Who we are
What personal data we collect and why we collect it
We collect personal data through the contact forms on the website, which is information required to either contact you, your referral, or information we require to process your Self-Assessment Tax Return to HMRC.
Embedded content from other websites
Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
We do not share your personal data with third party businesses. Your personal data is used for the purpose of contacting you, liaising with HMRC on your behalf and processing your tax return to HMRC.
What rights you have over your data
For clients that register through our contact forms, we store the personal information provided onto our company database.
You can request to receive a copy of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
How long we retain your data
We will only retain your personal data for as long as:
- it is needed for the purposes set out in this document
- the law requires us to
In general, this means that we will only hold your personal data for a minimum of 1 year and a maximum of 7 years.
Where we send your data
Visitor comments and/or details entered into contact forms may be checked through an automated spam detection service.
Your contact information
Your contact information is stored on our company database for the purpose of contacting you only, this is not shared with any third party companies.
How we protect your data
We are committed to doing all that we can to keep your data secure. Our website has an SSL Certificate which encrypts the information you provide through the contact forms as it moves across the internet. We also have added security and verification to our database and email systems to protect our client’s personal data as best as we can.
What data breach procedures we have in place
We have a process to notify the ICO of a breach within 72 hours of becoming aware of it, even if we do not have all the details yet. We have a process to inform affected individuals about a breach when it is likely to result in a high risk to their rights and freedoms. We document all breaches, even if they don’t all need to be reported.
Changes to this policy
If these changes affect how your personal data is processed, GDS will take reasonable steps to let you know.
Last updated 01 July 2018