Significant changes to European data protection law come into force from 25th May 2018.
Fawcetts has carried out a review of these regulations and would like to take this opportunity to clarify our role under GDPR in the context or the services we provide to our clients.
Data Controllers and Processors
The GDPR defines a controller and processor as follows:-
- Controller – Article 4(7) defines a controller as ‘the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data’.
- Processor – Article 4(8) defines a processor as ‘the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller’.
Guidance from the Information Commissioners Office (ICO) states that ‘accountants and similar providers of professional services work under a range of professional obligations which oblige them to take responsibility for the personal data they process and in doing so they will always be acting as the data controller’.
Our obligations as a data controller
As independent controllers, we do not propose to amend our contractual arrangements with you at this time. However, in-line with our obligations under GDPR, we are taking steps to ensure that we:
- Process personal data fairly, transparently and on lawful grounds.
- Process personal data only for the purpose for which it was collected.
- Ensure that the personal data is adequate, relevant and limited to what is necessary.
- Implement appropriate technical, organisational and security measures.
- Practice data protection by design and default.
- Ensure personal data is adequately protected if it is transferred to destinations outside the European Economic Area.
- Only share personal data where we need to and have included this information in our Privacy Notice.
- Retain personal data only for as long as is necessary.
- Honour individuals’ rights.
Our updated Terms & Conditions as well as our Privacy Notice will be on our web site before 25th May.
If you have any questions regarding this statement or our personal data handling practices, please contact our Privacy Controller at firstname.lastname@example.org .
Request a callback
On 19 September 2016 HM Revenue & Customs (HMRC) decided to stop sending out paper copies of several important documents relating to Corporation Tax.
Despite this move taking place nearly two years ago, a quick search online indicates that many taxpayers are not aware that HMRC has changed some of its administration procedures for Corporation Tax returns.
The changes implemented by the Revenue, as part of a cost-cutting exercise, saw it stop sending out paper versions of:
- acknowledgement of receipt of a Corporation Tax return (CT620 ACK)
- letter showing the key corporation tax filing and payment dates (CT610/CT610A)
- Budget insert which shows the changes to Corporation Tax following the Budget and is usually issued with the notice to deliver a company tax return – this will be made available online instead
- authorising your agent form (64-8) which used to be issued with the “Information for new companies letter” (Form CT41G)
- filing reminder letters which used to be issued 28 days before the return due date
- notes issued with Corporation Tax return
- various other Corporation Tax forms such as the notice of amendment to a return.
Following these changes, companies and agents are now expected to check Corporation Tax via the Online View Liabilities and Payments section of HMRC’s website to see details of their return.
Link: Corporation Tax