Who are we
This policy applies to the following businesses:
- Simon Silver-Myer – Firm of Chartered Accountants, business and tax advisors
- SSM Solutions Limited – Registered Company number 04614587. Registered office 8 Durweston Street, London W1H 1EW. Registered in England and Wales
- Durweston Management Services Limited – Registered Company number 02706069. Registered office 8 Durweston Street, London W1H 1EW. Registered in England and Wales
This privacy statement explains how we collect and use personal information about our clients. It is a requirement that we have this privacy statement in order to comply with the current Data Protection Law (“GDPR”). Our firm is an independent controller within that legislation.
Details of how to contact us can be found below in the “contact information” section of this notice.
The data we collect about you
We use your data for various purposes connected with the services that we provide to you or your employer, or in compliance with regulatory or legal requirements.
We generally collect data from you directly, but we may also collect data from third parties such as:
- HMRC and Other governmental organisations
- Any person or entity nominated by you (e.g. family, estate office, third party companies or business which may hold information we require and which you consent to).
- Other advisors and intermediaries (such as solicitors, banks, land agents and independent financial advisors), both current and previous.
- Publicly available sources, such as Companies House
- Your agents and representatives, such as your power of attorney
- Other professional services providers that provide services to you
What data we collect and for what purpose will vary depending on which services you engage us to deliver.
- If you instruct us to provide services to you, we will collect your name, gender, nationality and address, including country of residence. We are also required to collect information such as passport information, driving licence or ID card details and National Insurance number. You also may provide us with additional contact information (such as your mobile number)
- For businesses, incorporated or otherwise, we will collect the business name and address, business and mobile telephone numbers, email address, Government Gateway username and passwords and, at times, HMRC shared secrets, VAT registration number and quarter dates, PAYE reference and PAYE accounts office reference, and the business accounts year end.
- We will collect information such as your sort code(s), account number(s), pension information and bank statements. We may also collect certain financial information from credit checking service providers.
- We will also collect any financial information necessary to provide our services to you, which may include (but is not limited to) pension information, details of your income and expenses, and of gains on the disposal of assets. You or HMRC may provide us with your HMRC client data, such as your unique taxpayer reference
- Records of communication that you have with us.
- If you are a private client, we may collect information contained in your will, details of your dependant(s), marriage certificate and child benefit number.
- We may need to collect information about any trust that you are a trustee or beneficiary of. This may include details of your financial circumstances, the benefit that you may be entitled to and other information such as trust deeds and trust minutes.
- Records of your use of our website
- We may collect a referral letter from a third party (such as a financial institution or adviser (current or previous).
- Other information that you provide to us voluntarily
For what purpose do we use data about you, and on what legal basis
We will use data about you for the following purposes:
- To provide our professional services to you which includes:
- Advisory work
- IR 35
- Trust entry, 10-year and exit charge returns
- Payroll and P11Ds
- VAT registration and returns
- Account completion
- FATCA/CRS and other regulatory reporting
- Investment tracking
- Wealth reviews
- Completion of tax returns and related filings
- Invoice processing (supplier, self-employed and sales)
- Bank transaction processing
- Management reporting
- Grant applications
- Charity Commission annual returns
- Bank form completion
- iXBRL accounts
- Companies House returns and other company secretarial services
- Company tax returns
- Due diligence
- Reporting accountants
- Employment related securities filing
- ATED returns
- Tax claims and elections
- r185 form completion
- To make payments on your behalf.
- To create and manage records of your involvement with us and to communicate with you.
- If you provide your consent to share data with financial institutions, employers or landlords for the purposes of mortgages, leases and other financial references.
- To verify your residence and identity in order to comply with our legal and regulatory requirements.
- To comply with legal and or regulatory obligations.
- To make suggestions and recommendations to you about our services that may be of interest to you
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract, we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Where none of the above applies, we will ask for your consent to process data.
How long will data about you be kept?
We store data in accordance with legal, regulatory, financial and best-practice business requirements. Once our contract with you ends, we will securely delete/destroy your data in line with our data retention policies.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share or sell your information with third parties for marketing purposes.
Any staff with access to your information has a duty of confidentiality under the ethical standards that this firm is required to follow.
Third Party Service Providers working on our behalf
We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf, for example to process payroll or basic bookkeeping. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own purposes.
Please be assured that we will not release your information to third parties unless you have requested that we do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention and detection of crime, fraud or corruption.
How you can access and update your information
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email or write to us, or call us using the ‘Contact information’ noted below.
You have the right to ask for a copy of the personal information we hold about you.
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We may occasionally contact you by post / email / telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated under ‘Contact information’ below.
Your Legal rights as a Data Subject
At any point while we are in possession of or processing your personal data you, the data subject, have the following rights:
- Access to your information – you have the right to request a copy of the information that we hold about you. On receipt of such a request we will endeavour to respond to you as soon as possible, but at least within one calendar month. You must provide us with 2 forms of personal identity to ensure that we only disclose to you information which is relevant to you personally.
- Correcting your information – We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information, but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue. You have the right at any time to require us to stop using personal information for direct marketing purposes.
- Right to judicial review: in the event that Simon Silver-Myer and our other businesses refuses your request under rights of access, we will provide you with a reason as to why. You have the right to lodge a complaint with the Information Commissioner’s Office.
If you wish to exercise any of the rights set out above, please contact us.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Changes to our privacy notice
We may update this notice (and any supplemental privacy notice), from time to time. We will notify you of the changes where required by law to do so.
Last modified 21 May 2018.
If you have any questions about this privacy notice, including any requests to exercise any of the rights detailed above, please contact us at firstname.lastname@example.org
We seek to resolve directly all complaints about how we handle your personal information, but you also have the right to lodge a complaint with the Information Commissioner’s Office at
Information Commissioner’s Office
Cheshire SK9 5AF
Telephone – 0303 123 1113 (local rate) or 01625 545 745
We would appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.