Hero Accounting & Business Solutions Ltd holds essential information about our business partners (customers, suppliers and potential customers) to enable us to efficiently carry out business with these companies.
Part of this information includes personal information about individual employees of these business partners. The information that we hold is minimal and includes names, email addresses, telephone numbers (landline and mobile where applicable) and job title/function. If the business is based from a home address we also hold that address.
Hero Accounting & Business Solutions takes the rights of the individual seriously and ensures that the privacy of our partners is protected in accordance with the law.
What this means to you.
The Data Subject
Data Subject means an individual who is the subject of personal data. In other words, the individual whom particular personal data is about.
The Data Controller
According to the Information Commissioner’s Office (ICO), a Data Controller is an individual or organisation who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
Hero Accounting & Business Solutions is the Data Controller. Hero Accounting & Business Solutions Ltd ‘s head office address is Hero Accounting & Business Solutions Ltd, 512 Maidstone Road, Blue Bell Hill Village, Chatham, ME5 9QN, UK.
If you have any questions or issues regarding the data that we may hold on you as an individual please contact Ana Bernal Lopez (Director) on 07427 915 176 or by email at info@heroaccounting.co.uk
Processing of Personal Data
We hold only essential personal data required by anti-money laundering regulation.
The personal data that we hold includes your name, job title, date of birth, email address (where available), telephone numbers (including mobile), passport, NI number, login details for HMRC gateway. If your business is operated from your home we will also hold your home address for deliveries and invoicing purposes. Your passport, NI number, and
The Legal Basis for Processing your Personal Data
The legal basis that Hero Accounting & Business Solutions relies upon to process your personal data is Legitimate Interest. This is valid while you are a potential or active customer, and for a period of time after you cease to be an active customer.
The official definition of Legitimate Interest can be found at www.ico.org.uk
We believe that we have a legitimate interest in holding and processing your personal data for the reasons stated here.
Purpose of Processing Data
It is important that the Data Controller stores a minimal amount of information about the staff of our business partner companies in order that we can provide efficient and prompt service when we contact them or they contact us regarding business transactions.
It is in the interests of both the Data Controller and the Data Subject and their employer for the Data Controller to contact the Data Subject with details of new products, services and innovations.
Without such updates the Data Subject’s company cannot effectively evolve their product offering to keep in line with or ahead of market trends.
It is also in the interests of the Data Subject to be informed of any special offers and prices that the Data Controller may offer from time to time. Such offers enable the Data Subject’s business to pass on cost savings to their own customers and prospects to gain additional orders, or to make increased profit on existing orders.
This feed of product, innovation, service and price information allows the Data Subject to make an informed choice regarding whether or not to contact the Data Controller to make further enquiries or to place an order.
In addition to the marketing communications detailed above we also send targeted communications to Data Subjects if there is a change that affects a product that the customer is buying from the Data Controller. For example, if the price changes or the product is modified, superseded or discontinued we will advise all relevant customers. This is a ‘Service’ communication aimed at informing the customer of a change to the products they use, not a ‘marketing’ communication designed to increase sales for the Data Controller. Without these service emails customers will be unware of changes to the hardware that they use until they receive the new product. This could result in them having pre-prepared windows and doors for a hardware product that can no longer be supplied, meaning that they would have to scrap the windows and doors at their cost or engage in a dispute with the Data Controller over culpability. Similarly if they are unaware of changes to pricing this could result in a dispute over unpaid invoices. This could lead to the Data Controller not being paid or the customer being put on stop. Both of these actions could affect a company’s credit rating. Ultimately it could lead to the two companies ceasing to trade with each other.
The data that the Data Controller holds is minimal and is only used to ensure that our communications with other companies are directed to the correct people. The Data Controller does not share any personal data with 3rd parties with the occasional exception of independent mailing houses if we outsource a postal or email mailshot.
Necessity to Process Data
It is necessary to send the information detailed under ‘purpose’ to a named individual at a business by email, post, visit or via a telephone call.
Sending a blanket communication to a company without marking it for someone’s attention will result in the message failing to get through in a high percentage of cases. By naming the individual we ensure that only relevant communications get through to the Data Subject, therefore minimising irrelevant correspondence.
Only by storing minimal personal data can we provide efficient service and responses when being contacted by, or making contact with, a Data Subject in the pursuit of a business transaction.
Keeping your Personal Data Secure
All data held pertaining to our business partners is securely held within our password protected Enterprise Resource Planning (ERP) system and Contact Relationship Management (CRM) system. The servers for both are fully maintained and updated to protect against cyber-threat.
In the event of a member of staff leaving the employ of Hero Accounting & Business Solutions, their access to our CRM and ERP is immediately blocked.
Sharing of Personal Data
The data is not shared with personnel from organisations other than Hero Accounting & Business Solutions Ltd, with the exception of occasions where we might employ the services of a 3rd party professional mailing house, in which case only the bare minimum information will be extracted from our system and supplied as a csv or excel file. However, we may need to disclose information to the authorities or professionals (e.g. solicitors, insurers or banks) in the event of a dispute or for legal reasons.
Profiling
Hero Accounting & Business Solutions Ltd does not engage in data profiling.
How long does Hero Accounting & Business Solutions Hold Personal Data for?
Hero Accounting & Business Solutions Ltd will hold your data for as long as your company trades with us or until we are notified that you have left the company or changed your position within the company to a role that does not necessitate contact with or from Hero Accounting & Business Solutions Ltd.
When we are aware of you leaving or changing roles in this way we must keep your data for seven financial years as per HMRC’s instructions for limited companies https://www.gov.uk/running-a-limited-company and for self-employed https://www.gov.uk/self-employed-records.
After seven years, we will remove your data from our systems.
Reviewing our Privacy Policy
Our Privacy policy is reviewed annually. In the event of changes to data collection legislation or guidelines we will review the policy in the intervening period. The policy was last updated on 16th May 2018.
Opting Out
You can opt-out of receiving ‘marketing’ emails from Hero Accounting & Business Solutions at any time. If you would like to opt out please contact us and tell us and we will exclude you from future ‘marketing’ emails. Please note though that if you opt out we will continue to hold your personal data on our ERP and
CRM. This is to enable us to continue to contact you for non-marketing business-related reasons (e.g. sending you relevant quotes, order acknowledgements, invoices, arranging visits etc). We will also continue to write to you by email or post with details of any price or product changes (including discontinuations) that are relevant to products that you buy from Hero Accounting & Business Solutions.
If you prefer us to remove your details completely you can ask for your personal data to be erased (see below) from our ERP and CRM. However, if your details are erased we will be unable to keep you informed about changes to products relevant to you and your company, as outlined above, and will accept no responsibility for any issues arising.
Your Rights
You should understand your rights as an individual as shown below:
Right to Erasure – Under Article 17 of the GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. We have one month in which to remove your personal data. The right is not absolute and only applies in certain circumstances. Reasons for rejecting a request can be found at ico.org.uk. However, it is unlikely that we would refuse a request for erasure.
Right to Request Rectification – The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete. You can make a request for rectification verbally or in writing. Hero Accounting & Business Solutions has one calendar month to respond to a request. In certain circumstances we can refuse a request for rectification as detailed at ico.org.uk. If we believe that an error has not occurred we will leave the data unchanged. You will be advised of the outcome.
Subject Access Request – You have the right to access your personal data and supplementary information held by Hero Accounting & Business Solutions. This right of access allows you to be aware of and verify the lawfulness of the processing. We will provide this information free of charge unless you request further copies of the same information, in which case we are permitted to charge an administration fee. We are also permitted to charge a reasonable fee if the request is ‘manifestly unfounded or excessive, particularly if it is repetitive’. See ico.org.uk for further information.
Registering a Complaint
If you feel that we are not dealing with you fairly or are not respecting your rights as an individual, please contact us directly. We promise to respond. If you are still not satisfied then you are at liberty to complain directly to the ICO via their website ico.org.uk
Contacting Hero Accounting & Business Solutions Ltd
If you need to contact us regarding your personal data you can do so by writing to us at the address below.
Ana Bernal Lopez
Hero Accounting & Business Solutions Ltd
Flat 3, 2 Bakers Close
Aylesford, ME20 7UT
You can also email us at info@heroaccounting.co.uk or call us on 07864 067 108 (ask for Ana Bernal Lopez).