At Back Office Support Solutions Ltd (BOSS), we’re committed to protecting and respecting your data and privacy.
This Policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may update this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website or engaging with us, you’re agreeing to be bound by this Policy.
Any questions regarding this policy and our privacy practices should be sent by email to the Data Protection Officer at firstname.lastname@example.org. Alternatively, you can telephone them on 0207 727 1129.
1. Who are we?
We’re Back Office Support Solutions Ltd (BOSS), a specialist accounting and business advisory firm to London based SMEs (company number 04992067).
2. How do we collect information from you?
We obtain information about you that you enter when you use our website. We also collect other information from you directly or via email, in the main, in order to perform the services you have asked us for.
3. What type of information is collected from you?
The personal information we collect from you is as follows if you complete any of these forms on our secure website:
<Careers at Ask the BOSS> we ask you for your name, email, telephone number and message
<Contact> we ask you for your name, email, telephone number and message
<Free Consultation> we ask you for your name, email, telephone number and message
<New Starter Form> title, name, NI number, DoB, address, email, telephone number, next of kin details including their contact details, start date, job title, salary, working hours, benefits, bank details.
Google Analytics™- a third party tracking service collects information about how our website is used. We use information to report on usage and volume statistics. We have no access to or control over these cookies. The cookies cannot identify you but more Information about Google Analytics™ can be found at http://www.google.com/intl/en/analytics/privacyoverview.html
5. How is your information used?
If you sent us data corresponding with any of the forms above (point 3), then we may use that data only for executing your request.
We will not use your information for marketing purposes unless the appropriate permissions have been acquired.
As a prospective client we may need to use your personal information for communicating with you about the services that you have requested. If you are a client we may need to use your personal information for executing the services you have engaged us to undertake.
6. Who has access to your information?
We will not sell or rent your information to third parties and we will not share your information with third parties for marketing purposes.
We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing the contracted services to you on our behalf (for example: to process a very complicated tax issue where these skills and experience do not exist in-house). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own marketing purposes.
Please be reassured that we will not release your information to third parties beyond BOSS and its agents for them to use for their own purposes, unless we are required to do so by law.
7. Links to other websites
Moreover, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
8. Using BOSS accounting services
As a client you may be asked to provide additional information and to keep us informed of any changes to your circumstances or that of your business. You may also require additional services or adjustments to the existing services from BOSS.
The type of personal information collected is that to perform and undertake the services you have requested. Additional and updated information may be required from time-to-time in order carry out our obligations or to continue providing these services that you've engaged us to deliver.
If you become a client of BOSS then we use and securely store information and data about you to ensure that we comply with the relevant and latest Anti-Money Laundering legislation. This includes needing to verify your identity if you use any of our accounting services. This verification involves, retaining a certified copy of your photographic identification and a copy of a suitable document for address verification (usually a utility bill).
In some circumstances we may need to verify your identity using the electoral roll and/or any third party credit reference agency. Your consent is not required for this.
10. Your rights - how to access and control your data
You can review, edit or delete your personal data at any time by emailing the Data Protection Officer email@example.com. We respond to all requests to access or delete your personal data as soon as possible, but certainly within 28 days.
Some personal data may be kept in paper form within our office, if needed, although in the main copies are destroyed after they have been scanned into our computer systems.
We will handle all exercise of your data subject rights in accordance with the requirements of the GDPR and any national laws. Should you need to exercise any of your data subject rights please contact our Data Protection Officer (firstname.lastname@example.org).
If you are dissatisfied with the way we have handled your personal data and we are unable to resolve the issue for you, you may take the matter to the Information Commissioner’s Office. Further details can be found via their website at www.ico.org.uk.
11. Where we store your personal data
We will not transfer personal data outside of the European Economic Area (EEA) without complying with the Data Protection Legislation in respect of such transfer. This restriction is also placed on any third party supplier that we use to process or hold any of your data.
If you access or use any of our services outside the EEA, it is your responsibility to ensure that any access you make outside of the EEA, which results in a transfer of personal data, complies with the provisions of the Data Protection Legislation, is done so in a secure environment and you may consider using a virtual private network.
Security precautions are in place to protect the loss, misuse or alteration of your information. When you give us personal information, we take steps to ensure that it’s treated securely.
Any sensitive information is sent to you securely using any of the following:
• two factor authorisation (2FA)
• password protected document (password sent to you via SMS)
• secure portal eg. MyXero
12. Changes to our Policy
We may modify or update this Policy when necessary to reflect feedback and changes in our services. Visiting our website and/or using our services after any modification to this Policy will constitute your acceptance of such modification and updates. When we update this Policy we will revise the ‘Updated’ date at the bottom of this policy.
If there are material changes to the Policy or in how we use your personal data, we will notify you either by posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to regularly review this Policy to keep abreast how we are using and protecting your information.
13. Duration of Processing
We retain and manage all information submitted to us in accordance with our Data Retention Policy and we hold it for as long is necessary by law.
Updated: May 2018