, with TLS, the message might not stay encrypted after the message reaches your email provider. In other words, TLS encrypts the connection, not the message.

With electronic communication there is a risk of non-receipt, delayed receipt, inadvertent misdirection or interception by third parties. We use virus-scanning software to reduce the risk of viruses and similar damaging items being transmitted through emails or electronic storage devices. However electronic communication is not totally secure, and we cannot be held responsible for damage or loss caused by viruses nor for communications that are corrupted or altered after despatch. Nor can we accept any liability for problems or accidental errors relating to this means of communication especially in relation to commercially sensitive material. These are risks you must accept in return for greater efficiency and lower costs. If you do not wish to accept these risks please let us know and we will communicate by hard copy, other than where electronic submission is mandatory.

Under the “Subject Access Request” you have a right to access your personal data held by us and you can exercise that right by contacting us below. Our aim is to respond to a request promptly and within the legally required limit of 1 month.

If you wish to update personal data submitted to us, please contact us below. Once we are informed that any personal data held by us is no longer accurate we will make changes based on your updated information.

It is your right to lodge an objection to the processing of your personal data if you feel the “grounds relating to your particular situations” apply. The only reason we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims.

This statement is intended to provide information about what personal data we collect about you and how it is used. As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to erasure/deletion, to restrict or object to our processing of personal data and the right to data portability. For further information on these rights please contact us below.

If you have any questions about this privacy statement or how and why we process personal data, please contact us at:

Name: Hogbens Dunphy Ltd.

Address: First Floor, 104-108 Oxford Street, London W1D 1LP

Email: richard@hogbensdunphy.co.ukand michelle@hogbensdunphy.co.uk

Telephone: 020 7016 2450

Any changes we initiate to our privacy notice will be updated and issued on our website

If you do want to complain about our use of your personal data, please contact us at anything@hogbensdunphy.co.uk with the details of your complaint.

You also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. The ICO’s contact details are as follows:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Telephone – 0303 123 1113

Website – https://ico.org.uk/make-a-complaint/