Basis of and scope of data storage

We store and process data only as agreed by the client or as required in order to perform services requested by the client. We regard all details we do store as confidential.

We do not engage in any profiling activities.

We never share data with 3rd parties (e.g. for advertising, marketing, data analysis or similar).

How we obtain data:

Data we hold will consist solely of information that you provide to us (e.g. contact details you enter on forms or correspondence) or is determined through your direct interaction with our website (e.g. your IP address).

Data we hold consists of:

Contact information:

Your name. Company name (if applicable). Postal address. Country. Email addresses (if applicable). Telephone number (if applicable).
This is used so that we can contact you when needed (e.g. to send invoices, certificates you have requested, communicate information affecting your account or our service to you, etc.)

Payment information:

Payee name. Billing contact details (if applicable). Date and amount of payments.
This data is kept purely to allow cross-checking in the event of accounting imbalance, customer payment enquiries or investigation by tax authorities (i.e. mandatory accounting requirements).

Enquiries we have received via email, web-form or post.

We may also store your IP address for security reasons and to enable us to investigate technical problems
  

Retention policy:

We retain personal data that you supply for as long as you are a client with an active account, and for as long as we are legally required to do so (e.g. by tax and accounting regulations).

Where data may exist on back-ups, these are regularly changed and expired files (etc.) are securely disposed of when backup media is expired or replaced.

General enquiries via web-form, email or post:

These are generally kept for a number of years so that we can refer back to them if you send a follow up to our reply, after that they are deleted: At scheduled times throughout the year enquiries over the specified number of years old are removed.

The number of years will depend on the type of enquiry and how it was submitted:

Any correspondence that may potentially relate to a financial transaction, currently active registration or client account, is treated the same as tax records (tax records are legally required to be stored for a minimum of 6 years) and deleted after 7 years.

All other correspondence is deleted after 2 years.