Protecting your Personal Information

Brook Financial Management Ltd gather and process your personal information in accordance with this privacy notice and in compliance with the relevant Data Protection Regulations and laws. This notice provides yoAt Brook Financial, we take protecting your privacy extremely seriously. It is really important to us that you trust us with your personal information, so we want to make sure that you understand what information we hold about you and how we collect, store and process it in order to provide our services to you.

Please read this policy carefully and if you have any questions about this policy, or what we do with your personal information, please contact us at enquiries@brook-financial.co.uk. We hope you can agree with the terms set out below and engage with us; otherwise, please do not provide us with any information about you or anyone else as we will sadly be unable to act for you.
Please confirm the consent you wish to grant us on page 3 and sign on page 4 before returning this to us.u with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.

Brook Financial Management Ltd’s registered office is at Meads Barn, Ashwell Business Park, Ilminster, Somerset and we are a company registered in England and Wales under company number 05856521. We are registered on the Information Commissioner’s Office Register; registration number ZA0004187. Our designated Data Protection Officer/Appointed Person is Mr Kevin Smith, who can be contacted at the above address or telephone 01460 259852.

Please read this policy carefully. If you have any questions about this policy or what we do with your personal information, please contact us and we’ll be happy to advise further.

What is Personal Information?

‘Personal Information’ in the context of this policy refers to information about you, your business and other individuals associated with you (such as your spouse) or your business.
When you engage with us to provide you with a service, we will ask you to provide us with certain Personal Information to enable us to deliver that service. We may ask you to confirm or update this information by email or over the phone.
If any of your Personal Information changes, or you believe that any of the information we hold is incorrect, please let us know by emailing us at enquiries@brook-financial.co.uk and we will ensure that your personal information is updated. We may contact you from time to time to verify that your personal information is up to date.

What do we use your Personal Information for?

We will process the information that you provide to us in the following ways for the purpose of (and on the basis of) providing the services we have been engaged to deliver to you:

a) to verify your identity (i.e. to confirm that you are who you say you are) – due to the nature of our business, this is a legal requirement
b) to provide you with advice about your financial affairs and their administration
c) to provide you with bookkeeping, finance and payroll services that you request from us
d) to provide you with regular updates on topics relevant to the service we are providing or to invite you to events at which the principal aim is to provide you with similar information
e) where you have consented to us doing so, to provide you with further information about Brook Financial, our other services and our upcoming events.

How do we protect your Personal Information?

We aim to protect your Personal Information in the following ways:
a) keeping information up to date, primarily through regular contact with you
b) storing information in secure locations, including information stored electronically
c) destroying information which is no longer relevant, unless we have a legitimate reason or statutory obligation to retain it
d) minimising, wherever practicable, the number of staff or third parties who have access to your information, and ensuring we carry out due diligence checks on any third parties who we may involve.

Who has access to your Personal Information?

Brook Financial forms part of Old Mill. ‘Old Mill’ is a trading name of Old Mill Accountancy Limited, Old Mill Financial Planning Limited, Old Mill Audit Limited, Old Mill Trust Corporation Limited, and Old Mill Jackson Limited.

To properly run our business in an efficient and compliant manner, Brook Financial may share some of the same internal systems and management.

As a result, Personal Information provided to one of our businesses may be processed by another, either as part of providing you with the services you have requested (e.g. involving specialists to ensure the best advice) or to manage our own businesses. This latter is based on our “legitimate interests” as a business.

In order to provide you with the services that you have requested from us, there are a number of third parties who may also need to process your Personal Information:

a) third-party product and service providers who we engage on your behalf to provide (or provide you with a quote to provide) the products or the services that you have agreed to purchase (e.g. pension providers and cloud accounting software)
b) the Financial Conduct Authority (FCA), His Majesty’s Revenue and Customs (HMRC), the Institute of Chartered Accountants in England and Wales (ICAEW) or any other statutory, governmental or regulatory body that requests Personal Information that we are obliged (by law or by regulation) to provide
c) Smart Search, who carry out online Anti-Money Laundering searches to enable us to comply with our regulatory requirements, and whose privacy policy is available at https://www.smartsearch.com/privacy-policy
d) our analytics and search engine providers that assist us in the improvement and optimisation of our website. We currently use Google Analytics, whose privacy policy is available at https://policies.google.com/privacy?hl=en
e) other third parties, based on our “legitimate interests” as a business. Examples may include cloud based accounting and payroll providers, data centres to store your information securely, or other providers who offer technology or expertise to enhance Old Mill’s service and efficiency. Details of the third parties we use are available on request.

Please note that where you enter into a contract with a third party following a recommendation by Brook Financial (e.g. cloud accounting software), the third party will become the “data controller” of any information provided to them, either by you or by us with your consent). If your engagement with Brook Financial were to end, this would not end your engagement with the third party.

How long do we keep your Personal Information?

How long do we keep your Personal Information?
Wherever practicable, we will retain your Personal Information for no longer than is necessary; however, there are circumstances in which we will keep your information for longer, including:

a) where we have a statutory or regulatory obligation to retain the information (we are required to keep certain information for specified minimum periods, and in some cases indefinitely, depending on the services we provide)
b) to ensure our business is properly run in an efficient and compliant manner.

What are your rights?

You have the following rights regarding your Personal Information:
a) to make a request to see the Personal Information we hold about you
b) to ask us to erase the Personal Information we hold about you, unless there is a statutory, regulatory or otherwise legitimate reason for us not to comply (we will always provide you with more details about your rights in our response to your request)
c) to ask us to provide you or a third party with the Personal Information we hold about you;

If you wish to exercise any of your right regarding the Personal Information we hold about you, please make a request headed “Data Protection Request” to enquiries@brook-financial.co.uk.

Special Categories or “Sensitive” Data

The Personal Information that you provide to us may include certain special categories of information that are treated in law as being particularly sensitive (e.g. information related to your health).
We may require you to provide this sensitive personal information in order to provide you with the services you require from us (e.g. we would not be able to provide you with certain payroll services in relation to sick pay without having this information).

If you do not consent to us processing your Sensitive Personal Information in accordance with this policy, you may not be able to receive the services that we are offering and we may ask you to keep such Personal Information confidential.

Changing your mind

If you change your mind about the processing of your Sensitive Personal Information, the communications and marketing that you want to receive, or how you would like us to communicate with you, then you can withdraw or amend your consent by:
Email: enquiries@brook-financial.co.uk
Phone: 01460 259852
Post: Meads Barn, Ashwell Business Park, Ilminster TA19 9DX.

Queries or concerns

If you have any questions about how we process and retain your personal information, please contact us at enquiries@brook-financial.co.uk.

If you are concerned by how we have treated your information, you have the right to lodge a complaint with the Information Commissioner’s Office, who can be contacted via their website https://ico.org.uk.

Changes to our Privacy Policy

Our policy is regularly reviewed and listed on our website.

Version 0.1 – 02.05.24/vc_column_text]