Legal NoticesDownload this as a PDF
- Redundant comment in regard to modifications to personal data removed.
- Specification added in regard to to the role of data controller under the Data Protection Act.
1 PERSONAL DATA
- Entire Section reworked, renumbered and expanded, including asking specification of the of the nature of Personal Data under the Data Protection Act and remainder of Section renumbered, additional Personal and non-Personal Data types, and additional acquisition methods.
2 HOW WE USE PERSONAL DATA
- Sections 2.2.1 to 2.2.4 moved from elsewhere in the policy so that they now all exist in the same logical area.
3 SOFTWARE DATA
- 3.1 removed as redundant and 3.2 content edited and moved to Section 2. Remainder of Section renumbered.
4 CLOUD DATA
5 MARKETING MATERIALS
- 5.2 edited and moved to Section 2 and remainder of Section renumbered.
6 USE OF THE ASPL WEBSITE AND COOKIE USAGE
- 6.1 rewritten to correctly introduce the Section.
8 PROTECTION OF PERSONAL DATA
- 8.2 removed - this content has instead been edited and moved into the T&Cs.
- 9.2 expanded to cover instances where individual requests for copies of data may be exempted under law.
- Editorial changes for consistency throughout.
- Clearer cross-referencing notes added throughout.
- Updated office address.
1 PERSONAL DATA
1.1 "Personal data" (as defined by the Data Protection Act 1998) means data which relate to a living individual who can be identified –
(a) from those data, or
(b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller,
and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.
1.2 Personal data that can be used to identify you as an individual includes your:
- mailing address
- telephone number
- credit card number
- email address
- marketing preferences
- information collected via cookies
- log-in credentials (of customer account)
- IP address.
Examples of non-personal data include:
- business name
- website address
- non-personal information provided in communications with ASPL
- non-personal information about your computer and about your visits to and use of the TaxCalc website (see Section 6).
1.3 No sensitive personal data (as defined by the Data Protection Act 1998) is collected by ASPL.
1.4 We are obliged to record your IP address by HMRC as an online merchant, in order to determine your country of purchase under the EU MOSS Regulations.
1.5 Personal Data can also include data gathered about your systems once you have purchased a product, such as your type of operating system and its version, the size of your database, as well as your operating environment.
1.6 We collect your Personal Data through a number of sources, including:
- purchase orders
- product registrations
- enquiries and information provided in communications with ASPL
- software usage
- visits to and use of the TaxCalc website (e.g. browser type and version, operating system, referral source, length of visit, page views and website navigation paths, etc.)
- third parties who have advised that they are authorised to share your personal data with us.
2 HOW WE USE PERSONAL DATA
2.1 Certain personal data is required for us to supply products and services that you have requested, carry out an agreement with you or take any steps that you have requested. Examples of additional required uses of your personal data include:
- licensing software products via the internet - in these instances, any information collected in this process will be transmitted over a secure connection to our servers
- updating you as to the status of your order
- alerting you to important product revisions or updates to an ASPL product/service you have purchased
- ensuring that you are properly registered to receive technical support
- in the event that you submit personal data by telephone, although ASPL does not record calls, calls may be live monitored to:
- provide evidence of your order or transaction with us
- ensure that we comply with relevant regulatory procedures
- see that quality standards or targets are being met
- protect the interests of national security
- prevent or detect crime
- investigate the unauthorised use of a telecommunications system
- secure the effective operation of our telecommunications system.
2.2 In addition to the uses mentioned in 2.1, we may also use your personal data for the following additional purposes and direct marketing ("Additional Purposes") where you have given us appropriate permission to:
- advise you about new ASPL products and services, as well as special discounts on ASPL products and services
- provide business, sector and market-relevant news updates
- remind you of important industry deadlines (such as tax return submission dates)
- advise you about offers from other companies that ASPL feels may be of interest to you. (In these instances, ASPL forwards the offer to you.)
2.2.2 Occasionally, we may invite you to participate in a survey or provide additional personal data that will enable us to better understand and serve your needs. Any information request marked as optional gives you the freedom to decide whether to respond and you will also be given the option to either supply information anonymously (to be used as aggregate data only) or not. Please keep in mind that all information you choose to provide may be used to personalise and improve our customer service operations.
2.2.3 At no stage will ASPL hold for posterity any information that you enter into the TaxCalc software (such as the contents of a tax return, filing credentials, accounting information and so on).
2.2.4 You are responsible for keeping appropriate copies of your own data.
2.3 To help us improve our products and services and develop new ones, we may also create aggregate data that uses your personal data but in a manner that does not identify you as an individual. For example, we may:
- use your address to help identify the total number of users of a particular product in a geographic area
- types of tax return that you have used (not the content).
- collect your print settings to help generally determine usage.
2.4 In order to provide you with support on any technical issues that you may encounter, we may carry out the following to help diagnose and remedy the issue:
- Ask to initiate a debug log. This collects 'debugging' information from your computer and TaxCalc, including login strings and configuration data. This is used to help locate, diagnose and troubleshoot operating problems.
- Ask for you to send a health check. This gathers information about your computer itself, such as its name, OS version details, installed programs and the like. This is also used to help locate, diagnose and troubleshoot operating problems.
- Ask for you to send an anonymised tax return directly from the TaxCalc software. You also have the option to send us the tax return without anonymising the data, should you wish. This is normally used to help deal with specific tax return issues.
2.5 Any data deliberately or incidentally collated during the course of investigating a technical issue will be destroyed following the resolution of your technical issue, with the exception of pertinent technical notes kept on your file to record the resolution.
2.6 Any databases, XBRL files, tax returns or sets of accounts sent to us during the course of investigating a technical issue, and any information contained therein, will be destroyed following the resolution of your technical issue. A note will be kept on your file to record the resolution. Should you use our 'Upload a File to TaxCalc' facility in the My Account area of the website, any files uploaded (by yourself or ASPL) will remain available for a maximum of 14 (fourteen) calendar days before automatic deletion (though you may delete any uploaded files at any time manually).
2.7 ASPL may use certain third-party service providers to help us fulfil your requests and maintain our business practices. For example, we may use third party service providers to:
- process your credit card payments or ship to you a product that you ordered
- monitor and assess the usage and behaviour of visits to ASPL's website.
ASPL uses Secure Trading Limited (Secure Trading) to handle card payments, who are audited by the Payment Card Industry Security Standards Council (PCI-SSC). In the case of a Pay By Instalment Arrangement (and only when specifically arranged as such under our Terms & Conditions of Sale), ASPL only acquires an authorised token from the card payment processor for use in recurring payments – your full card details are still only held with Secure Trading.
ASPL uses Mythic Beasts Limited and OVH.co.uk to provide main and backup server provision, respectively, for our CloudConnect Service, under licence with and operated by Acorah Software Products Limited.
2.8 In the case of visitors identified by our website analytics as using business IP addresses, we may also use publicly available information on those businesses to contact them and offer further aid in reviewing and purchasing TaxCalc products. This does not apply to personal customers or consumers, only businesses and practices registered with Companies House.
2.10 You should be aware that there are very limited instances under law in which we may be required to disclose the personal data of our customers. If such an instance arises, we shall only release that personal data as required by law.
2.11 As a recognised Gold Partner with Microsoft, you should be aware that there are very limited instances under our contract where we are required to disclose if, during the course of our business, it is discovered that a customer is violating a Microsoft licence agreement or does not have sufficient Microsoft licences.
2.12 ASPL limits the processing of data by third parties wherever possible. The TaxCalc program itself runs on Windows, Mac and Linux operating systems (OS). ASPL is not responsible for additional privacy stipulations and policies of the parent companies of these OS providers when using their operating systems.
3 SOFTWARE DATA
3.1 The anti-piracy routine generates a unique key that is transmitted to our server during the activation process and is used to identify the computer upon which you run your TaxCalc software. All data contained within the key is encrypted.
3.2 Your operating system type and version will be gathered by the TaxCalc software and recorded against your client account.
3.3 All names and companies listed in the demonstration database for the TaxCalc product are fictitious. No identification with actual persons or companies is intended or should be inferred.
4 CLOUD DATA
4.1 Customers using our TaxCalc CloudConnect Service operate under the same data protection principles as described in Sections 2 and 3, with the exceptions that:
4.1.1 You remain the Data Controller for personal data uploaded to the TaxCalc CloudConnect Service and any personal data therein is still your legal responsibility. ASPL is only a Data Processor in this respect. The Data Protection Act of 1998 defines both Data Controller and Data Processor as applicable terms.
4.1.2 Further details about the processing of personal data uploaded to the TaxCalc CloudConnect Service can be found in the Cloud Service Agreement (especially Attachment 3).
5 MARKETING MATERIALS
5.1 We want you to have control over the ways in which we will initiate contact with you to provide you with information and materials for the Additional Purposes ("Marketing Materials"). We will provide you with Marketing Materials by telephone, email or physical mail only if you have previously notified us that you consent to receiving such calls or facsimiles.
6 USE OF THE ASPL WEBSITE AND COOKIE USAGE
6.2 Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device, enabling online shopping carts, remembering choices you have made and so on. You can find more information about cookies at: www.allaboutcookies.org and www.youronlinechoices.eu. For a video about cookies visit https://www.google.com/policies/technologies/cookies/.
The cookies used on this website have been categorised in accordance with the ICO UK Cookie guide. A list of all the cookies used on this website is set out below.
Category 1: Strictly Necessary Cookies
- PHPSESSID – used as an index to record session data on our server (e.g. current order number)
- PHPKBSESSID - used as an index to record session data on our server when using the Knowledge Base area of the website
- leftNavCookie – holds navigational context; specifically, controls whether the list of products in the left hand menu is open or closed.
Category 1 cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services like the shopping basket cannot be provided.
Category 2: Performance Cookies
- __utma, __utmb, __utmc, and __utmz - required by Google Analytics
Category 2 cookies collect information about how you use the website, for instance which pages you go to most often and if you get error messages from web pages. These cookies don’t collect information that identifies you and all information these cookies collect is aggregated and therefore anonymous. It is only used to improve how the website works.
Category 3: Functionality Cookies
- email – holds customer’s email address (which is used as the login/account name); expires 2 (two) years after last visit to website.
- cookieWarningSeen - if set, the cookie warning banner at the top of the page is not shown; expires 2 (two) years after last visit to website.
Category 3 cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.
Category 4: Targeting or Advertising Cookies
- Google cookies – gads, DSID, FLC, AID, TAID, and exchange_uid
- LinkedIn cookies – bizo_bzid, _bizo_cksm, _bizo_np_stats
- Facebook – Pixel
- Twitter – Universal Website Tag
When you visit our website we use these cookies to collect information about your activities that do not personally or directly identify you. This information may include the content you view, the date and time that you view this content, the products you purchase, or your location information associated with your IP address. We may use the information we collect to serve you more relevant advertisements (referred to as ‘Retargeting’) or to measure ‘Conversions’ on our site. This information can include where you saw the ads we serve you and what ads you clicked on.
If you do not accept these cookies and would like to purchase an ASPL product or service, you may complete most transactions by calling us on 0845 5190 882.
6.3 We also use Google’s third party audience data such as age, gender and interests to better understanding the behaviour of our customers. For example, you may see our ads on other websites because we contract with Google and other similar companies to target our ads based on information we or they have collected, including information that was collected through automated means (such as cookies and web beacons). These companies also use automated technologies to collect information when you click on our ads, which helps track and manage the effectiveness of our marketing efforts.
6.4 We also make use of social network cookies from LinkedIn, Twitter and Facebook. These cookies may store anonymous demographic data from the relevant social network. For example, LinkedIn data can include company size, industry, job function and seniority level but does not include any personally identifiable information.
There are also general options (unrelated to ASPL) available for opting out of various web services’ automated collection of information.
7 LINKS TO NON-ASPL WEBSITES
7.1 Our Website may provide links from our Website to third party Websites. If you click on a banner advertisement or third party link, the "click" will take you off the ASPL website. Once you leave any ASPL website, any information that you provided to us remains with us and is not forwarded to the next site to which you have linked.
7.3 Any site that is an ASPL co-branded website will clearly identify both ASPL and the third party, and any personal data or other information collected through these co-branded sites may be collected and used by both ASPL and the third party unless otherwise stated on that co-branded site.
7.4 Further details of links to other websites can be found in the Website Disclaimer.
8 PROTECTION OF PERSONAL DATA
8.1 All personal data is collected and stored in a secure manner and is used strictly in relation to this policy and your stated privacy preferences. We employ industry-recognised security safeguards to protect personal data that you have provided to us from loss, misuse and unauthorised alteration. When you transmit information to us such as a credit card or bank account number through the ASPL website, we provide you access to our server that allows encryption of that data as it travels across the Internet.
9.2 At any time you may change your preferences as to the use of your personal data or receipt of Marketing Materials. You may also as an individual request copies of the personal data held by ASPL, though some types of information may not be disclosed to individuals where exemptions under law apply (e.g. information relating to third parties in particular circumstances).
All such communications and inquiries should be sent to email@example.com or mailed to Compliance Officer, Acorah Software Products Limited, Rubra One, Mulberry Business Park, Fishponds Road, Wokingham, RG41 2GY. Please be sure to include sufficient information for us to verify your identity, locate your file (if applicable) and respond to your inquiry. You should also include your mailing address if you would like us to send you any written materials.
9.3 ASPL reserves the right to take reasonable steps to verify any requests for personal data it receives.
Copyright ©2017 Acorah Software Products Limited. All Rights Reserved.