Privacy policy & data subject rights

Identity and contact details

Please click here to find out more about Panthera. Our postal address is 144a Broadway, Didcot, Oxfordshire OX11 8RJ.  Our telephone number is +44 (0) 1235 768 561.  You can contact us by email using enquiries@pantheraaccounting.com. We are registered at Companies House as PANTHERA LIMITED with a company number of 03759250.

Our designated supervisory authority under the General Data Protection Regulation (GDPR) is the Information Commissioner’s Office (ICO). We are based in the United Kingdom.

What data we collect

We process information on data subjects in prospective customers who are sole traders or partnerships so that we can communicate with them about our services and relevant changes in financial regulations which may affect them.  We use ‘Consent’ to process this data.

We process information on data subjects in prospective customers that are limited companies so that we can communicate with them about our services and relevant changes in financial regulations which may affect them.  We use ‘Legitimate interests’ to process this data.  We have completed the specification, gate analysis and balancing tests specified under GDPR for this data.  We do not capture special category information on this data. 

We process information on data subjects who have registered for one of our events so that we can communicate with them about any changes to the event timing which may affect them.  We use ‘Consent’ to process this data.

We process information on data subjects in customer organisations so that we can carry out our accountancy work for them.  We use ‘Contract’ to process this data.  We do not capture special category information on this data as a controller. 

We process information on data subjects in our customer organisations so that we can pass on information that we are statutorily required to on to the relevant authorities.  We use ‘Legal obligation’ to process this data. 

We process information on our employees so that we can carry out our contractual obligations to them.  We use ‘Contract’ to process this data. We do capture special category information on this data and we use condition (b) or Article 9(2) of the GDPR to process this data (processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law …). 

We process information on employees so that we can pay relevant tax to the HRMC.  We use ‘Legal obligation’ to process this data. We do not capture special category information on this data. 

We process information on our employees so that they can access our offices and carry out other activities related to work.  We use ‘Legitimate interest’ to process this data.  We have completed the specification, gate analysis and balancing tests specified under GDPR for this data.  We do not capture special category information on this data. 

We process information on data subjects within supplier organisations so that we can contact them if we need to use the supplier’s services.  We use ‘Legitimate interest’ to process this data.  We have completed the specification, gate analysis and balancing tests specified under GDPR for this data.  We do not capture special category information on this data. 

We process information on data subjects within supplier organisations when we use their services.  We use ‘Contract’ to process this data.  We have completed the specification, gate analysis and balancing tests specified under GDPR for this data.  We do not capture special category information on this data. 

Other information on what we do with data

We store and process data for which we act as Data Controller in the United Kingdom.  We use cloud systems for various aspects of our business.  All of the cloud systems hold their data in the UK.  There are instances where the cloud providers reserve the right to transfer the data outside of the EU and where this is the case, this is to countries covered as countries with adequate data protection by the EU.  

We do not provide information for which we act as Data Controller to any third parties, except to those which Panthera uses as data processors or to those which Pathera are statutorily obliged to do so.  These include:

We delete data relating to financial payments and our accountancy practice after the period for retention under statutory obligations has expired.

We delete data relating to employees after the period for retention under statutory obligations has expired.

Records will be removed from, or personal data obfuscated in, the following systems after 2 years if there has been no engagement with a contact.

All records are disposed of securely when deleted. 

How we look after data

We take reasonable technical and procedural precautions to prevent the loss, misuse or unauthorised alteration of personal data.

We store the personal data that we collect securely.

We do not publish the details of the safeguards we use to protect the personal data that we control as this could reduce the effectiveness of those safeguards.

Cookies

Cookies are text files placed on your computer to collect information about which pages you visit, and how long for.

When a user visits our website, we collect information about the visit using cookies. We track information such as the domain from which the user is visiting and the user's browser type. We also collect specific information regarding the user's session on our website. This includes items such as the date and time of the visit and the pages viewed.

When you visit our website you will be presented with a choice which will allow you to decide whether cookies are used or not. In a few cases some of our website features may not function if you choose not to allow cookies on our website.

Other websites

Our website contains links to other websites. This privacy policy only applies to this website, so when you link to other websites you should read their own privacy policies.

Your rights

Panthera recognises the rights of data subjects as defined in the General Data Protection Regulation (GDPR).

We will always seek to uphold those rights and the links provided will enable you to communicate with us to exercise those rights, where relevant.

Panthera recognises your right to lodge a complaint with a supervisory authority. You can access the ICO's website from this link.