Standard Terms of Business

The purpose of this schedule is to set out the standard terms of business that apply to all engagements accepted.  All work carried out is subject to these terms except where changes are expressly agreed in writing.

These standard terms of business are applicable to all types of entities (e.g. companies, LLPs, charities, friendly societies, academies, pension schemes, etc.).  Any reference therefore to “director”, or “company” should be interpreted as appropriate for the entity (e.g. partner, trustee, governor, charity LLP, etc.).

The following standard terms of business apply to all engagements accepted by CBW Recovery LLP (“CBWR”).  All work carried out is subject to these terms except where changes are expressly agreed in writing.

1. Professional obligations

  • As required by the Provision of Services Regulations 2009 (SI 2009/2999), details of the firm’s professional registrations can be found on our website address www.cbwrecovery.co.uk.
  • We will observe and act in accordance with the by-laws and regulations of our professional body, the Institute of Chartered Accountants in England and Wales (“ICAEW”), together with their code of ethics.  We accept instructions to act for you on this basis.  We will not be liable for any loss, damage or cost arising from our compliance with statutory or regulatory obligations.

Professional Indemnity Insurance

In accordance with the disclosure requirements of the Provision of Services Regulations 2009 (SI 2009/2999), details of our professional indemnity insurers are provided by the following:

  • Great Lakes Insurance UK Limited, 10 Fenchurch Avenue, London, United Kingdom, EC3M 5BN
  • Zurich Insurance Company Ltd, The Zurich Centre, 3000 Parkway Whiteley, Fareham, Hampshire PO15 7JZ

This professional indemnity insurance provides worldwide coverage, excluding USA and Canada.

2. Client monies

  • We may, from time to time, hold money on your behalf.  Such money will be held in trust in a client bank account, which is segregated from the entities’ funds.  The account will be operated, and all funds dealt with, in accordance with the Clients’ Money Regulations of the ICAEW.
  • In order to avoid an excessive amount of administration, interest will only be paid to you where the amount of interest that would be earned on the balances held on your behalf in any calendar year exceeds £25.  Any such interest would be calculated using the prevailing rate applied by Arbuthnot Latham & Co., Limited for small deposits subject to the minimum period of notice for withdrawals.  Subject to any tax legislation, interest will be paid gross.
  • If the total sum of money held on your behalf is enough to give rise to a significant amount of interest or is likely to do so, then the money will be placed in a separate interest-bearing client bank account designated to you.  All interest earned on such money will be paid to you.  Subject to any tax legislation, interest will be paid gross.
  • We will return monies held on your behalf promptly as soon as there is no longer any reason to retain those funds.  In the unlikely event of us holding any unclaimed monies we reserve the right to pay such monies to a registered charity in line with the guidelines set out in the Clients’ Money Regulations referred to above.  We will not do this unless we have been unable to contact you for at least five years and we have taken reasonable steps to trace you and return the monies.

3. Fees

Our fees are computed and charged on the basis of time spent on your affairs by the principals and our staff, including sub-contractors or consultants where necessary, and on the level of skill and responsibility involved.  Disbursements represent travel, accommodation, postage, statutory advertising and other expenses incurred in dealing with your affairs.

If it is necessary to carry out work outside the responsibilities agreed with you for each service, we will advise you in advance.  Any additional work will involve additional fees.  Accordingly, we would like to point out that it is in your interests to ensure that your records etc. are completed to the agreed stage.

Invoices are payable in full (including disbursements) in accordance with the terms set out on the invoice.  If you do not accept that an invoiced fee is fair and reasonable you must notify us within 21 days of receipt, failing which you will be deemed to have accepted that payment is due.

  • We reserve the right to charge recovery costs and interest on overdue accounts at the current rate under the Late Payment of Commercial Debts (Interest) Act 1998.  We also reserve the right to terminate our engagement and cease acting if payment of any fees billed is unduly delayed.
  • If a client company, trust or other entity is unable or unwilling to settle our fees, we reserve the right to seek payment from the individual (or parent company) giving us instructions on behalf of the client, and we shall be entitled to enforce any sums due against the group company or individual nominated to act for you.
  • Insofar as we are permitted to do so by law or by professional guidelines, we reserve the right to exercise a lien over all funds, documents and records in our possession relating to all engagements for you until all outstanding fees and disbursements are paid in full.
  • In the event that we cease to act in relation to your company’s, or your personal affairs you agree to meet all reasonable costs of providing information to the company’s new advisers.  In particular you agree to meet these costs where we are required by law to provide information to a successor firm.

4. Retention of and access to records

  • You have a legal responsibility to retain document and records relevant to your financial affairs.  During the course of our work we will collect information from you and others acting on your behalf, relevant to the to the nature of the work being undertaken.  Subject to the appropriate insolvency, companies’ and data protection legislation, we will return any original documents to you.
  • Although certain documents may legally belong to you, subject to the appropriate insolvency and companies legislation, we may destroy correspondence and papers that we store electronically or otherwise that are more than 7 years old, except documents we think may be of continuing significance.  You must notify us in writing if you wish us to keep any document for a longer period.

5. Conflicts of interest and independence

  • We reserve the right during our engagement with you to deliver services to other clients whose interests might compete with yours or are or may be adverse to yours, subject to 8 below.  We confirm that we will notify you immediately should we become aware of any conflict of interest involving us and affecting you unless we are unable to do so because of our confidentiality obligations.  We have safeguards that can be implemented to protect the interests of different clients if a conflict arises.  Where conflicts are identified which cannot be managed in a way that protects your interests then we regret that we will be unable to provide further services.
  • During and after our engagement, you agree that we reserve the right to act for other clients whose interests are or may compete with or be adverse to yours, subject of course, to our obligations of confidentiality and the safeguards set out in the paragraph on confidentiality below.

6. Confidentiality

  • We confirm that where you give us confidential information, we shall at all times keep it confidential, except as required by law or as provided for in regulatory, ethical or other professional statements relevant to our engagement.
  • We may, on occasions, subcontract work on your affairs to other tax, accounting or employment rights professionals who may be located overseas.  The subcontractors will be bound by our client confidentiality terms.  You may additionally need to consider your data protection responsibilities.
  • If we use external or cloud based systems, we will ensure confidentiality of your information is maintained.
  • This clause applies in addition to our obligations as to data protection below.

7. Quality Control

  • As part of our ongoing commitment to providing a quality service, our files are periodically subject to an independent regulatory or quality review.  Our reviewers are highly experienced and professional people and are, of course, bound by the same requirements of confidentiality as our principals and staff.

8. Help us to give you the right service

  • We are committed to providing you with a high quality service that is both efficient and effective.  If at any time you would like to discuss with us how our service to you could be improved, or if you are dissatisfied with the service you are receiving, please let us know by contacting John Dickinson at john.dickinson@cbwrecovery.co.uk.
  • We undertake to look into any complaint carefully and promptly and do all we can to explain the position to you.  We will acknowledge your letter within 5 working days of its receipt and endeavour to deal with your complaint within 8 weeks.  If we do not answer your complaint to your satisfaction you may of course take up the matter with our professional body the ICAEW.  However, if your complaint relates to a Corporate Recovery & Insolvency matter, please refer your complaint to the Insolvency Service’s Insolvency Complaints Gateway. The contact details are: Email: ip.complaints@insolvency.gsi.gov.uk; Post: The Insolvency Service, IP Complaints, 3rd Floor, 1 City Walk, Leeds LS11 9DA; or Telephone: 0845 602 9878.

In order for us to provide you with a high quality service on an ongoing basis it is essential that you provide us with relevant records and information when requested, reply to correspondence in a timely manner and otherwise follow the terms of the agreement between us set out in this Standard Terms of Business and associated Engagement schedules.  We therefore reserve the right to cancel the engagement between us with immediate effect in the event of:

  • Your insolvency, bankruptcy or other arrangement being reached with creditors;
  • Failure to pay our fees by the due dates;
  • Either party being in breach of their obligations where this is not corrected within 30 days of being asked to do so.

9. Applicable Law

  • This engagement letter is governed by, and construed in accordance with English law.  The Courts will have exclusive jurisdiction in relation to any claim, dispute or difference concerning this engagement letter and any matter arising from it.  Each party irrevocably waives any right it may have to object to any action being brought in those courts, to claim that the action has been brought in an inappropriate forum, or to claim that those courts to not have jurisdiction.
  • If any provision in this Standard Terms of Business or any associated engagement schedules, or its application, are found to be invalid, illegal or otherwise unenforceable in any respect, the validity, legality or enforceability of any other provisions shall not in any way be affected or impaired.

10. Changes in the law, in practice or in public policy

  • We will not accept responsibility if you act on advice previously given by us without first confirming with us that the advice is still valid in light of any change in the law, public policy or your circumstances.
  • We will accept no liability for losses arising from changes in the law or the interpretation thereof, practice, or public policy that are first published after the date on which the advice is given.

11. Internet communication

  • Unless you instruct us otherwise we may, where appropriate, communicate with you and with third parties via email or by other electronic means. However, internet communications are capable of data corruption and therefore we do not accept any responsibility for changes made to such communications after their despatch.  It may therefore be inappropriate to rely on advice contained in an e-mail without obtaining written confirmation of it. 
  • We do not accept responsibility for any errors or problems that may arise through the use of internet communication and all risks connected with sending commercially sensitive information relating to your business are borne by you.  If you do not agree to accept this risk, you should notify us in writing that e-mail is not an acceptable means of communication.
  • We will never change our bank details without confirming this to you by posted letter.
  • Any emailed or telephoned communications appearing to be from us which are not confirmed by post are fake and we accept no liability for any loss caused to you through accepting such communications as genuine.  Similarly, always give us by hand or by post (as well as by email) details of your bank account.
  • It is the responsibility of the recipient to carry out a virus check on any attachments received.

12. Data Protection

  • To enable us to discharge the services agreed under our engagement, and for other related purposes including updating and enhancing client records, analysis for management purposes and statutory returns, crime prevention and legal and regulatory compliance, we may obtain, use, process and disclose personal data about you,  your business, company, partnership, its officers and employees and shareholders (“Personal Data”). 

Data Controller

  • We confirm that we are each considered an independent data controller in relation to Personal Data and that we will each comply with the relevant provisions of applicable data protection legislation.
  • You will also ensure that any disclosure of Personal Data to us complies with such legislation. If you supply us with any personal data or confidential information you shall ensure you have a lawful basis to pass it to us and will fully indemnify and hold us harmless if you do not have such a basis and that causes us loss.
  • If you are supplying us with Personal Data on the basis of a power of attorney for anyone, you must produce to us an original or certified power of attorney on demand.
  • You must ensure you have provided the necessary information to the relevant data subjects regarding its use.  You may refer to our privacy notice at the web address shown at www.cbwrecovery.co.uk.
  • As a separate data controller, we may receive subject access requests from data subjects where they request copies of their personal data.  We will co-operate with the request as per our own internal procedures.  Should an objection or request for data erasure happen, we will assess each request on a case by case basis to establish the validity of the request.
  • In the course of providing services to you and processing Personal Data, we may disclose Personal Data to a regulatory body or a third party or buyer of our business.  As part of our operational service, EU/EEA/UK where necessary we will ensure that where any such data transfer takes place, it is covered by an appropriate safeguard such as an adequacy decision.  Where an adequacy decision is not applicable another safeguard mechanism will be implemented, such as a standard contractual clause (SCC) to ensure that the transfer remains legal.  Where cloud-based services are to be used the relevant cloud services terms and conditions will apply. In some instances, the location of the data stored in the cloud may reside outside the EEA/UK.
  • On 28 June 2021, the European Commission approved the UK for adequacy.  This means that the continuation of data flows between the UK and the EU will remain unaffected and we can rely on this mechanism for the terms under this agreement over the next four years until its review in June 2025.
  • We confirm we have adequate security measures in place to protect Personal Data provided to us, including administrative, physical and technical safeguards.
  • We will notify you within 10 working days if an individual asks for copies of their personal data, makes a complaint about the processing of Personal Data or serves a notice from a relevant data protection authority where this relates to you. You and we will consult and cooperate with each other when responding to any such request, complaint or notice.  If an individual whose data you have supplied to us or which we are processing on your behalf asks us to remove or cease processing that data, we shall be entitled to do so where required by law.
  • We will answer your reasonable enquiries to enable you to monitor compliance with this clause.  We will also allow for, and contribute to, audits or inspections conductions by the ICO or their auditor to demonstrate compliance with this cause. If you need to contact us about any data protection issue, please contact the person in Schedule 1.

Data Processor

  • Applicable data protection legislation places express obligations on you as a data controller where we as a data processor undertake the processing of personal data on your behalf.  We therefore confirm that we will at times use our reasonable endeavours to comply with the requirements of applicable data protection legislation when processing data on your behalf.  In particular, we confirm that we will aim to comply with any obligation equivalent to those placed on you as a data controller in the EU/EEA/UK. 
  • You will also comply with applicable data protection legislation, including but not restricted to, ensuring that you have all appropriate consents and notices of another legal basis in place to enable the lawful transfer of Personal Data to us. You will fully indemnify and hold us harmless if you do not have a lawful basis and that causes us loss.
  • Schedule 1 forms part of this document and sets out the subject matter and duration of the processing, the nature and purpose of the processing, the type of Personal Data and the categories of data subjects.

As the data processor we shall;

In the course of providing services to you and processing personal data, we may disclose personal data to other firms in our network, a regulatory body or a third party. We may use a sub-processor and/or export personal data you supply to us outside the EU/EEA/UK where necessary. We will obtain consent before engaging sub-processors. We will ensure all such data disclosure/export is compliant with relevant data protection legislation and will use our reasonable endeavours to ensure that any agreement entered into with sub-processors includes similar terms to those set out in this clause 14. Where cloud-based services are to be used you may be subject to our cloud services terms and conditions.

  • We confirm we have adequate security measures in place to protect Personal Data provided to us, including administrative, physical and technical safeguards.
  • We will notify you within 10 working days if an individual asks for copies of their personal data, makes a complaint about the processing of Personal Data or serves a notice from a relevant data protection authority where this relates to you.  You and we will consult and cooperate with each other when responding to any such request, complaint or notice.  If an individual whose data you have supplied to us or which we are processing on your behalf asks us to remove or cease processing that data, we shall be entitled to do so where required by law.
  • We will answer your reasonable enquiries to enable you to monitor compliance with this clause.  We will also allow for, and contribute to, audits or inspections conductions by the ICO or their auditor to demonstrate compliance with this cause. If you need to contact us about any data protection issue, please contact the person in Schedule 1.

As the data processor we shall;

  • Process Personal Data only on written instruction from you;
  • Restrict data access to authorised personnel only, and who are bound by confidentiality;
  • Disclose Personal Data to courts, government agencies and other third parties as and to the extent required by law;
  • Maintain a written record of all categories of personal data processing carried out on your behalf, including details of transfers of personal data outside of the EU/EEA/UK and a general description of the technical and organisational security measures in place in relation to Personal Data.
  • Delete or return all Personal Data to you at the completion of our engagement requiring personal data processing, subject to legal requirements to retain data.

13. Limitation of Third-Party rights

  • Persons who are not party to this agreement shall have no rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement.  This clause does not affect any right or remedy of any person which exists or is available otherwise than pursuant to that Act.
  • The advice we give you is for your sole use and is confidential to you and will not constitute advice for any third party to whom you may communicate it, unless we have expressly agreed in writing that a specified third party may rely on our work.  We will accept no responsibility to third parties, including any group company to whom the engagement letter is not addressed, your spouse nor any family member of yours or your employer, for any aspect of our professional services or work that is made available to them.

14. Client Identification

In common with other professional services firms, we are required by the Proceeds to Crime Act 2002 and the Money Laundering Regulations 2017 to:

  • Maintain identification procedures for clients, beneficial owners of clients, and persons purporting to act on behalf of clients;
  • Maintain records of identification evidence and the work undertaken for the client; and report, in accordance with the relevant legislation and regulations.

We have a statutory obligation under the above legislation to report to the National Crime Agency  any reasonable knowledge or suspicion of money laundering.  Any such report must be made in the strictest confidence.  In fulfilment of our legal obligations, neither the firm’s principals nor may staff enter into any correspondence or discussions with you regarding such matters.

  • If we are not able to obtain satisfactory evidence of your identity and where applicable that of the beneficial owners, we will not be able to proceed with the engagement.
  • If you undertake business that requires you to be supervised by an appropriate supervisory authority to follow anti-money laundering regulations, including if you accept or make high value cash payments of €10,000 or more (or equivalent in any currency) in exchange for goods, you should inform us.
  • Any personal data received from you to comply with our obligations under the Money Laundering Regulations 2017 will be processed only for the purposes of preventing money laundering or terrorist financing. No other use will be made of this personal data unless use of the data is permitted by or under enactment other than the Money Laundering Regulations 2017, or we have obtained the consent of the data subject to the proposed use of the data.

15. General Limitation of liability

  • We will provide our services with reasonable care and skill.  Our liability to you is limited to losses, damages, costs and expenses caused by our negligence or wilful default.  However, to the fullest extent permitted by law, we will not be responsible for any losses, penalties, surcharges, interest or additional tax liabilities where you or others supply incorrect or incomplete information, or fail to supply any appropriate information or where you fail to act on our advice or respond promptly to communications from us or the tax authorities.  Further, we will not be liable to you for any delay or failure to perform our obligations if the delay or failure is caused by circumstances outside our reasonable control. Subject to clause 18.5 below, our liability to you shall be limited as set out in our engagement or other client letter.
  • You will not hold us, our principal(s)/director(s), shareholders and staff, responsible, to the fullest extent permitted by law, for any loss suffered by you arising from any misrepresentation (intentional or unintentional) supplied to us orally or in writing.  This applies equally to fraudulent acts, misrepresentation or wilful default on the part of any party to the transaction and their directors, officers, employees, agents or advisers.  However, this exclusion shall not apply where such misrepresentation, withholding or concealment is or should (in carrying out the procedures which we have agreed to perform with reasonable care and skill) have been evident to us without further enquiry.
  • You agree that you will not bring any claim in connection with services we provide to you against any of our partners, shareholders, directors or employees personally.
  • Our work is not, unless there is a legal or regulatory requirement, to be made available to third parties without our written permission and we will accept no responsibility to third parties for any aspect of our professional services or work that is made available to them.  You agree to indemnify us and our agents in respect of any claim (including any claim for negligence) arising out of any unauthorised disclosure by you or by any person for whom you are responsible of our advice and opinions, whether in writing or otherwise.  This indemnity will extend to the cost of defending any such claim.  Including payment at our usual rates for the time that we spend in defending it, and our legal fees on an indemnity basis.
  • Nothing in this agreement shall exclude or limit our liability for death or personal injury caused by negligence nor for fraudulent misrepresentation or other fraud which may not as a matter of applicable law be excluded or limited.
  • The extent of CBWR’s aggregate liability, whether to you or any other party in respect of other professional services, shall not exceed £1 million (including interest) or 10 times the fee paid, whichever is the greater.  This maximum total liability includes any claims for loss or damage, however caused, whether in respect of breaches of contract, tort (including negligence) or otherwise in respect of the professional services and shall also include all other related costs including legal fees, interest, etc.

16. Intellectual Property Rights and use of our name

  • We will retain all intellectual property rights in any document prepared by CBWR during the course of carrying out the engagement except where the law specifically states otherwise.  You may only use such rights to the extent we agreed when engaged to provide services to you and may not resell or sublicense such rights without our further prior consent.
  • You are not permitted to use our name in any statement or document that you may issue unless our prior written consent has been obtained.  The only exception to this restriction would be statements or documents that in accordance with applicable law are to be made public.

17. Draft/interim work or oral advice

  • In the course of our providing services to you we may provide advice or reports or other work products in draft or interim form, or orally.  However, final written work products will always prevail over any draft, interim or oral statements.  Where you request it, we will provide you with written confirmation of matters stated orally.

18. Interpretation

  • If any provision of our engagement letter or terms of business is held to be void for whatever reason, then that provision will be deemed not to form part of this contract, and no other provisions will be affected or impaired in any way.  In the event of any conflict between these terms of business and the engagement letter or appendices, the relevant provision in the engagement letter or schedule will take precedence.

19. Internal disputes within a client

  • If we become aware of a dispute between parties who own the business, or who are in some way involved in its ownership and management, it should be noted that our client is the business (unless we have agreed otherwise) and we would not provide information or services to one party without the express knowledge and permission of all parties.  Unless otherwise agreed by all parties, we will continue to supply information to the registered office/normal place of business for the attention of the directors/proprietors. If conflicting advice, information or instructions are received from different directors/principals in the business, we will refer the matter back to the board of directors/the partnership and take no further action until the board/partnership has agreed the action to be taken.  In certain cases we reserve the right to cease acting for the business/client entirely.

20. Terminology

  • In these terms and conditions and the associated engagement letter(s), references to “you” and “your” are to the client or clients named in the engagement letter(s).
  • References to “we”, “us” and “our” are to CBW Recovery LLP.
  • Your contract is with CBW Recovery LLP, a limited liability partnership (registered in England & Wales no OC445775).
  • Senior members of CBWR may sometimes be referred to as “partners”.  Any reference in these terms and conditions or in any communication, whether written or oral, to a “partner” in relation to CBWR, is a reference to a member of CBWR or to a consultant or employee of CBWR. 

21. Provision of client portal service via the Cloud

  • The purpose of this schedule and the Standard Terms of Business is to set out the basis on which we are to provide access to a secure client portal via the Cloud, provided by the third-party software provider GetBusy UK Limited (“Cloud Supplier”), and to clarify our respective responsibilities in respect of that service.  You agree that access will be provided to both the firm and the Cloud Supplier.
  • The name of the Cloud Supplier is “VIRTUAL CABINET” and is the trading style of GetBusy UK Ltd.  Their address: Unit G, South Cambridgeshire Business Park Sawston, Cambridgeshire CB22 3JH.Their telephone number(s): 0333 005 1997.  Their e-mail(s): support@virtualcabinet.com.
  • Location of server: The infrastructure and services are provided by Amazon Web Services (AWS) to provide the Virtual Cabinet Portal.  AWS documentation on the security of their infrastructure and services is comprehensive and can be found here https://aws.amazon.com/security.  Specific details about physical and environmental security and network architecture can be found in their white paper AWS: Overview of Security Processes.
  • You control which documents are uploaded to the portal and for removing them when they are no longer needed.
  • If you need to send/process personal data, you will provide us with appropriate contractual assurances that you have secured consents to do so.
  • You will be obliged to keep all passwords and login details secure and not to share with others.

You undertake to use the system for acceptable use, which includes:

  • Not to transmit any viruses, Trojans, keyloggers or other harmful code;
  • Not to transmit any unlawful information or content;
  • Not to allow access to the service to any third party; and
  • Not to use the software to provide services to other parties.

You are responsible for:

  • Ensuring that your network and systems meet any necessary performance requirements;
  • Maintaining your network and telecommunications links; and
  • Compliance with applicable Cloud Supplier terms, if applicable.

If one of your staff who has access to the portal leaves, you are responsible for asking the firm to remove their user id and password.

If you determine to cease using the services of the firm, you will inform the firm immediately.

  • We will provide a free voluntary client portal service to allow the secure exchange of documents between the firm and its client, as well as ongoing client access to certain documents (which may include confidential documents) created or maintained by the firm.
  • We undertake to use all reasonable endeavours to obtain from the Cloud Supplier a signed confidentiality agreement with the firm to ensure compliance with the relevant clauses in the firm’s standard terms of business concerning our fees, confidentiality, internet communication, all relevant data protection law and general limitation of liability.
  • We will keep all passwords and login details secure, and only disclose to staff that require access.
  • The firm cannot be held liable for any failures to deliver services due to transmission errors or unavailability of telecoms networks, or due to the failure or unavailability of any Cloud Supplier infrastructure.  We are also not liable for any loss of or corruption to your data or if the service is interrupted due to your breach of Cloud Supplier terms.  However, we will liaise with them to help ensure that normal service is resumed as soon as possible.
  • On receiving notification of the decision to cease using our services, we will immediately cancel all user access to your portal and discuss with you the way ahead.
  • CBWR reserves the right to modify these terms and conditions under which the portal is offered, and will provide you with due notice before implementation.

Schedule 1

1. Data processor – additional information

  • This schedule details supplementary information which, in accordance with applicable data protection legislation, must be included in a written contract if the firm is acting as a data processor.
  • The subject matter of the processing are the services to be provided.

2. Duration of the processing/retention of records

  • The duration of the processing will be the duration of your engagement with us, and we destroy hard copy client files at least 6 years after we finish advising you but reserve the right to retain files longer in appropriate cases or where the law requires.  We reserve the right to retain electronic copies of client files indefinitely.

3. Nature and purpose of the processing

  • The nature and purpose of the data processing is to comply with the relevant legislation and to perform the relevant services which you have engaged us to undertake.

4. Types of personal data to be processed

  • Personal Data: As set out in Names, Addresses, Dates of birth, Telephone numbers, email addresses, Employee/payroll numbers, Contracts of employment, National insurance numbers, Salaries, Pension membership details], bank account details, credit card numbers, tax reference numbers, passport numbers, driving licence numbers and IP addresses.
  • Special personal data: Medical records

5. Categories of data subjects

  • Categories of data subjects: Client Employees, Clients, Family members of clients, and Directors & Shareholders of clients.

6. Obligations and rights of the client (as the data controller)

  • Your obligations and rights are as set out in the Standard Terms of Business.