Privacy Policy | Hills and Peeks | Accountants, Business and Tax Advisors

PRIVACY NOTICE

Hills & Peeks is the trading name of Hills & Peeks Secretaries Limited registered in England & Wales with registered number 05329301, and its Registered Office at 62 The Street, Rustington, West Sussex BN16 3NR.

This Privacy Notice provides information about how Hills & Peeks Secretaries Limited (‘we’, ‘us’, ‘our’) process your personal data and it provides information about your privacy rights.

What types of information do we collect from you?

Personal data
In this Privacy Notice, the term “personal data”, means information relating to you that allows us to identify you either directly, or in combination with other information we hold. For example, when you contact us by email, telephone, messaging service or via our website, we will collect your personal data including your name, postal address, telephone number and date of birth (where relevant). If you wish to use our services, then our onboarding process will collect additional personal information such as your bank details, your National insurance number and other personal tax identifiers.

Special categories of personal data
The UK GDPR defines special categories of personal data as information about a person’s race and ethnicity, religious or philosophical beliefs, trade union memberships, political opinions, genetic data, biometric and health data, and information concerning a natural person’s sex life or sexual orientation. Hills and Peeks Secretaries Limited does not collect special categories of personal data.

How do we collect information from you and why do we collect it?
We will only collect personal data from you that we consider to be necessary in the context and purpose in which it’s given.

Through your use of our services we may also collect personal data from you about someone else. If you provide us with personal data about someone else, you must ensure that you are authorised to disclose that data to us and that, without us taking any further steps required by applicable data protection or privacy laws, we may collect, use and disclose such personal data for the purposes described in this Policy. You must, therefore, take reasonable steps to ensure that the third party concerned is aware of and consents to the various matters detailed in this Policy, including: the fact that their personal data is being collected; the purposes for which that data is being collected; the intended recipients of that data; and the third party’s right to obtain access to the data (including details of how to request access). Where requested to do so, you must assist us with any requests by the third party to access or update the personal data you have collected from them and provided in connection with our Services.

You may be required to provide information when:

Learning about Hills and Peeks
Requesting, or enquiring about a service
Forming a Company, Partnership or Trust
Using our services
Using our website and portals
Recommending Hills and Peeks to other Businesses

Learning about Hills and Peeks

In order to gain more information about Hills and Peeks you may visit our website or landing pages, or for example speak to one of our team, or visit our office. At these times you may voluntarily provide personal information about yourself.

We collect: The type of personal information collected may include full name; phone numbers; email addresses; business type; income; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.

Why: To make sure you find the information you’re looking for and for us to make recommendations to you about our services. To follow up your enquiry, provide you with quotations on our services, give you access to business guides, to share news about industry and Company updates. Additionally, your IP address helps us to understand geographic information about our website visitors.

How: Data is collected through online forms; surveys; email; telephone; post; messaging services; or in person.

Requesting, or enquiring about our services

Depending on the type of service you request from us you may be asked to share information so we can provide a quote, respond to your enquiry, determine the service best suited for you and to complete the service engagement.

We collect: The type of personal information collected may include full name; home/business postal address; phone numbers; email addresses; payment information; business type/trade; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; purchase inquiry and history; products, services or content provided.

Why: To carry out our obligations to provide services you’ve engaged us to deliver or to perform. To provide a quote, form policy documents, complete the transaction and to follow up your purchase or enquiry.

We do not store any card payment data and only use payment information in connection with the purchase made.

How: Data is collected through online forms; surveys; email; telephone; post; messaging services; or in person.

Forming a Ltd Company, Partnership or Trust

If you have asked us to form a Limited Company/ Partnership/Trust on your behalf you will be asked to provide information relating to yourself, the Limited Company/Partnership/Trust you want to form and related third parties such as additional directors or shareholders, if you have any. This information is needed so your company can be registered with Companies House and other relevant bodies relating to any incorporation.

We collect: The type of personal information collected may include full name; home/business postal address; phone numbers; email addresses; registered office/service address; date of birth; title; nationality; company details, to include share split, person of significant control; authentication data, for example passport number, national insurance number; place of birth; payment card information; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; purchase inquiry and history; products, services or content provided.

Why: To check company name availability and ensure the Company/Partnership/Trust is formed correctly with the correct officers and information. To comply with legal and regulatory compliance, to include crime prevention. To provide the right guidance, answer your questions and to complete the transaction.

How: Data is collected through online forms; surveys; email; telephone; post; messaging services; or in person.

Subscribing to our services

If you subscribe to one of our accounting services you may be asked to provide information relating to you and/or your business. The information required will depend on the type of service you’re subscribing to. You may also be asked to provide information about third parties i.e. additional employees, directors or shareholders. We may also seek your permission to contact external third parties to gain items such as professional clearance or assignment schedules.

We collect: The type of personal information collected may include full name; home/business postal address; registered office address; business name/type; phone numbers; email addresses; job title; date of birth; place of birth; title; nationality; marital status; national insurance number; tax codes; HMRC UTR numbers; government issued identification, including passport numbers; sanction and watch list data; details of any other business involvement including shareholding; payment card information; bank account data; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences; username and passwords for accessing and using our services, purchase inquiry and history; products, services or content provided.

Why: To verify your identity for legal/regulatory compliance and crime prevention. To carry out our obligations to provide services you’ve engaged us to deliver or to perform. To configure your accounting/payroll software correctly and provide the right support and advice. Analysis for management and marketing purposes.

How: Data is collected through online forms; surveys; email; telephone; post; messaging services; or in person.

Using our accounting services

During the course of your engagement with us you may be asked to provide additional information and to keep us informed of any changes to your circumstances or that of your business. You may also require additional services or products.

We collect: The type of personal information collected may include changes in marital status; changes of home/business postal address; other sources of income; investment activities; changes to your company structure, to include changes to company officers; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.

Why: To carry out our obligations to provide services you’ve engaged us to deliver or to perform. Support you in managing your affairs, provide the right guidance and support at the right time, ensure you continue to be subscribed to the right service for you, to notify you about changes to our services, make suggestions/recommendations to you about other products and services. For related purposes such as updating and enhancing our client records, improving our services, troubleshooting, testing, data analysis, research, profiling, statistical and survey purposes. Analysis for management and marketing purposes and statutory returns, legal and regulatory compliance and crime prevention.

How: Data is collected through online forms; surveys; email; telephone; post; messaging services; or in person.

Using our website and portals

Hills & Peeks collects information about you when you visit our website and engage in any of the following activities:
a)   search and browse for content;
b)   subscribe to publications and reports;
c)   register for online services;
d)   join a mailing list;
e)   participate in bulletin boards, discussion or message forums;
f)   submit data for a survey or quiz;
g)   register for events and seminars;
h)   submit resumes or work history information;
i)   contact us for further information;
j)   visit our website while logged into a social media platform;
Some pages on this website may permit you to send emails or other messages to us. Emails and messages sent to us will contain your name and email address, as well as any information you may wish to include in the message.

We collect: The type of personal information collected may include full name; business name; telephone and mobile numbers and email address; usage data and statistics; connection data; other unique identifiers such as IP addresses or device IDs, marketing and advertising responses and preferences.

Why: To carry out our obligations to provide services you’ve engaged us to deliver or to perform. To provide the guidance, support and up to date business related information. To ensure you continue to be subscribed to the right service for you, to notify you about changes to our services, make suggestions/recommendations to you about other products and services. For related purposes such as updating and enhancing our client records, improving our services, troubleshooting, testing, data analysis, research, profiling, statistical and survey purposes. Analysis for management and marketing purposes and statutory returns, legal and regulatory compliance and crime prevention.

How: Data is collected through online forms; surveys; emails; cookies

Recommending Hills and Peeks to other Businesses

Our clients often recommend Hills and Peeks Services to other businesses. We warmly welcome such recommendations. However, it is imperative that you seek explicit permission from your referral before submitting their information to us.

We collect: The type of personal information collected may include full name; business name; telephone and mobile numbers and email address.

Why: To enable us to contact your referral to discuss our services with them.

How: Data is collected through online forms; surveys; email; telephone; post; messaging services; or in person.

How do we use the data?

We also use the data we collect to provide you with our services and to communicate with you. We use the data for the following purposes:

Providing, and enhancing our products and services
Compliance
Security, Safety and issue resolution
Business Operations
Communication, Marketing and Advertising

Providing and enhancing our services

We use data to provide and improve our services and perform essential business operations. This includes operating our services, maintaining and improving the performance of our services, including developing new features, research, testing and providing client support. We may also make aggregated anonymised information available for reporting and for the purposes of surveys.

Compliance

We use data to ensure we comply with relevant regulation and law. This includes needing to verify your identity if you subscribe to our accounting services. This verification involves:

(a) a full electoral roll search (your consent is not required for this); and

(b) credit reference agencies placing a soft search footprint on your electronic file and your data being accessed by third parties for the specific purpose of anti-money laundering, ID verification, debt collection, asset reunification, tracing and fraud prevention.

Security, safety, and dispute resolution

We use data to protect the security and safety of our services and our clients, to detect and prevent fraud, to resolve disputes and enforce our agreements.

Outgoing and incoming telephone calls from and to our team may be recorded for training and monitoring purposes. This process helps us to maintain high standards of service and resolve issues.

Business operations

We use data to run business operations to provide you with our services, profile our user base and develop anonymised aggregate analysis and business intelligence that enable us to operate, protect, develop our business and services, conduct quality and risk management reviews, make informed decisions and report on the performance of our business.

Communication

We use the data we collect to deliver and personalise our communications with you.

For example, we may contact you by email or other means of electronic communication to inform you about our services, invite you to take part in a survey, notify you about business activities, events and changes to our services.

You can opt out of receiving certain direct communications from us. If you wish to stop receiving promotional or marketing related emails from us, you can do so by following the instructions included in every email sent to you via the “unsubscribe” link. We respect your choice, and we will stop sending you emails once you unsubscribe. It may take up to 14 days to process your request.

If you become a client, subscribe to or engage with one of our services, regardless of your preferences, we will continue to communicate with you for service-related communications. These will include system and service support communications, policy, security or software updates.

We also use cookies and similar technologies to help us understand how you interacted with our communication and to provide the most relevant products and information to you.

When we may share or disclose your data

We do NOT share or sell personal information about our clients to third parties for marketing purposes, and we only share or disclose your data as authorised in this Policy; when we are legally required to do so; or when we are required to do so by our regulators.

We may share or disclose information with the following types of third parties:

Suppliers:

We work with a variety of third party suppliers to perform services such as website hosting, identity and anti-money laundering verification, secure online information hosting and email communications. We share your personal data as necessary to complete any transaction or provide a service you have requested. These suppliers work on our behalf for the purposes described in this Policy. We impose strict contractual obligations on suppliers to ensure data is secure, protected and treated in accordance with this Policy and we will take all steps reasonably necessary to maintain compliance with these obligations.

Legal/Regulatory Bodies:

To the extent that we are duty bound by any applicable legal or regulatory requirement to cooperate with any competent legal or governmental authority or agency, we shall do so in accordance with applicable law. This may involve disclosure of your personal data and we will have no legal liability for such disclosures. Please note that, depending on circumstances, we may be forbidden from advising you of the fact that your personal data has been disclosed to or requested by such third parties.

Under Section 330 of the Proceeds of Crime Act 2002 we have a duty to report to the Serious Organised Crime Agency (SOCA) if we know, or have reasonable cause to suspect, that you or anyone connected with your business are or have been involved in money laundering. Failure on our part to make a report where we have knowledge, or reasonable grounds for suspicion, would constitute a criminal offence. We are obliged by law to undertake this reporting to SOCA but are under no obligation to make you aware of this reporting. In fact, we may commit the criminal offence of “tipping off” under Section 333 of the Proceeds of Crime Act 2002 if we were to inform you that a report had been made. In consequence, neither Our principals nor staff may enter into any correspondence or discussions with you regarding such matters.

Other Parties:

Hills & Peeks may disclose your information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any agreements, or to protect the rights, property, or safety of the organisation, or other individuals. Such disclosures include, but are not limited to, exchanging information with other companies and organisations for the purposes of safeguarding or other statutory regulations that Hills & Peeks has to comply with as well as those organisations with whom you and Hills & Peeks has reciprocal agreements for providing services i.e. education, professional development etc.

What lawful bases do we use to process your information?
The lawful bases for processing personal data are set out in Article 6 of the UK GDPR.

At least one of these must apply whenever personal data is to be processed:

a) Consent: you have given your consent for Hills & Peeks to process your personal data for a specific purpose.

b) Performance of a contract: the processing is necessary for the performance of a contract that you have with Hills & Peeks, including for the purposes of entering a contract with Hills & Peeks.

c) Compliance with legal obligation: the processing by Hills & Peeks is necessary to comply with the law (e.g. the tax/social security obligation/employment law) (not including contractual obligations).

d) Vital interests: the processing is in yours, or someone else’s vital interests.

e) Public interest: the processing is necessary to enable Hills & Peeks to perform a task in the public interest or an official function, and the task or function has a clear basis in law.

f) Legitimate interests: the processing is necessary in your legitimate interests or the legitimate interests of Hills & Peeks, or those of a third-party, unless the need to protect your personal data overrides those legitimate interests.

How long will we hold your personal data?

Hills & Peeks will retain your personal data in a live environment for as long as necessary to fulfil the purpose(s) for which it was collected (including as required by applicable law or regulation, typically 7+ years).

We may keep your data for longer to establish, exercise, or defend our legal rights and yours. Where such a need exists, your personal data will be securely archived with restricted access and appropriate safeguards applied to ensure the security and confidentiality of your information.

Hills & Peeks is required to keep details of financial transactions for seven years to meet accountancy and HMRC requirements. We will securely destroy or permanently delete records held if, after a period of seven years, we have not had any contact or communication from you (this will be measured on a rolling seven-year period).

We maintain a data retention criterion to help implement our record retention and disposal (RR&D) requirements. Our RR&D Schedule takes account of our legal and accounting obligations, balancing this with what would be consider to reasonable.

We may anonymise your personal data (so that you can no longer be identified) for historical research and analysis without further notice to you.

Security of your personal data

Hills & Peeks respects the privacy of individuals and is committed to protecting your personal data. Accordingly, in accordance with the Data Protection Act 2018 and UK GDPR, we have implemented appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. These measures include having clear internal policies and procedures and maintaining the physical security to our premises.

Your personal data will not be sold or disclosed (other than as specified under this Privacy Notice) to another company or organisation.

Additionally, we put in place appropriate IT security technologies and procedures to prevent the unauthorised access, damage, and loss of your data and our access controls ensure the confidentiality of the data we process.

Please note that the transmission of information via the Internet is not completely secure, and while we do our best to protect your personal data, we cannot guarantee the security of any data sent to our site; such transmissions are at your own risk.

Locations of Processing

By submitting your personal data, you agree to its transfer, storing and processing.

Most personal data is stored electronically on servers or computer systems with controlled access and controlled environments.

The data we collect from you is processed on our servers located in the UK or within the European Economic Area (EEA). We will ensure that your personal data is provided with adequate protection if it becomes necessary to transfer your personal data to a country that has not been granted a finding of adequacy by the European Commission (EC). Transfers of personal data outside of the European Economic Area (EEA), to a country that has not been granted a finding of adequacy by the EC, will be carried out using ‘appropriate safeguards’ i.e. Binding Corporate Rules (BCR), Standard Contract Clauses (SCC) (also known as Model Contract Clauses) or in accordance with approved Codes of Conduct. Alternatively, we will seek your consent, on a case-by -case basis, where appropriate to do so.

Links to other websites
Our website contains links to other websites. The processing of personal data through those websites is not covered by this Privacy Notice, and we encourage you to review the privacy notices / privacy policies on the third-party website to discover more about how they process your information.

What at are my data subject rights?
We support your data subject rights under the Data Protection Act 2018 and the UK GDPR, in relation to our processing of your information, including your:

right to be informed (chiefly via this Privacy Notice)
right of access
right to rectification
right to erasure
right to restrict processing
right to data portability
right to object
rights related to automated decision-making including profiling.

You can exercise these rights at any time, including your right to request a copy of the information we hold about you (otherwise referred to as a Subject Access Request (SAR), or by contacting us using any of the methods shown below in the ‘Contact Us?’ section.

We will respond to your request as quickly as possible: usually, this will be within one month of receiving your request.

Updating my information
You may choose to correct, update, or delete your personal data by contacting us using any of the methods shown below in the ‘Contact us’ section below.

If you have opted-in to receiving communications form us, your preferences will remain in effect until you tell us that you want to opt-out of receiving any further communications.

Withdrawing my consent
Where we process your information based on your consent, you may withdraw your consent at any time. You can do this by contacting us using one of the methods given below.

Contact Us

If you have any questions about this policy or our website; change your preferences or consent; of update your information, then please contact us as follows, making your request or query clear:

Email:- info@hillsandpeeks.co.uk
Phone:- 01903 231239
Post/ In person:- 62 The Street, Rustington, West Sussex BN16 3NR

We will respond to any request to access or delete your personal data as soon as possible, but certainly within 21 days.

Making a complaint to us
We hope you’ll never have need to do so, but if you do want to complain about our use of your information or our facilitation of your data subject rights, please contact us in the first instance using one of the contact methods listed above.

Our Data Protection Officer will investigate your complaint and provide you with an appropriate response as quickly as possible.

If you’re unhappy with our Data Protection Officer’s response, you can make a complaint to the Information Commissioner’s Office (ICO) or get advice from the ICO.

ICO
Telephone: 0303 123 1113
Textphone: 18001 0303 123 1113
Monday to Friday, 9am to 5pm (Find out about call charges)

Information Commissioner’s Office
Wycliffe House Water Lane
Wilmslow
Cheshire
SK9 5AF

You can also chat online with an advisor.

Changes to this Privacy Notice
We continuously review the content of our Privacy Notice to ensure that its content accurately reflects what we are doing with your information.

This Privacy Notice was last reviewed and updated in June 2024.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.