Individuals whose personal data we process where providing services to our clients
We aim to collect personal data only to the extent necessary for us to provide our services to our clients and for other agreed purposes. Where personal data is required for us to perform services for our clients, we request that our clients provide all necessary information to relevant individuals (known as “data subjects”) about our use of personal data. Our clients may therefore refer data subjects to this Privacy Notice.
We provide a range of services to clients and in doing so may process personal data that relates to third parties with a business connection to our clients, such as other advisers, suppliers, transaction counterparties etc. The personal data we process may include contact details, details of business activities, information relating to management and employees, payroll details, and financial information such as details of income, taxation, financial interests and investments.
We generally collect personal data directly from our clients or from third parties acting on their instructions. We may also collect personal data directly from third parties such as transaction counterparties. Such personal data may be used for the following purposes:
- Provision of professional services – We undertake a wide range of services, including Audit, Tax, Advisory and Outsourcing services. We may have to process personal data in order to perform such services and/or provide advice and deliverables to our clients.
- Managing, administering and developing our business – We process personal data in order to manage our relationship with clients, develop our business and services, maintain and develop our IT systems, manage and host events, and to administer and manage our website, systems and applications.
- Quality and risk management and security – we use various measures to protect personal data and other client information, which include monitoring the services provided to clients to detect, investigate and resolve security threats. Such monitoring may involve processing personal data, for example the automatic scanning of email correspondence for threats. Our client take-on procedures involve processing personal data that may be obtained from publically available sources (such as sanctions lists, criminal convictions databases, and general internet searches) to identify any risks relating to individuals and organisations that may prevent us from working for a particular client or on a particular matter.
- Providing information about our services to our clients – unless the relevant individual has opted-out, we may use client business contact details to provide information about our services and activities and events that may be of interest.
- Compliance with legal and regulatory obligations – as a regulated firm, we are subject to various legal, regulatory and professional obligations that may require us to process and/or retain personal data held on our client files.