PRIVACY & COOKIES
The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.
Gundry Stone Ltd values its reputation and aims to maintain high ethical standards in the conduct of its business affairs taking a proactive approach to user privacy and ensuring the necessary steps are taken to protect the privacy of its users throughout their visiting experience. Our website complies to all UK national laws and requirements for user privacy.
We may change this privacy notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy notice for changes whenever you visit our website.
The Data Protection Act 2018 (“DPA 2018”) and the General Data Protection Regulation (“GDPR”) impose certain legal obligations in connection with the processing of personal data.
Gundry Stone is a data controller within the meaning of the GDPR and we process personal data. The firm’s contact details are as follows: 1 Artist Terrace, Heartlands, Pool, Redruth, TR15 3FE. Tel:01209 713414. Email Info@gundrystone.co.uk
Where we act as a data processor on behalf of a data controller (for example, when processing payroll), we provide an additional schedule setting out required information as part of that agreement. That additional schedule should be read in conjunction with this privacy notice.
PERSONAL INFORMATION WE MAY PROCESS
Personal information that we will process in connection with all our services, if relevant, includes:
- Personal and contact details, such as title, full name, email address, date of birth, contact details, address and contact details history.
- Records of your contact with us such as via phone or email, or if you get in touch with us online using our contact form
- Products and services you have purchased from us, as well as have been interested in and have held and the associated payment methods used
- Marketing to you and analysing data, including history of those communications, whether you open them or click on links, and information about products or services we think you may be interested in, and analysing data to help target offers to you that we think are of interest or relevance to you.
Any information we collect about you will come either from yourself, any person who may have referred you to us, or from our advertising or social media platforms.
HOW WE MAY USE YOUR DATA
We use your personal data, including any of the personal data listed in section 1 above, for the following purposes:
- Assessing an enquiry for a product or service, including considering whether or not to offer you the product or service
- Managing any aspect of the product or service
- To improve the operation of our business
- For management and auditing of our business operations including accounting
- To keep records of our communications with you
- For email communications to provide you with relevant information.
- To provide personalised content and services to you, such as tailoring our products and services.
- To develop new services and to review and improve current services
- To comply with legal and regulatory obligations, requirements and guidance
LEGAL GROUNDS FOR PROCESSING YOUR INFORMATION
Our intended processing of personal data has the following legal bases
- At the time you instructed us to act, you gave consent to our processing your personal data for the purposes listed above
- The processing is necessary for the performance of our contract with you.
- The processing is necessary for compliance with legal obligations to which we are subject (e.g. MLR 2017).
- The processing is necessary for the purposes of the investigating/defending legal claims
- For email communications to provide you with relevant information.
- Where we need to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations
SHARING YOUR DATA
We may share information with the following third parties for the purposes listed above:
- Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner’s Office and under the Financial Services Compensation Scheme
- any third parties with whom you require or permit us to correspond
- an alternate appointed by us in the event of incapacity or death
- tax insurance providers
- professional indemnity insurers
- our professional body the Association of Accounting Technicians and/or the Office of Professional Body Anti-Money Laundering Supervisors (OPBAS) in relation to practice assurance and/or the requirements of MLR 2017 (or any similar legislation)
If the law allows or requires us to do so, we may share your personal data with:
- the police and law enforcement agencies
- courts and tribunals
- the Information Commissioner’s Office (“ICO”)
We may need to share your personal data with the third parties identified above in order to comply with our legal obligations, including our legal obligations to you. If you ask us not to share your personal data with such third parties we may need to cease to act.
TRANSFERS OF PERSONAL DATA OUTSIDE THE EEA
Your personal data will be processed in the EEA only.
STORING YOUR DATA
We may use third party tools to store your personal data and keep your information safe, such as a CRM System, cloud storage, as well as our own hard drives and data storage systems.
PROVIDING US WITH YOUR PERSONAL INFORMATION
It is a requirement of our contract with you that you provide us with the personal data that we request. If you do not provide the information that we request, we may not be able to provide professional services to you. If this is the case, we will not be able to commence acting or will need to cease to act.
Unless we explain otherwise to you, we will hold your personal information based on the following criteria:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations and accounts
- For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or
- Retention periods in line with legal and regulatory requirements or guidance.
YOUR RIGHTS UNDER DATA PROTECTION LAW
Here is a list of the rights that all individuals have under data protection laws. They do not apply in all circumstances. If you wish to use any of them, we will explain at that time if they are applicable for example the right of data portability is only relevant from May 2018.
- The right to be informed about the processing of your personal information
- The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
- The right to object to processing of your personal information
- The right to restrict processing of your personal information
- The right to have your personal information erased (the “right to be forgotten”)
- The right to request access to your personal information and to obtain information about how we process it
- The right to move, copy or transfer your personal information (“data portability”)
- Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you
- You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/. You can contact us using the details below.
You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests.
Where you have consented to our processing of your personal data, you have the right to withdraw that consent at any time. Please inform us immediately if you wish to withdraw your consent.
- the withdrawal of consent does not affect the lawfulness of earlier processing
- if you withdraw your consent, we may not be able to continue to provide services to you
- even if you withdraw your consent, it may remain lawful for us to process your data on another legal basis (e.g. because we have a legal obligation to continue to process your data)
Individuals can find out if we hold any personal information by making a ‘subject access request’ under the GDPR law. If we do hold information about you we will:
- Give you a description of it;
- Tell you why we are holding it;
- Tell you who it could be disclosed to; and
- Let you have a copy of the information in an intelligible form.
You can contact us or make an SAR by going to the CONTACT section of our website to exercise these rights or using the contact details below.
If you have requested details of the information we hold about you and you are not happy with our response, or you think we have not complied with the GDPR or DPA 2018 in some other way, you can complain to us. Please send any complaints to Karen Stone at the address below.
If you are not happy with our response, you have a right to lodge a complaint with the ICO (www.ico.org.uk).
Gundry Stone Ltd is registered in England & Wales (company no. 0903215). The registered company address is 1 Artist's Terrace, Heartlands, Pool, Cornwall, TR15 3FE. Email correspondence should be send to firstname.lastname@example.org.
Cookies are small files that hold information; they're placed or 'dropped' on your computer when you access websites or use apps on your device. The data contained in the cookie can be retrieved by the website or app that placed them there. They can also be accessed by websites or apps that have been authorised to use them by the site or app that first dropped them.
Some cookies only exist for a short period of time, and are then automatically deleted by your device. Others last for longer – these are called 'persistent cookies' – and some exist for years unless manually deleted. These can be used to analyse multiple site visits over time, or customise the content that's displayed.
Some cookies are set by the website or app you're visiting; these are called 'first party' cookies. Others may be set by a third party when you use a site or app – for example, by a tool built into the website, or by an advertising network that displays adverts on the site or in the app.
Read more about cookies on the site of the UK Information Commissioner's Office (who regulated data usage).
COOKIES WE USE
Squarespace Cookies: needed for things like logging whether you see error messages – so we can make improvements and fix bugs – as well as allowing you to use shopping baskets (which remember your choices as you navigate our site) and make a purchase.
Analytics Cookies: needed to analyse the performance of this website and create reports on website traffic, sources and popular pages etc. This includes Squarespace cookies and Google Analytics cookies.
Advertising Cookies: needed to inform about your browsing habits (including details of the websites you've visited), which we use to make sure you receive advertising relevant to you. We (or third parties and advertising networks on our behalf) may use them to show you ads we think you'll be interested in across the internet (including on other sites you visit), based on your interaction with our website, app and your browsing history. This may include Google Adwords, Facebook, Twitter, Instagram, Mailchimp and various other display advertising providers.
COOKIES ON WEBSITES WE LINK TO
We often link to other sites to give you extra information or services. Where these are provided by a third party, you may leave our website by clicking through to theirs. In this case, the cookies policy set out on the third party's website will also apply. As this won't be controlled by us, you should read their policy to find out what information is being collected and how it's used.
THIS SITE OPERATES ON AN 'IMPLIED CONSENT' POLICY:
Currently this website operates with an ‘implied consent’ policy which means that we assume you are happy with the usage of Cookies detailed here. This means you don't get that annoying 'Please Accept Cookies' pop up when you visit.
If you are not happy, then you should either not use this site, delete our website cookies after visiting the site, or you should browse the site using your browser’s anonymous usage setting (called “Incognito” in Chrome, “InPrivate” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.).
IF YOU DON'T WANT COOKIES
You can restrict, remove or block cookies through your browser settings at any time.
To find out more about Cookies, including how to control, opt-out and delete them, go to http://www.aboutcookies.org for guidance.