GDPR Compliance Statement for LBH Accountancy Services Limited
What is GDPR?
GDPR stands for General Data Protection Regulations which we adhere to along with The Data Protection Act 2018. The regulations aim to standardise protection laws and the processing of data across the EU, allowing individuals more rights to access and control their personal information.
What LBH Accountancy Services Limited do in regard to GDPR
LBH Accountancy Services Limited processes personal data both as a controller and as a processor. We are committed to ensuring the security and the protection of the personal data which we process, and to provide a compliant and consistent approach to data protection.
Under the terms of GDPR, we collect, store, and process personal data e.g. contact details, bank account details, email addresses, national insurance, passport, payroll and PAYE numbers. We only collect information which is required for us to act in the services you have engaged us to provide to you.
We have conducted a data mapping exercise to establish what data we hold, where we hold it, where the data comes from, how and why it is processed and where the data potentially goes. This enables us to keep track of the all the data we hold and to ensure that it is safe and complies with the regulations.
Our Policies
We have updated our privacy policy together with our letters of engagement. These documents allow you to see how, where, why and for how long we retain and may process your personal information.
Consent and lawful basis for processing data
Your consent to process your data is documented in our letters of engagement. These are currently being updated. By signing our letter of engagement, you are consenting to us holding and processing your information. As we are a private sector organisation, we can process data without consent if we have a genuine and legitimate reason, unless this is outweighed by the harm to individual rights and interests. To fulfil our obligations for services which you have contracted us to supply to you, means that we need to hold personal data. We only process personal data, for which you are responsible, at your request, in accordance with the agreement we have with you or required by law.
Your rights
Under SAR (Subject Access Request) you are allowed to ask for a full or partial copy of all the information which we hold about you. A subject access request from a service user must be made formally in writing addressed to the managing director. You have the right to ask for the information to be updated or deleted. We will supply personal information for you to view within 30 days and free of charge. We will only delete your records when we have your written consent, but we may have to keep some information to comply with any legal obligations.
Data Protection
We take the privacy and security of all our client’s information very seriously. We take every reasonable measure to protect and secure personal data that we process. We are constantly evaluating potential threats to the data we hold. Potential threats are constantly evolving as technology advances, to help us ensure that our data is secure we are in regular contact with our IT consultants. We have various security measures in place such as restricted access, secure password policies, data encryption, secure automatic encrypted backups both on and off site, robust endpoint security systems, automatic operating system updates and secure patch management.
Employees
We understand that continuous employee awareness and understanding of GDPR is vital for the continued compliance of the GDPR and have involved our employees in the preparation plans
What happens if we discover a breach of data?
We are registered with the Information Commission Office (ICO) our registration number is Z554242X.
We will inform you of any breach or suspected breach that might compromise your data or put it at risk. If we suffer a breach of data, we have a legal duty to report this to the ICO with 72 hours of discovery.
Contacting us
LBH Accountancy Services Limited is committed to meeting all our obligations to you. If you have any questions with regards to these matters please contact us at admin@leachbriely.co.uk and we will be happy to discuss your queries further.
Further information in regards to GDPR is available at:-
Or the UK Information Commission at