Individuals whose personal data we obtain in connection with providing services to our clients

Collection of personal data

We aim to only collect personal data from our clients or from a third party that is required for the agreed purpose of our client engagement; you can help with this by only sharing personal data with us that is strictly needed.

Where we need to process personal data to provide our services, we ask our clients to provide the necessary information to the data subjects concerned regarding its use.  

We collect and use contact details for our clients in order to manage and maintain our relationship with those individuals.  Please see the Business contacts section of this privacy notice for more information about our processing of this type of data.

We perform a large variety of different services for our clients and therefore process many categories of personal data, this is likely to include:

  • Contact details;
  • Business activities;
  • Information about management and employees;
  • Information about directors, partners and trustees and their families
  • Payroll and other financial related details
  • Investments and other financial interests.

Generally, we collect personal data from our clients or from a third party acting on the instructions of the relevant client.  For some of our services, we may get personal information on management or employees from a third party on the instructions of our client.

Use of personal data

  • Providing professional services
    Many of our services require us to process personal data in order to provide advice and deliverables.  For example, we often need to use personal data to provide payroll, tax consultancy or pensions advice, etc.
  • Administering, managing and developing our businesses and services
    In order to run our business, we need to use personal data:
    • For managing our relationships with our clients
    • For business development to identify services that might be useful to our clients or improving our service offerings.
    • To perform benchmarking or other analysis to provide insights to our clients, any data used in this manner will be de-personalised so individuals or companies cannot be identified 
    • For hosting or facilitating the hosting of events
    • To administer and manage our website, IT systems and applications
  • Security

We are continuously detecting, investigating and resolving security threats to protect our and our clients’ information and some of these processes will include personal data, for example scanning emails to prevent phishing attacks.

  • Quality and Governance

As part of our engagement process we collect and hold personal data. During the engagement process we perform non-invasive checks with third parties to confirm that we are legally able to act for the individual(s) or business(s). This process may also involve the use of credit checking agencies. We will also contact your previous accountants to confirm that we are acting for you and to obtain relevant information from them which may contain personal data. In the unfortunate case that you choose to leave AW we will provide this information to your next accountants if required.

Whilst you remain a client of AW, we will monitor the quality of services we provide to you; this may involve processing personal data that is stored on your file.

  • Providing our clients with information about us and our range of services 
    Unless you tell us not to, we use client business contact details to provide information that we think will be of interest about us and our services.  For example, industry updates and insights, other services that may be relevant and invites to events. You can opt out of these communications by clicking on the unsubscribe link on the email or by notifying your partner or relationship manager  
  • Complying with any requirement of law, regulation or a professional body of which we are a member
    The AW group is subject to a number of legal, regulatory and professional obligations that vary across the group. In order to demonstrate our services are compliant with these standards we need to keep certain records which may include personal data. In addition we are subject to inspections from these bodies which may include personal data.

Data retention

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).   

In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is nine years.