Maak Accountancy Privacy Policy

At Maak Accountancy, we do what is necessary to protect your privacy. This statement outlines how we collect, store, and use your personal information. In compliance with the General Data Protection Regulation (GDPR), we use personal data primarily to process and dispatch ordered services.

Maak Accountancy is operated by a small team, and as such, data processing is typically carried out by one individual. Matters concerning data protection are also handled personally rather than through automated systems. We share the roles of data protection officer and data controller.

Maak Accountancy is committed to respecting your personal data and keeping it secure. We strive to be transparent about how we collect and use data, and we ensure that nothing is done with your information that you wouldn’t reasonably expect.

Please note that the terms of this statement may be updated from time to time. If you have any questions or concerns about this privacy policy, please contact Maak Accountancy directly.

This policy includes:

  • How we collect information about you
  • What personal data we collect and how we use it
  • How we keep your data safe and who has access to it
  • How you may see the information we hold about you
  • Changes to this policy

1. Data Supplied by Clients

‘Client’ refers to:

  • A person or organisation that has ordered our services
  • An enquirer, i.e. a person or organisation that has requested information about our services

Clients are ‘data controllers’ under the GDPR and prior related legislation. Information is provided to us under the terms of the client’s own privacy policies. Our standard terms and conditions require clients to confirm their compliance with applicable data protection laws.

We retain only factual, publicly available personal data such as:

  • Name
  • Age
  • Address
  • Email address
  • Telephone number

We also retain contact details of individuals necessary for service delivery, including suppliers, contractors, and supporters.

We do not share your data with any other individual or organisation.

2. Data Generated or Collected by Us

We collect data for our own administration and communication purposes. This may include:

  • Contact details of people from past and current client organisations (name, position, contact information)
  • Information from suppliers, contractors, advisors, and supporters (e.g., IT providers, accountants, design firms)

We do not send unsolicited publicity and do not retain data for speculative marketing purposes.

3. How We Keep Your Data Safe and Who Has Access

All data are used solely by the partners of Maak Accountancy and their approved associates.

We have robust technical and administrative safeguards in place. Our computers are equipped with high-quality antivirus, anti-malware, and firewall protection, based on expert recommendations. Data are backed up securely on dedicated, offline devices.

Data is stored:

  • Electronically in password-protected files and/or
  • On paper in locked cabinets at our business premises

We do not store personal data on USB memory sticks.

We transmit client data electronically using secure, password-protected methods and never share or sell personal details for marketing purposes.

4. Retention of Data

Data used for our own administrative purposes are reviewed annually and deleted when no longer needed. However, because clients often return for future services, we may retain their contact details indefinitely. Personal details are periodically updated before reuse.

5. Your Rights Under GDPR

Anyone may contact Maak Accountancy to:

  • Request a copy of personal data we hold
  • Ask us to delete or correct personal data
  • Object to data processing
  • Exercise the right to data portability
  • Lodge complaints with supervisory authorities

These rights are outlined in our Standard Terms & Conditions and published on our website.

If you believe we’ve misused your data or failed to protect it, contact us immediately. We will respond as promptly as possible with an explanation and any corrective action.

If you are unsatisfied with our response, you may contact the Information Commissioner’s Office (ICO) at 0303 123 1113.

6. Data Breach

In the event of a data breach:

  • We will notify the ICO
  • We will isolate and secure compromised devices and remove internet access
  • Paper records will be relocated to alternative locked storage
  • If the breach involves client-supplied data, we will notify the client (as data controller)
  • If the breach involves data collected by us, we will notify affected individuals

7. Changes to This Policy

This privacy policy may be updated periodically. Significant changes in how we handle your personal data will be clearly communicated via our website or directly to affected clients.