Independent Audit Limited are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us (here, by phone, by email or otherwise), will be processed by us. We will only collect and use personal data in ways that are described here and in a manner that is consistent with our obligations and your rights under the law. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.independentaudit.com (“our Site”) you are accepting and consenting to the practices described in this policy.
You may visit this site without revealing any personal information. However, if you request specific information, provide feedback, or participate in a marketing initiative, you will be disclosing personal data to us. This will be treated in accordance with the principles set out in the Data Protection Act 1998 and the General Data Protection Regulation (the GDPR). We will take all reasonable steps to ensure your personal data is protected against unauthorised access and it will not be disclosed or sold to another company or organisation. The only time we may disclose your personal data is when we are legally bound to do so or as otherwise required or permitted by law.
These policies are subject to periodic review and any changes will be included in this section of the site.
This website is managed by Independent Audit Limited, registered in England & Wales with registered number 4373559.
Independent Audit Limited is not responsible for the privacy policies of third party sites to which links are provided. The privacy policies on such sites should be checked before providing any personal information.
Collection of information
Independent Audit Limited will only collect and use personal data voluntarily and openly provided to this website. A user may choose to provide Independent Audit Limited with limited personal data as required in order to register for certain services; once registered the information will only be used for the specified purpose(s).
At the present time, IP addresses of authorised users are not logged for either administrative or other purposes. It will normally be clear when personal information is being collected. The information required is the minimum necessary to enable Independent Audit Limited to deal with the services requested, but additional information may be requested in order for Independent Audit Limited to provide the most appropriate response. If such additional information is requested, it is highlighted, and its provision is voluntary.
We use Google Analytics to analyse our website usage and create reports for internal use at Independent Audit Limited only.
Google analytics cookies
Use of your information
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. At all times, we will comply with our obligations, safeguard your rights under the applicable legislation.
Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (eg by subscribing to our bulletin), or because it is in our legitimate interests. Specifically, we may use your data for the following purposes:
- – Providing you with information, products and services that you request from us;
- – Carrying out our obligations arising from any contracts entered into between you and us;
- – Providing you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- – Notifying you about changes to our service;
- – Replying to emails from you;
- – Supplying you with emails that you have opted into (you may unsubscribe or opt-out at any time by contacting us);
- – Market research;
- – Analysing your use of our site and gathering feedback to enable us to continually improve our site and your user experience;
- – Administering our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email with information and news on our services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our legal obligations.
Provision of information to third parties
Independent Audit Limited will only provide personal information to third parties in the following circumstances:
- – Where we are under a legal obligation to do so;
- – To protect our rights or property;
- – As otherwise required or permitted by law.
Accuracy of information
Independent Audit Limited assumes responsibility for keeping an accurate record of personal data once it has been submitted. We would like to keep your personal data accurate and up to date. If you become aware of any errors or inaccuracies, please let us know by contacting us at email@example.com.
As a data subject you have the following rights under the GDPR, which the policy and our use of personal data have been designed to uphold:
Right of access
You have the right ask us to confirm whether or not we are using personal data relating to you and – where we are doing so – to confirm the following:
- – The purposes of that processing;
- – The categories of personal data that we are processing;
- – The recipients (or categories of recipients) to whom those personal data have been or will be disclosed;
- – The period for which we envisage those data being stored or (if not possible to give a specific period) the criteria used to determine how long the data will be stored;
- – The existence of your right to request that we rectify, erase or restrict how we process your personal data or to object to that processing. See further below;
- – The right to lodge a complaint with a supervisory authority. See further below;
- – Where the personal data are not collected from you, any information we have about their source.
Where you request, we shall provide a copy of your personal data that we are processing. The first copy will be provided free of charge but – for any further copies – we may charge a reasonable fee based on our administrative costs.
Right of rectification
You have the right to require that we promptly rectify any inaccurate personal data relating to you. Where applicable, you will also have the right to require us to complete any incomplete personal data (including by you providing a statement that supplements those data).
Right to erasure (the ‘Right to be Forgotten’)
You have the right to require that we promptly erase any personal data relating to you and (where you make such a request) we shall do so where:
- – Those personal data are no longer necessary in relation to the purposes for which they were collected or used;
- – You object to our processing of your personal data (see further below) and there are no overriding legitimate grounds for us to continue to process those data;
- – Your personal data have been unlawfully processed;
- – Your personal data must be erased in order for us to comply with a legal obligation.
However, this right does not apply in certain circumstances. For example, where we need to use your information in order to:
- – Exercise our rights to freedom of expression and information;
- – Comply with a legal obligation;
- – Establish or defend legal claims or otherwise exercise our legal rights.
Right to restrict processing
You have the right to require that we restrict how we use your personal data where:
- – You contest the accuracy of those data (for the period during which we are verifying the accuracy of those personal data);
- – The processing is unlawful and you oppose the erasure of your personal data and request that we restrict how those data are used instead;
- – We no longer need those personal data for the purposes we have specified but you require that we retain them in order to establish or defend legal claims or otherwise exercise your legal rights;
- – You object to our processing (see further below) and we are verifying whether our legitimate grounds for continued processing override your interests, rights and freedoms.
Where you restrict our processing, your personal data shall (save for mere storage) only be processed:
- – With your consent;
- – In order to establish or defend legal claims or otherwise exercise your legal rights; or
- – For the protection of another person’s rights or for reasons of important public interest.
Where you have required that we restrict how we process your personal data, we will inform you before we lift any restriction.
Right to data portability
In principle, you have the right to be provided with a copy of the personal data you provided to us (and which we hold about you) in a commonly used format. However, this only applies where the lawful basis on which we are relying to process your data is your consent or fulfilment of a contract between us. We do not rely on either of these bases to process your data.
Right to object to processing
You have the right to object to the processing of your information where we are conducting that processing on the basis of our legitimate interests. Where you object to that processing, we shall stop that processing, except where we can demonstrate that:
- – There are compelling legitimate grounds for that processing which override your interests, rights and freedoms; and/or
- – We need to continue that processing in order to establish or defend legal claims or otherwise exercise our legal rights.
Right to lodge a complaint
Where you believe that there has been a breach of the Act or the GDPR, you have the right to lodge a complaint with data protection supervisory authorities throughout the European Union. In particular, the authorities in the country (or countries) where:
- – You are habitually resident;
- – You work; and
- – You believe that the breach occurred.
In the United Kingdom, the supervisory authority is the Information Commissioner’s Office. The Office’s website is ico.org.uk.
Questions, comments and requests regarding this privacy notice and our data protection practices are welcomed and may be addressed to us at either:
- Data Protection Officer, Independent Audit Limited, 4 Bury Street, London, EC3A 5AW, United Kingdom, or firstname.lastname@example.org