We are committed to protecting your personal information and being transparent about what information we hold about you. Using personal information allows us to develop a better understanding of our customers and the services we provide.
What information we may collect about you
When and how we may use that information
In what situations we may disclose your details to third parties
How we keep your personal information secure
How long we maintain it for and your rights to be able to access it
1. Contacting Tax Systems
For the purpose of the General Data Protection Regulation (GDPR) the data controller is known as either:
Tax Systems Limited
ICO Registration Number ZA259790
Tax Computer Systems Ltd (UK and Ireland)
ICO Registration Number ZA189581
Osmo Data Technology Limited
ICO Registration Number Z9013757
FAO: Data Protection Officer
18-32 London Road
Please note: If you wish to opt out of any communication or amend your contact preferences, you can do so by contacting email@example.com or by contacting us as per the details above.
2. What personal information we collect
2.1 Information you give us – For example when you register on our website or by phone we’ll store personal information you give us such as your name, work email address, work postal address, telephone number and mobile number. We will also store a record of all your orders and enquires. This information will be held on our system and may be used for operational purposes, such as the processing of orders in connection with our services and for mailing list subscriptions (see Section 4. How and why we use your personal data).
2.2 Special categories of personal data – data protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions. We do not collect this type of information about our customers unless there is a clear reason for doing so.
2.3 We may also collect generic information about your visit or use of the Tax Systems website such as your IP addresses, geographical location, browser type, referral source, length of visit and number of page views. We may use this information for security purposes as well as, but not limited to, optimising the use of the Tax Systems website. For example, we may use third party contributors such as analytics service providers for website traffic analysis and reporting and to track information such as which browser, screen resolution and IP address you are using to access our website, in addition to tracking your movements around our website.
3. The legal basis we rely on to process your personal data
According to current data protection laws, there is a series of bases under which we may process your data. These include:
3.1 Contractual obligations – when you make a purchase from us, you are entering into a contract with us. In order to perform this contract, we need to process and store your data. For example, we may need to contact you by email or telephone in the case of system upgrades, or in the case of problems with your payment.
3.2 Legitimate interest –
In certain situations we collect and process your personal information to pursue our legitimate interests in a way which might be reasonably expected as part of running our business and which does not materially impact your rights, freedom or interests.
We may also use your contact or previous enquiry history to send you personalised offers or marketing information by email or post about similar services and initiatives that we think may be of interest to you (you may opt-out of receiving these at any time using the contact details at the beginning of this policy).
For research and reporting purposes (we also combine the order history of customers or prospective customers) to identify trends and ensure we provide the best possible customer service.
Please see paragraph 5. Disclosure of your information to check where we may use this basis for processing.
3.3 With your explicit consent – In certain situations, where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information. For example, when you tick an opt-in box to receive specific communications. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service or offer.
3.4 Legal compliance – If the law requires us to, we may pass on details of people involved in fraud or other criminal activity which may affect Tax Systems.
Less commonly, we may process your personal information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent.
4. How and why we use your personal data
To process or fulfil any bookings or orders that you place online, in person or over the phone;
To provide you with marketing information by email or text about relevant products, services and events that you request from us, or which we feel may interest you, where you have consented to be contacted for such purposes, or it is our legitimate interest to do so;
To provide you with marketing information by phone about relevant products, services and events that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes or it is our legitimate interest to do so and we have checked the telephone preference service and our own marketing preference records;
To provide employee training and quality assurance monitoring we may record phone calls;
To provide you with marketing information by post about relevant products, services and events that we feel may interest you, where it is our legitimate interest to do so or you have consented to be contacted for such purposes;
To provide you with marketing communications by post, email, web, text and/or phone about relevant products, services and news of other third parties that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
To provide customer service in relation to your use of the Tax Systems website, software solutions, and services to deal with enquiries and complaints and to notify you about changes to our services;
To enable you to create an account and participate in interactive features of our website, software solutions, and services when you choose to do so;
To provide customer service in relation to your use of the Tax Systems website and software solution, to deal with enquiries and complaints and to notify you about changes to our services;
To administer, support, improve and develop our website and software solutions, ensuring that its content is presented in the most effective manner for you and for your computer;
To improve our website, software solutions, and services, we may analyse information about how you use it and the content that you interact with. We may also monitor users’ use to enable us to analyse customer make-up, track patterns, review other site behaviour in order to determine what other solutions, services, and events you may be interested in, and in order to assist us improve our business generally. We’ll do this on the basis of our legitimate business interest;
To send you surveys and feedback requests to help improve our services – participation in these is entirely voluntary and you therefore have a choice whether or not to disclose any information which might be required. We’ll do this on the basis of our legitimate business interest as this will help us make our products or services more relevant to you;
To provide third parties with statistical information about our customers but this information will not be able to be used to identify any individual user;
To identify and prevent fraud or any other criminal activity.
5. Disclosure of your information
5.2 Direct marketing – we aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as services you have contracted with us for in the past, as well as any preferences you may have told us about. We use your explicit consent or our legitimate organisational interest as the legal basis for communications by post and email. You may opt-out of receiving these at any time using the contact details at the beginning of this policy.
5.3 Email marketing – When purchasing our services, we may send you information about similar products, related services and events which we feel may interest you, where you have consented to be contacted for such purposes, or it is our legitimate interest to do so. You are given the opportunity to opt out from any marketing communication on every subsequent marketing email you receive. You can also opt-out or update your contact preferences at any time by using the contact details at the start of this policy.
5.4 Third parties – We sometimes share your personal data with trusted third parties, including:
Any third party to whom disclosure is necessary to enable us to provide you with any service to which you have subscribed (including, but not limited to, for the purposes of processing payments, or designing, maintaining and administering the Tax Systems website).
Other parties within the Tax Systems group to contact you about events or services which may be of interest to you, only if you have consented to be contacted by third parties for such purposes.
Customer research companies that may work with us to improve our services to you (in this case, all data is treated anonymously).
Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on your acceptance of cookies on our website. Please refer to section 6. Cookies for details.
In order to enforce any terms and conditions or agreements between us.
As part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation (we will always notify you in advance and we will aim to ensure that your privacy rights will continue to be protected).
To protect our rights, property and safety, or the rights, property and safety of others (this includes exchanging information with other companies, organisations and regulators for the purposes of fraud protection and credit risk reduction).
In these cases, we require that these third parties comply strictly with our instructions and with data protection laws.
5.5 If we are required by law or requested by the police or a regulatory or government authority investigating potentially illegal activities to provide information concerning your activities whilst using the network we shall do so. We may also disclose personal information to appropriate third parties to assist in anti-fraud checks and investigations.
In all of the above cases we will always keep your rights and interests at the forefront to ensure they are not overridden by your own interests or fundamental rights and freedoms.
You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the beginning of this policy. Please bear in mind that if you object this may affect our ability to carry out tasks above that are for your benefit.
In order to fulfil our obligations to you and deliver the best possible level of customer of care, we currently use the companies listed in our Sub-Processor lists who will process your personal data (sometimes entirely anonymously) as part of their contracts with us:
6.2 Therefore, we may send a cookie which may be stored by your browser on your computer’s storage. We may use the information we obtain from the cookie in the administration of the Tax Systems website, to improve the site’s usability and for marketing purposes. We may also use that information to recognise your computer when you visit the site, to monitor website traffic and to personalise the site for you.
6.3 If you do not wish us to install cookies on your computer for these purposes, you may change the settings on your internet browser to reject cookies. For more information, please consult the ‘Help’ section of your browser. Please note that if you do set your browser to reject cookies, you may not be able to use all of the features of our site.
6.4 As mentioned above, we may use an analytics service provider (such as Google Analytics) for website traffic analysis and reporting. Analytics service providers generate statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to the site may be used to create reports about the use of the site and the analytics service provider will store this information.
7. Third party sites and contributors
8. Security – How we protect your data
8.1 We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.
We store all the personal information you provide, including your login and user details (where applicable), on our secure servers. All electronic transactions you make to or receive from us will be encrypted using SSL technology.
Only employees and approved contractors/sub-contractors/developers we may appoint from time to time, and who need the information to perform a specific job, are granted access to personally identifiable information.
Our offices and data centre locations are secure and only personnel holding appropriate security passes can access areas where personal data is stored.
When necessary, we dispose of, or delete your data securely.
We ensure that our employees, agents, contractors and sub-contractors are aware of their privacy and data security obligations and we take reasonable steps to ensure that employees of third parties working on our behalf are aware of their privacy and data security obligations.
We limit access to your personal information to those employees, agents, contractors, sub-contractors and other third parties who have a need to know.
8.2 Regular security reviews are held by us to ensure that the site remains safe and secure for your protection.
8.3 Data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
9. International Data Transfer
9.1 Our servers are situated in the UK, however we collect data from wherever users are situated. The information that we collect may therefore be transferred to the UK from any other country in which you may be located, and will be subject to the UK data protection laws.
9.2 Your personal data may also be stored within the European Economic Area (EEA) by Sales, Marketing and Support systems.
9.3 Your personal data may be transferred, processed and/or stored outside the European Economic Area (EEA), for example if the supplier or service provider of our choice is based outside the EU. If we transfer your information outside of the EEA in this way, and the country in question has not been deemed by the EU Commission to have adequate data protection laws, we will provide appropriate safeguards and we will be responsible for ensuring your privacy rights continue to be protected as outlined in this policy. By submitting your personal data, you agree to this transfer, storing or processing.
10. Data retention – How long we will keep your personal data
10.1 We will retain your information, including your name, work address, work email, phone number (where applicable), for the duration of your contract (where applicable) and for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
10.2 To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
10.3 At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning and reporting.
Our retention periods may be extended or reduced if we deem it necessary, for example, to defend legal proceedings or if there is an on-going investigation relating to the information.
11. Your rights
11.1 Under certain circumstances, by law you have the right to:
Access the information held about you (commonly known as a "data subject access request")
Ask us to make any necessary changes to ensure that it is accurate and kept up to date.
Ask us to erase your personal information from our files and systems where there is no good reason for us continuing to hold it.
Object to us using your personal information to further our legitimate interests (or those of a third party) or where we are using your personal information for direct marketing purposes.
Ask us to restrict or suspend the use of your personal information, for example, if you want us to establish its accuracy or our reasons for using it.
Ask us to transfer your personal information to another person or organisation.
You also have rights in relation to automated decision making which has a legal effect or otherwise significantly affects you. We do not carry out any automated processing, including profiling, which produces significant legal effects concerning you.
If you wish to exercise any of these rights, please contact us (see paragraph 1. Contacting Tax Systems).
11.2 You may request us to cease sending you any marketing information at any time by updating your profile and contact preferences online or by notifying us in writing. However, if you withdraw your consent to certain types of processing we may be unable to fulfil our obligations to you (eg. providing customer services).
12. Queries and Complaints
12.2 You have the right to make a complaint at any time to the relevant Supervisory Authority
In the UK this is the Information Commissioner's Office (ICO)
Information Governance department
Information Commissioner's Office
Telephone: +44 0303 123 1113
In Ireland, this is the Data Protection Commissioner
Data Protection Commissioner
Telephone: +353 57 8684800