This is the privacy notice of Russell & Co Bookkeeping Ltd, trading as Signpost Financials, Registered Company No. 10643611, registered in the UK. VAT No: 287 587 534
Our registered office is at Station House, Station Approach, East Horsley KT24 6QX.
Our firm has a nominated individual responsible for data under the GDPR: Bridgit Winn-Taylor, Bridgit@signpostfinancials.co.uk
The role undertaken is twofold, namely; The Data Controller and the Data Processor.
A Controller determines the purposes and means of processing personal data and a Processor is responsible for processing personal data on behalf of a controller.
The seven rights of the Data subject are:
1. Right to be informed
The right to be informed encompasses the obligation to provide “fair processing information”. It emphasises the need for transparency in the use of personal data.
2. Right of access
Data Subjects have the right to access their personal data and supplementary information. The right of access allows individuals to be aware of and verify the lawfulness of the processing.
Such a Data Access Request will be provided free of charge within one month, with the following exceptions/provisos:
a) Such a request is manifestly unfounded or excessive;
b) Such a request is repetitive;
c) Such a request requires copies of previously provided information.
In the event of charges being raised the firm will notify in advance such costs which in any event will be based on the administrative cost of providing the requested information.
In the event of manifestly unfair or excessive requests we may refuse to respond to the request and any such refusal will be notified to the requester [data subject] with a reason for the refusal and, in addition, information as to the data subject’s rights to complain to the supervisory body or judicial authority within one month of such a request being received.
3. Right to rectification
The GDPR gives Data Subjects the right to have personal data rectified. Personal data can be rectified if it is inaccurate or incomplete.
4. Right to erasure
This right is to enable a Data Subject to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
5. Right to restrict processing
Individuals have a right to ‘block’ or suppress processing of personal data. When processing is restricted, storage of the personal data is permitted, but not to further process it.
Information can be retained just enough for the individual to ensure that the restriction is respected in future.
6. Right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
7. Right to object
The right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.
As well as this notice to the Right to Object in this policy, we will, in all initial communications with a data subject, inform them of this right separately from any other information.
In addition, a Data Subject has the right to make a complaint to the Information Commissioner’s Office [ICO] on-line, by phone or in writing to: https://ico.org.uk/concerns/
T: 0303 123 1113
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF