Privacy Policy
This document is correct as at 24th April, 2024.
Abbiss Cadres LLP (“Firm”, ”we”, “our” “us”) are committed to the protection of your privacy. This document sets out key information relating to the how we use personal data about you, how we share it, and how you can exercise your rights in respect of it. It is addressed to our clients, potential clients, individuals in respect of whom we provide services or with who we deal on behalf of our clients, visitors to our website, and those who subscribe for our communications, who seek further information about our services or with whom we deal in connection with our business.
We may update this document from time to time. The latest version will appear on our website.
We deal with your personal data in accordance with UK data protection laws and the General Data Protection Regulations “GDPR” (together the “Data Protection Legislation”). This document is drafted in compliance with the Data Protection Legislation and may be updated from time to time in accordance to changes in UK law.
We are a “data controller” in relation to your personal data. This means that we are responsible for deciding how we hold and use personal information about you. Our contact details are: Abbiss Cadres LLP, 4th Floor (South), 14 Austin Friars, London EC2N 2HE. Telephone: +44 (0) 203 051 5711. Abbiss Cadres LLP is a limited liability partnership registered in England and Wales with number OC339497.
Third-party links
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and when you leave our website we encourage you to locate and consider the privacy policy applicable to every website you visit.
Types of personal data we may collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where your identity has been removed (anonymous data).
The following is a list of personal data we may collect about you
“Identity Data and Biographical Data” including first name, maiden name, last name, marital status, title, date and place of birth, nationality, gender, tax status, passport / national identity card details and country of domicile, your employment and employment history, job title and roles, earnings (particularly where we provide tax/social security advisory or compliance services to you), education, interests and other information relevant to our provision of professional services or our relationship with you or which you share with us voluntarily.
“Contact Data” includes billing address, delivery address, email address and telephone numbers.“Financial Data” includes bank account details and data relating to your financial status and for fraud prevention purposes.
“Transaction Data” includes details about payments from you and other details of matters on which you have instructed us and/or products and services you have purchased from us as well as information gleaned from meetings with you including your aims in seeking professional services from the Firm.
“Technical Data” includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
“Usage Data” includes information about how you use our website, products and services.
“Marketing and Communications Data” includes your preferences in receiving marketing from us and your communication preferences and your feedback and survey responses obtained through professional and/or social interaction.
How we collect your personal information
We collect data from and about you in various ways including from:
Direct interactions. You may give us information about your identity, contact and job data by giving us business cards in hard or electronic copy, by filling in forms (including electronic forms on our website) or by communicating with us by telephone, email, post, or otherwise, or briefing us when you meet with us in person. This includes personal data you provide when you:
- meet with us or attend at business events organised by us or by third parties;
- enquire about the services we provide;
- instruct us to provide you with services;
- subscribe to our publications; or
- request information about the Firm to be sent to you.
Automated technologies or interactions. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
From third parties or publicly available sources. Information about you may also be supplied to us by your organisation or your agents, advisers or other intermediaries or persons acting on your behalf, or by other clients of ours. We may also receive personal data about you from various third parties and public sources as set out below:
- Technical Data from analytics providers (such as Google).
- Identity and Biographical Data, Contact and Financial Data from publicly available sources such as the Electoral Register, the London Stock Exchange and other public stock exchanges, Companies House (a UK government agency), organisation websites and industry directories, and via providers of other UK and international publicly available data sources which also access public resources such as sanctions lists, watch lists, data from law enforcement agencies and other public sources.
How we use information about you
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- Where you have consented to such use;
- Where we need to perform a contract we have entered into with you, or to take steps at your request before entering into a contract with you;
- Where we need to comply with a legal obligation that the Firm is subject to;
- Where it is necessary for our legitimate interests pursued by us or any third party and your interests and fundamental rights do not override those interests.
We may also use your personal information in the following situations, which are considered unlikely to arise:
- Where we need to protect your vital interests (or someone else’s interests); or
- Where it is needed in the public interest or in the exercise of an official authority vested in the Firm.
We set out below the purposes and our legitimate interests for which we may use your personal data. How we use personal data may vary as between individuals depending on their relationship to the Firm and includes:
- Preparing and communicating to you or your organisation a proposal in relation to services we may offer and the terms of such provision and for general marketing to you of the firm’s services.
- For completing the client engagement process (including the carrying out of “know your client” checks).
- For providing professional or other services to you and for carrying out your instructions to the Firm.
- For managing our relationship with you, including for invoicing and credit control, for financial record-keeping purposes and more generally for the proper operation of our Firm including the analysis of our financial/commercial performance, and for dealing with any feedback or complaints you may have in relation to the provision of our services or the activities of the Firm.
- For training our staff and monitoring and managing the delivery of our services.
- For administering and protecting our staff, our business, and its website, premises, visitors, and systems (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) and our communications.
- For the purposes of seeking our own legal or regulatory advice or to prosecute or defend any claims or potential claims which may come to our attention.
- Compliance with our legal and regulatory obligations, such as anti-money laundering laws, data protection laws, and tax reporting requirements, and to comply with Court orders.
- Using data analytics to improve our website, products/services, marketing, client relationships and experiences.
- Communicating with you to: make suggestions and recommendations to you about services; to market our services and those of the firms which are members of the CELIA Alliance of international professional services operated by the Firm or which contribute to our marketing efforts or those of the CELIA Alliance; advise you of developments in relation to the areas of law, tax and consulting in the UK and internationally which we believe may be of interest to you.
How we use sensitive personal information
The provision of our services to you may also require us to process special categories of personal data (including data relating to racial or ethnic origin, political opinions, religious beliefs, trade union membership, health and sexual life) and / or data relating to criminal convictions and offences. Such special category data is subject to additional protection. We may only process such personal data with your explicit consent or the processing is necessary for the establishment, exercise or defence of legal claims, or for reasons of substantial public interest or where you have made such data public.
Data sharing
In addition to our own staff we may share your data with third parties who process your data on our behalf, when required by law to do so, where it is necessary to administer the commercial relationship with you or where we have another legitimate interest in doing so.
We currently share personal data with the following categories of third party:
- Consultants retained by the Firm to provide professional and other services on our behalf;
- Providers of tax and payroll software and administration services (where we offer tax or social security or payroll advisory or compliance services);
- Providers of the Firm’s financial administration software;
- Providers of the Firm’s data storage and database services;
- Providers of marketing platforms for the mailing of electronic communications to you and the storage of relevant marketing information including your preferences for mailing content;
- IT Consultants;
- Marketing and business development consultants; and
- Our own legal and professional services providers and insurers, where appropriate.
We are required to ensure that all such third parties are obliged to take appropriate security measures to protect your personal information. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
To ensure that your personal information receives an adequate level of protection we have put in place appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects Data Protection Legislation.
We may also share your data with other third parties who do not process your data on our behalf.
These include:
- Parties we engage to assist in providing services to you, such as lawyers (including barristers), other professional services firms, translators and / or couriers;
- Intermediaries and service providers whom we may introduce to you;
- Potential purchasers and their advisers in the event of the potential or actual sale or purchase of all or part of our business or assets, subject to all applicable confidentiality obligations; and
- Courts and other competent authorities (including regulatory authorities) in connection with legal action and the proper provision and administration of our services.
YOUR RIGHTS IN RELATION TO YOUR DATA
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. We will consider any such request carefully against the applicable statutory provisions.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; the processing is unlawful and you oppose the erasure of the data and propose its restriction instead; if we no longer need the personal data for the purposes of the processing but they are required by you for the establishment, exercise or defence of legal claims; or, you have objected to processing pending verification of whether our legitimate grounds for processing override yours.
- Request the transfer of your personal information to another party.
- Object to our use of your personal data based on our or a third party’s legitimate interests on grounds relating to your particular situation.
- Withdraw your consent for us to process your data where that processing is based on that consent.
- Complain to the Information Commissioner’s Office if you consider that we are not processing your data in accordance with the Data Protection Legislation.
If you want to exercise any of these rights please contact us on privacy@abbisscadres.com or by post to “Privacy Partner” at our address as stated above.
Opting out
You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out or unsubscribe links on any marketing message sent to you or by contacting us at any time.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us at privacy@abbisscadres.com . Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
International transfers
We may transfer the personal information we collect about you to a Consultant of the Firm resident in Kazakhstan. There are no adequacy regulations in respect of that country. This means that the country to which we transfer your data is not deemed to provide an adequate level of protection for your personal information.
However, as authorised by law we have put in place the following appropriate safeguard to ensure that your personal information is protected and that enforceable data subject rights and effective legal remedies are available to you:
- An International Data Transfer Agreement as approved by the Information Commissioner under section 119A (1) of the Data Protection Act 2018. Further information about this protective measure is available from privacy@abbisscadres.com.
The provision of our services to you may require us to transfer personal data outside the European Economic Area to other jurisdictions which may have inferior levels of data protection. We will ensure that any such transfer meets the requirements of the Data Protection Legislation.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties acting on our behalf who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In many cases this will mean that we shall retain your personal data for the same period as we retain your files or a copy of your files. If you are a client of the Firm then we will usually retain our file of the matter (which may include personal data) for 16 years.
Data protection responsibility
If you have any questions about this privacy policy or how we handle your personal information, please contact us at privacy@abbisscadres.com, on +44 (0) 203 051 5711 or by post to Privacy Partner at our address as stated above.
Changes to this privacy policy
We reserve the right to update this privacy policy at any time. We may also notify you in other ways from time to time about the processing of your personal information.