Privacy notice

1. Purpose of this notice

This notice describes how we collect and use personal data about you, in accordance with current applicable UK Data Protection Legislation together with other laws which relate to privacy and electronic communications. In this notice, we refer to these laws as “Data Protection Law”.

Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

2. Who does this privacy notice apply to?

This privacy notice applies to individuals who:

Are a client.
Are a prospective client.
Agree to receiving marketing communications from us.
Visit and use our website.
Visit any of our offices.
Apply to work for us.

3. Who are we?

“We”, “us”, “our”, “ours” and “Kreston Reeves” as referred to in this notice means:

Kreston Reeves LLP

37 St Margaret’s Street

Canterbury

Kent

CT1 2TU

Registration Number: OC328775

ICO Registration Number: Z5489932

And

Kreston Private Client LLP

37 St Margaret’s Street

Canterbury

Kent

CT1 2TU

Registration Number: OC342713

ICO Registration Number: Z1656331

4. How to contact us

We have appointed a Data Protection Officer (DPO), who can be contacted in the following ways should you have any questions or feedback about the way your data is processed:

Email: headofprivacy@krestonreeves.com

Mail: Data Protection Officer

Kreston Reeves

37 St Margaret’s Street

Canterbury

Kent

CT1 2TU

5. Where we collect your personal data from

We get information about you from the following sources:

When you request a proposal from us in respect of the services we provide;
When you engage us to provide our services;
When we are performing our services;
When you contact us by email, telephone, post or social media; or
Where we receive information from third parties and/or publicly available resources (for example, from your employer or from Companies House).

6. What data do we collect and how do we use it?

We collect, use, store and process the following information, which we have categorised and grouped together as follows:

PROVIDING YOU WITH AND IMPROVING OUR SERVICES

We collect or use the following information to provide and improve our products and services:

Your personal details (such as your full name, date of birth, nationality, address, national insurance number and bank account details)
Details of any services you have received from us
Details of contact we have had with you in relation to the provision, or the proposed provision, of our services
Our correspondence and communications with you
Information from research, surveys, and marketing activities; or
Information relating to compliments and complaints
Usage data (how you interact with and use our website, products and services)
Transaction data (details about payments and details of products and services)
Website user account information and access
Website user journeys and experiences
Information we receive from other sources, such as publicly available information or information from Kreston Global member firms.

Applicable lawful basis:

Performance of a contract
Legal/ regulatory obligation
Legitimate Interest: To ensure the security of our websites and systems, to improve and enhance our products and services, to provide a personalised service and to understand the usage of our website and services.

DEALING WITH QUERIES, COMPLAINTS OR CLAIMS

We collect or use the following personal information for dealing with queries, complaints or claims:

Names and contact details (address, telephone number or email address)
Engagement information
Relevant information from previous service reviews
Correspondence
Any other personal data relevant to the query, complaint or claim.

Applicable lawful basis:

Performance of a contract
Legal/ regulatory obligation
Legitimate Interest: To improve and enhance our services and to provide a personalised service.

MARKETING, RESEARCH AND SURVEYS

We collect or use the following personal information for information updates or marketing and research purposes:

Name and contact details (address, telephone number or email address)
Marketing preferences
Profile information
Survey responses
Feedback questionnaires

Applicable lawful basis:

Consent
Legitimate Interest: To improve and enhance our products and services, to provide a personalised service, to promote our products and services via direct marketing. To determine the effectiveness of promotional campaigns.

RECRUITMENT

We collect or use the following personal information for recruitment purposes:

Names and contact details (address, telephone number or email address)
Curriculum Vitae (CV)
Employment history (e.g. job application and employment references)
Education history (e.g. qualifications)
Right to Work Information

Applicable lawful basis:

Performance of a contract.
Legal/ regulatory obligation.

WHEN VISITING OUR OFFICES

We collect or use the following personal information for physical security purposes, when you visit our offices:

Names and contact details (e.g. name, car registration, contact number etc.)

Applicable lawful basis:

Performance of a contract.
Legal/ regulatory obligation.
Legitimate Interest – For the safety and security of our people, visitors and assets.

If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Alternatively, we may be unable to comply with our legal or regulatory obligations.

We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.

In some circumstances we may anonymise the personal data so that it can no longer be associated with you, in which case we may use it without further notice to you.

7. Change of purpose

Where we need to use your personal data for another reason, different to the original purpose it was collected for, we will only use your personal data where that reason is compatible with the original purpose.

Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.

8. Your data protection rights

The lawful basis we rely on may affect your data protection rights which are in brief set out below. You can find out more about your data protection rights and the exemptions which may apply on the ICO’s website:

YOUR DATA PROTECTION RIGHTS

Your right of access – You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for. You can read more about this right here.
Your right to rectification – You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete. You can read more about this right here.
Your right to erasure – You have the right to ask us to delete your personal information. You can read more about this right here.
Your right to restriction of processing – You have the right to ask us to limit how we can use your personal information. You can read more about this right here.
Your right to object to processing – You have the right to object to the processing of your personal data. You can read more about this right here.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you. You can read more about this right here.
Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time. You can read more about this right here.

If you make a request, we must respond to you without undue delay and in any event within one month. To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.

Profiling and Automated Decision Making

We may use profiling to enable us to give you the best service, so that we can produce more relevant and tailored communications by having a deeper understanding of your behaviours, interests and personal preferences.

You have the right not to be subject to a decision based solely on automated processing, which has legal effects for you or affects you in any other significant way. We ensure that there are simple ways for you to request human intervention or challenge an automated decision. We also carry out regular checks to ensure that our systems and processes are working as intended.

9. Withdrawing consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose (for example, in relation to certain direct marketing that you have indicated you would like to receive from us) you have the right to withdraw your consent for that specific processing at any time.

To withdraw your consent, please email datateam@krestonreeves.com

10. Data sharing

We will only share your information with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so, for example:

To provide and support the services you have engaged us for.
To verify your identity and check your details.
To authorise payments and any other transactions.
To prevent and detect fraud.
To handle complaints and improve customer service.
To provide or support marketing activities on our behalf.
To perform our regulatory responsibilities.
To provide us with professional advice and specialist support services.
To provide us with IT support and maintenance.
To provide us with IT systems and cloud hosting.
To support in the possible sale or restructuring of the business.

We’ll never make your personal data available to anyone outside Kreston Reeves for them to use for their own marketing purposes without your prior consent.

11. International transfers

When appropriate, for example when we work with foreign professionals on your behalf to provide you with certain services, or where we provide the data at your request. We will transfer your personal data to other professional organisations in countries outside the UK, EU and EEA which do not have the same level of data protection as the UK.

As part of your engagement with us, we will notify you, on engagement, of any non-UK, EU and EEA countries and details of the organisations to which we will be transferring your personal data. We will ensure your personal data is appropriately protected at all times.

We have in place appropriate legal safeguards with professional organisations in non-UK, EU and EEA countries which contractually require your personal data be protected in accordance with the law. For Kreston Reeves LLP only, the professional organisations include the following “Kreston Global” member firms:

Audit and Tax Services:

Vitae International Accounting Services Private Limited

39, Ramakrishna Nagar, New Siddhapudur, Coimbatore-641044, India