Privacy and Cookies Policy

We are committed to ensuring the privacy of all users of our online software and services and other visitors to our application. In this policy we explain how we hold, process and retain your personal data.

Liaison Financial Services Limited, trading as Liaison Group and its subsidiaries and other group companies (Liaison VAT Consultancy Limited, Liaison Technology Limited, VAT Liaison Limited, Activ8 Intelligence Limited, 3 Blue Dots Technologies Limited) is the data processor in respect to all personal data collected through this application.

1. How we use your personal data

1.1 This section provides you with information about:

(a) what personal data we hold and process;

(b) in respect of personal data that we did not collect from you directly, where we obtained that data from, and what types of data we have collected;

(c) the purposes for which we may process your personal data; and

(d) the legal grounds on which we process your data.

 

We will not pass on your information to any third party without your explicit consent.

1.2 Contact data. We may process information that you provide to us (“contact data”). This contact data may include your name, address, telephone number, email address and employment details and position. We may use this data to provide you with further information about our services and for providing our services to you.

The contact data may be processed in this way for the purposes of performing our contract with you, or in taking steps at your request prior to entering into a contract.

1.3 Authorised Users Data. If you obtain access to and use our software and services as an authorised user nominated by a primary user which has a contractual arrangement with Liaison for the provision of certain services, including access to and use of such software and services for users nominated by it (“Primary User”) (“Primary User Contract”) then:

(a) we will treat the Primary User as the controller of any personal data including such information as the contact data, that their authorised users may record on our software and services;

(b) we may receive personal data in respect of such authorised users direct from the Primary User; and

(c) we will process any such personal data referred to in 2 (a) and (b) above strictly in accordance with the instructions of the Primary User, not the individual authorised user including sharing all such data with the Primary User.

1.4 Application data. We may process data about your use of our applications and services (“application data“). The application data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and application navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the application data is our analytics tracking system. This application data may be processed for the purposes of analysing the use of the application and services.

The legal basis for this processing is our legitimate interests, namely monitoring and improving our application and services.

1.5 Enquiry data. We may process information contained in any enquiry you submit to us regarding our services (“enquiry data“). The enquiry data may be processed for the purposes of ensuring quality, monitoring use and user experience.

The legal basis for this processing is our legitimate interests in responding to your enquiry appropriately and ensuring the efficient operation and provision of our services.

1.6 Correspondence data. We may process information contained in or relating to any communication that you send to us (“correspondence data“). The correspondence data may include the communication content and metadata associated with the communication. Our application will generate the metadata associated with communications made using the application contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping.

The legal basis for this processing is our legitimate interests, namely the proper administration of our application and business and communications with users.

1.7 Other processing activities. In addition to the specific purposes for which we may process your personal data set out above, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

 

2. Providing your personal data to others

2.1 To our partner service providers. We may also disclose your personal data to Outsource Partners International Limited, provider of business support services, whose functions include helping us to perform our services for you.

2.2 Our insurers/professional advisers. We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.

2.3 Where we provide your personal data to any third party. Where we share your personal data with any third party, we will ensure this processing is protected by appropriate safeguards including a suitable data processing agreement with that third party.

2.4 To comply with legal obligations. In addition to the specific disclosures of personal data detailed above, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation we have to comply with, or in order to protect your vital interests or the vital interests of another individual.

2.5 Primary Users. We may share personal data with Primary Users as set out in paragraph 1.3 above.

 

3. Transfers of your personal data outside of the European Economic Area

Where your personal data is transferred outside of the EEA, we will ensure that either (a) The European Commission has made an “adequacy decision” with respect to the data protection laws of the country to which it is transferred, or (b) we have entered into a suitable data processing agreement or Model Contract Clauses with the third party situated in that country to ensure the adequate protection of your data. In all cases, transfers outside of the EEA will be protected by appropriate safeguards.

 

4. Retaining and deleting personal data

4.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

4.2 Unless we contact you and obtain your consent for us to retain your personal data for a longer period, we will retain and delete your personal data as follows:

(a) Unless otherwise provided for in the Primary Contract, Contact data will be retained for 7 years following the end of the Primary Contract (as defined in paragraph 1.3 above) or for such period after termination of the Primary Contract as specified in that contract or agreed between Liaison and the Primary User.

(b) Unless otherwise provided for in the Primary Contract, Authorised user data will be retained for 7 years following the end of the Primary Contract (as defined in paragraph 1.3 above) or for such period after termination of the Primary Contract as specified in that contract or agreed between Liaison Groupo and the Primary User.

(c) Unless otherwise provided for in the Primary Contract, Application data will be retained for 7 years following the end of the Primary Contract (as defined in paragraph 1.3 above) or for such period after termination of the Primary Contract as specified in that contract or agreed between Liaison Group and the Primary User.

(d) Unless otherwise provided for in the Primary Contract, Enquiry data will be retained for 7 years following the end of the Primary Contract (as defined in paragraph 1.3 above) or for such period after termination of the Primary Contract as specified in that contract or agreed between Liaison Group and the Primary User.

(e) Unless otherwise provided for in the Primary Contract, Correspondence data will be retained for 7 years following the end of the Primary Contract (as defined in paragraph 1.3 above) or for such period after termination of the Primary Contract as specified in that contract or agreed between Liaison Group and the Primary User.

4.3 We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

 

5. Amendments

5.1 We may update this policy from time to time by publishing a new version on our application.

5.2 You should check this page occasionally to ensure you are happy with any changes to this policy.

5.3 We will notify you of changes to this policy by email or via the application.

 

6. Your rights

6.1 You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:

(a) your request not being found to be unfounded or excessive, in which case a charge may apply; and

(b) the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).

6.2 We may withhold personal information that you request to the extent permitted by law.

6.3 The rights you have under data protection law are:

(a) the right to access;

(b) the right to rectification;

(c) the right to erasure;

(d) the right to restrict processing;

(e) the right to object to processing;

(f) the right to data portability;

(g) the right to complain to a supervisory authority; and

(h) the right to withdraw consent.

 

6.4 Your right to access your data. You have the right to ask us to confirm whether or not we process your personal data and, to have access to the personal data, and any additional information. That additional information includes the purposes for which we process your data, the categories of personal data we hold and the recipients of that personal data. You may request a copy of your personal data. We will provide a copy of the information free of charge. However, we may charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.

We may also charge a reasonable fee to comply with requests for further copies of the same information. The fee will be based on the administrative cost of providing the information.

6.5 Your right to rectification. If we hold any inaccurate personal data about you, you have the right to have these inaccuracies rectified. Where necessary for the purposes of the processing, you also have the right to have any incomplete personal data about you completed.

6.6 Your right to erasure. In certain circumstances you have the right to have personal data that we hold about you erased. This will be done without undue delay. These circumstances include the following: it is no longer necessary for us to hold those personal data in relation to the purposes for which they were originally collected or otherwise processed; you withdraw your consent to any processing which requires consent; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are certain general exclusions of the right to erasure, including where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for establishing, exercising or defending legal claims.

6.7 Your right to restrict processing. In certain circumstances you have the right for the processing of your personal data to be restricted. This is the case where: you do not think that the personal data we hold about you is accurate; your data is being processed unlawfully, but you do not want your data to be erased; it is no longer necessary for us to hold your personal data for the purposes of our processing, but you still require that personal data in relation to a legal claim; and you have objected to processing, and are waiting for that objection to be verified. Where processing has been restricted for one of these reasons, we may continue to store your personal data. However, we will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

6.8 Your right to object to processing. You can object to us processing your personal data on grounds relating to your particular situation, but only as far as our legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest, or in the exercise of any official authority vested in us; or the purposes of our legitimate interests or those of a third party. If you make an objection, we will stop processing your personal information unless we are able to: demonstrate compelling legitimate grounds for the processing, and that these legitimate grounds override your interests, rights and freedoms; or the processing is in relation to a legal claim.

6.9 Your right to object for statistical purposes. You can object to us processing your personal data for statistical purposes on grounds relating to your particular situation, unless the processing is necessary for performing a task carried out for reasons of public interest.

6.10 Automated data processing. To the extent that the legal basis we are relying on for processing your personal data is consent, and where the processing is automated, you are entitled to receive your personal data from us in a structured, commonly used and machine-readable format. However, you may not have this right if it would adversely affect the rights and freedoms of others.

6.11 Complaining to a supervisory authority. If you think that our processing of your personal data infringes data protection laws, you can lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

The supervisory authority within the UK is the Information Commissioners Office (ICO)

Information Governance department, Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

6.12 Right to withdraw consent. To the extent that the legal basis we are relying on for processing your personal data is consent, you are entitled to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

6.13 Exercising your rights. You may exercise any of your rights in relation to your personal data by written notice to us in addition to the other methods specified above.

 

7. Cookie Policy

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. This PDF explains the cookies we use and why.

 

7.1 You can contact us:

(a) by post, using the postal address given above;

(b) using our application contact form;

(c) by telephone, on the contact number published on our application from time to time; or

(d) by email, using the email address published on our application from time to time.

 

8. Data protection officer

Liaison Group has appointed a Data Protection Officer, who can be contacted via email at infogov@liaisongroup.com or by telephone on 0845 603 9000.