- to your use of any of our services, including when you request information from us, engage our accounting, insolvency and other services in circumstances where we are not merely acting as a processor on your behalf;
- where you apply to us for a job or work placement;
- as a result of your relationship with one or more of our clients; and/or
- to any personal information collected from third parties where we are the data controller of such information.
How we collect your personal data
“Personal data” is any information that can be used to identify you or that we can link to you.
Where you use our services, engage with us in connection with the professional services that we provide, we will collect personal data directly from you, from clients, or from authorised representatives.
We may also collect personal data from third parties such as regulatory authorities, your employer, other organisations with whom you have dealings, government agencies, credit reporting agencies, recruitment agencies, information or service providers, publicly available records and the third parties.
We collect information that you voluntarily provide to us, including when you communicate with us via email or other channels; when you sign up for or request that we send you newsletters, alerts, or other materials; when you sign up for a webinar or event; and when you respond to our communications or requests for information.
The information you provide may include current and historical personal data including your name, contact details, title, identification, employment, positions held and enquiry/complaint details and information about the organisation with which you are affiliated. We may also collect personal data about your other dealings with us and our clients, including any contact we have with you in person, by telephone, email or online.
We may collect information from other sources, such as social media platforms that share information about how you interact with our social media content, and any information gathered through these channels will be governed by the privacy settings, policies, and/or procedures of the applicable social media platform, which we strongly encourage you to review.
We will handle any unsolicited information in accordance with law, including destroying or de-identifying such information where we are required to do so.
When you use our online services, we may collect the following:
- Information you provide by completing forms (this includes information you give us, submitting material, requesting services, registering for any of our online offerings or subscribing to our newsletters or other services).
- Information you provide to us if you contact us, for example to report a problem with our online services or raise a query or comment.
- Details of visits made to our online services including, but not limited to, the volume of traffic received, logs (including, where available, the IP address and location of the device connecting to the online services and other technical information and identifiers about the device and the nature of the visit) and the resources accessed.
- Where our online services require that you enter a password or other information in order to access certain features, we will collect such credentials when you enter them.
If you apply for a job or work placement then you may need to provide information about your education, employment and state of health. As part of your application you will be asked to provide your express consent to our use of this information to assess your application and to allow us to carry out both recruitment analytics and any monitoring activities which may be required of us under applicable law as an employer. We may also carry out screening checks (including reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks) and consider you for other positions.
We may exchange your personal data with academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, recruitment analytics providers, referees and your current and previous employers. We may also gather additional information about you from publically available resources such as LinkedIn or other social or professional media platforms and collate this with the information that you provide to us. Without your personal data we may not be able to progress considering you for positions with us.
If you submit your CV or other personal data, you may need to provide information about your education, employment and state of health.
Legal basis for usage of personal data
Where we intend to use your personal data, we rely on the following legal grounds:
Performance of a contract: We may need to collect and use your personal information to enter into a contract you or to perform a contract that you have with us. For example, when you use our insolvency or accountancy services we will use your personal information to provide advice to you, respond to your requests and provide you with such services in accordance with our terms of engagement.
Legitimate interests: Where we otherwise consider such use of your information as not detrimental to you, within your reasonable expectations and necessary to fulfil our legitimate interests, we may use your personal information including for our own marketing purposes.
Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, anti-money laundering regulations, tax laws and other regulatory provisions due to ours status as providers of insolvency professional services.
Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal information for our marketing purposes, or in respect of certain special categories of personal data such as your health for which we are legally obliged to gain your consent due to the sensitive nature of such information. To withdraw your consent to such use, you can contact us.
In the case of providers of insolvency services as office-holders in particular in the UK, only a licensed Insolvency Practitioner (“IP”) can be appointed in relation to formal insolvency procedures for individuals and corporate entities. IP’s are licensed to provide advice on, and undertake appointments in, all formal insolvency procedures.
The functions of an IP are governed by:
- The Insolvency Act 1986 (as amended)
- The Insolvency Rules 2016 (as amended)
- The Insolvency Practitioners Regulations 1990
- The Insolvency Practitioners Regulations 2005
- The Insolvency Practitioners (Amendment Regulations) 2015
- The Insolvent Companies (Report on Conduct of Directors) (England and Wales) Rules 2016
- The Insolvent Companies (Report on Conduct of Directors) (Scotland) Rules 2016
- The Small Business, Enterprise and Employment Act 2015 (as amended)
- The Deregulation Act 2015
- The Provisions of Services (Insolvency Practitioners) Regulations 2009
- The Insolvent Partnership Order 1994
- The Insolvency Amendment (EU 2015/848) Regulations 2017
- The Insolvency (Regulations (EU) 2015/848) (Miscellaneous Amendments) (Scotland) Regulations 2017
- Statements of Insolvency Practice
In carrying our duties as IP’s we collect and uses personal data in order to:
- Provide professional advice to try to prevent insolvency
- Negotiate with the creditors, and other parties, of a company or individual
- Realise the assets of an individual or company for the best possible return to creditors after marketing to a wide range of potential buyers
- Carry out all statutory duties as required by law
- Provide regular reports to creditors on the progress of insolvency procedures
- Investigating company affairs and director conduct, where necessary, and file a report to the Insolvency Service.
The personal data we control will include your name, email address, postal address, telephone number, date of birth and financial details. The precise nature of personal data we hold will be dependent upon the unique circumstances of the case, but may include (although not limited to) Oliver Elliot Limited and or Elliot Green acting as the data controller in respect of:
- Investigations undertaken as a consequence of:
- The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(MLR 2017)
- The Bribery Act 2010
- Proceeds of Crime Act 2002
- The Terrorism Act 2000, and related anti-terrorism legislation
- The Criminal Finance Act 2017
- Company Directors Disqualification Act 1986
- Conflict and Ethical checks
- Case file notes
- Internal meeting notes
- Diary entries
- Bank and Credit / Debit card records
- Case management reviews
- Correspondence with third parties
- Correspondence with employees
- Correspondence with shareholders
- Correspondence with former office holders (IP’s)
- Correspondence with clients / debtors / directors and other individuals
- Personal asset searches
- Land Registry searches
- Books and Records (Including Tax and VAT records)
- Debtor / Director Questionnaire
- Income Payment Agreements / Income Payment Orders
- Bankruptcy Restriction Orders
- Asset searches
- Agent Reports and Valuations
- Legal documents
- Dividend Notices
- Pension Notices
- PPI documentation
- Creditor Proxies
- Reports to creditors and members
- Meeting attendance registers
- Creditor claims and proofs of debt
- Creditor committees
- Creditor correspondence
- DVLA searches
- Mortgage records
- Insurance policies
- Medical records
- Family records
- Employment records
- Case time recording
The legal basis on which we process personal data when acting as data controller on insolvency appointments will be dependent upon the unique circumstances of the case, but will include at least one of the following:
- A legal obligation to which the Data Controller is subject;
- The performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
- For the purposes of the legitimate interests pursued by a Data Controller;
- The establishment, exercise or defence of legal claims.
- Processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent;
- Processing relates to personal data which are manifestly made public by the data subject;
- Processing is necessary for reasons of substantial public interest.
How we use your personal data
We use your information in order to provide you with, and improve, our services, for example:
- To respond to your enquiries.
- To provide you with professional or other services that you, your employer, your clients, or your authorised representatives request.
- To carry out our obligations arising from any contracts entered into between you and us.
- To facilitate our internal business operations, including to fulfil our legal or regulatory requirements (including in relation to anti-money laundering) and professional obligations.
- To maintain and develop our relationship with you.
- For our business purposes, including data analysis, submitting invoices, detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement.
- To maintain and update our records including our database of contacts.
- To provide you on an ongoing basis with information and services, including professional advice, updates, marketing communications, and other information or materials, that you request from us or which we feel may interest you where you have indicated that you would like to receive these from us.
- To evaluate, recruit, and hire personnel.
- To measure the popularity and effectiveness of services such as newsletters and seminar invitations, in order to improve what we offer to you and other recipients.
- To ensure that content from our online services is presented in the most effective and secure manner for you and the device on which you are accessing our services, and to troubleshoot, and improve such online services.
- To allow you to use or access interactive features or secure areas of our online services, when you choose to do so.
- For research, planning, service development, security or risk management.
- As we believe reasonably necessary or appropriate to: comply with our legal obligations; respond to legal process or requests for information issued by government authorities or other third parties; or protector your, our, or others’ rights.
We may not be able to do some or all of these things without your personal data.
Disclosure of your information
We may exchange your personal data with third partieswhere:
- You have consented to us sharing your personal data in this way.
- We deem reasonably necessary to provide you with the professional services that you have required at any particular time.
- We are under a legal, regulatory or professional obligation to do so (for example, in order to comply with anti-money laundering requirements or a Court Order).
- Such sharing is provided for under contract, including our terms of engagement for any particular service that we may provide to you.
- Such sharing is to law enforcement bodies or other government authority.
- We need to enforce or apply our terms of engagement to which you have agreed (or other client terms).
- It is necessary to protect the rights and interests, property, or safety of Oliver Elliot, our clients or others.
- It is relevant in the circumstances to disclose the information to our client, your employer or place of work, your professional advisers and parties with whom we have co-promotional arrangements (such as jointly sponsored events).
- Our agents or contractors who assist us in providing our services require such information, for example in fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions.
- We use third party service providers to provide services that involve data processing.
We may also provide anonymous statistical information about users of our websites and related usage information to reputable third parties, including analytics and search engine providers.
We may own the database rights in the information collected via our online services. We do not sell, rent, or otherwise share information that reasonably identifies you or your organisation with unaffiliated entities for their independent use or with your express prior permission.
We may share information that does not reasonably identify you or your organisation as permitted by applicable law.
Retention of your data
We retain the information we collect no longer than is reasonably necessary to fulfil the purposes that such data was originally collected in accordance with our internal data retention polices or to comply with our legal and regulatory obligations. Where we consider there to be a risk that we may need to defend or bring legal claims, we may retain your personal data as necessary for our legitimate interests in ensuring that we can properly bring or defend legal claims. We may also need to share this information with our insurers or legal advisers. How long we keep this information for will depend on the nature of the claim and how long we consider there to be a risk that we will need to defend or bring a claim.
We take reasonable steps to hold information securely in electronic or physical form.
Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk.
If you communicate with us using a non-secure web platforms, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.
Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure.
You can help us to keep your information secure by ensuring that any user name or password in relation to our online services is kept strictly personal to you and not be made available to any other person. You should stop using your username and password and notify us immediately if you suspect that someone else may be using your user details or password.
Third party sites, services and content
In addition to our online services, which we control directly, we also use and provide links to websites which are controlled by third parties, which may include:
- Twitter, LinkedIn and YouTube, where we have certain Oliver Elliot accounts and profiles.
- Facebook, where we have a social page.
If you use or follow a link to any of these third party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you.
We may engage third parties that support the operation of our online services, such as analytics providers. These third parties may use technologies to track your online activities over time and across different websites and online platforms. Please see our Cookies Policy for more information.
Under applicable data protection legislation we have a duty of care to ensure that your personal data is accurate and up to date. Therefore, please contact us to update or correct your information if this changes or if you believe that any information that we have collected about you is inaccurate at email@example.com
You can subject to applicable laws also ask us to see what personal information we hold about you, to erase your personal information and you have the right to you object to our use of your personal information.
If you would like to request a copy of your data or would like to change or erase all or any part of the information we hold about you, please contact us as set out below. We may refuse to provide access and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so or where for instance whilst acting as an officeholder are required to take alternative course of action with respect to the said data, in which case we will provide reasons for our decision.
You may also submit a complaint to the Information Commissioners Office, details of which can be found at https://ico.org.uk/global/contact-us.
Status of this policy
Contact and further information
To find out more about Oliver Elliot please visit www.oliverelliot.co.uk
Tel: +44 (0)20 3925 3613
Oliver Elliot Chartered Accountants, Moda Business Centre, Stirling Way, Borehamwood WD6 2BW
The Privacy Officer is Elliot Green