The General Data Protection Regulation (GDPR) (EU) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.  Despite the UK coming out of Europe, all businesses must comply with GDPR with effect from 25 May 2018.

What does that mean for our clients?

Essentially, we must obtain your data lawfully and for a specific purpose and we must have your consent to both obtain and process your data.

At the commencement of our engagement with clients, we issue a terms of engagement letter which requires your signature.    By signing this terms of engagement letter, you are consenting for us to obtain your data and process it for the purposes of providing accounting, payroll and taxation services.   Our standard terms and conditions also cover the above and also the retention and deletion of data.   We now have our terms and conditions of business shown on our website.  Just click on the link on the footer of our home page.

GDPR also stipulates that customers have the right to be “forgotten” , ie. their personal data erased.  However, Northumberland Accountants & Tax Advisers Ltd are bound by legislation from HMRC and this legislation relating to the retention of records overrides the GDPR legislation so where the agent is required to keep data for 6 years for HMRC, then that takes precedence.

If you wish to discuss this with us, please just give us a ring.