Completely GDPR compliant
The new European Union data processing laws, known as the 'EU General Data Protection Regulation' (GDPR), came into force 25th May 2018 in the UK.
GDPR imposes strict controls on how all organisations collect and process personal data within the EU and/or personal data of EU citizens. UK has enforced the full range of GDPR requirements.
The regulation outlines six key principles for organisations that process individuals’ personal information. These are that data shall be:
processed lawfully, fairly and transparently
collected for specified, explicit and legitimate purposes
adequate, relevant and limited to what is necessary for processing
accurate and kept up to date
retained only for as long as necessary
processed in an appropriate manner to maintain security
What we are doing for GDPR?
We are constantly updating the technical and organisational security measures we have in place to protect your data and ensure full GDPR Compliance.
Under the terms of GDPR, Majish will collect, store and process personal data (e.g. contact details, email addresses, National Insurance, passport, payroll, PAYE numbers and any other data which may be required). We list below how we are complying with GDPR.
Awareness & accountability
We have a firm-wide commitment to ensuring complete compliance with GDPR: policies are and procedures communicated to all colleagues.
We have a record what data we hold, where it is held, where that data comes from and where it potentially goes. Thus we can keep track of and protect all data.
We update our Policies to make sure that data received by us is handled appropriately.
Basis and consent
By signing up with us, you allow us to process data you give to us, in line with GDPR requirements, so that Majish may fully provide its services to you.
Under GDPR you have the right to see a full copy of any data we hold about you, and also the right to request that it is fully deleted from our system (we are required to keep some records to note your wishes or to comply with any legal obligations).
Security is a priority in everything we do here at Majish. We are constantly evaluating potential threats which in turn are are constantly evolving, we therefore use a number of that are also continually adapted, to stay ahead of the hackers and scammers.
Information Commissioner's Office (ICO) Registration and jurisdiction
The UK Information Commissioner’s Office (ICO) regulates Data Privacy and Protection and Majish Chartered Accountants is appropriately registered with them.
In the unlikely event of a significant data breach that puts your personal data at risk, we have a legal duty to report this to the ICO within 72 hours of discovery: we will also inform you, our customers.
Maintaining your privacy is most important to us. You can rest assured that we have your best interests at heart.
If you ever want to contact us about GDPR, data protection or how we handle your data in general, please feel free to email your usual contact at Majish or contact us.