Privacy notice for Stipendia Payroll Solutions Limited
Stipendia Payroll Solutions Limited takes the protection of your privacy very seriously. We will only use your personal information to deliver the services you have requested from us, and to meet our legal responsibilities.
Stipendia Payroll Solutions Limited may share your information with its parent company Finnies Accountants Limited to ensure compliance with its regulatory requirements and its ability to provide you with the service of payroll bureau.
How do we collect information from you?
We obtain information about you when you engage us to deliver our services and/or when you use our website, for example, when you contact us about our services.
What type of information do we collect from you?
The personal information we collect from you will vary depending on which services you engage us to deliver. The personal information we collect might include your name, address, telephone number, email address, your Unique Tax Reference (UTR) number, your National Insurance number, bank account details, your IP address, which pages you may have visited on our website and when you accessed them.
Information we hold as a Payroll Bureau
We do not need to seek consent from individual employees that the payroll is processed.
An employer will need to inform their employees that they are sharing their personal information with a third party and it is the employers responsibility to ensure that their payroll bureau or accountant is taking action to protect their employees’ payroll information under GDPR. An employee cannot withdraw their consent for their personal data to be used as part of the payroll processing. We will only keep the personal data that is strictly required for the purpose of the payroll.
As per HMRC guidance, all employers must keep PAYE records for three years from the end of the tax year they relate to. A typical PAYE record would generally include:
Electronic submission of payroll documentation
All documentation electronically transmitted will be by means of our secure portal Iris Openspace. We will no longer issue payslips or payroll documentation by email. We would recommend that you do not submit payroll details to us by either unsecure email or fax.
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
We do not employ automated decision making methods in relation to any of your personal data stored. Information will be held and used for as long as permitted for legal, regulatory, fraud prevention and legitimate business purposes.
If you have made an online enquiry it will generally be stored by us for 24 months, but no more than 36 months. This is to accommodate the normal sales-cycle of our clients, to allow us monitor interest levels in products and services.
Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
To ensure continuity and transparency in our recruitment campaigns, all applicant details will be kept for no longer than 14 months after the end of the recruitment process.
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically five or six years. To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of seven years from the end of the period concerned.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Any staff with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect and store.
These precautions include:
Whilst we undertake to maintain the highest possible levels of security practicable to protect data it should be realised that no data transmission over the Internet or information storage technology can be guaranteed to be 100% secure, and there is always some risk of unauthorised access. Stipendia Payroll Solutions Limited cannot be held liable for any breach of security. Any information submitted to us is done so at your own risk.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Measuring Visitors to the website
We measure visitors to our website using Google Analytics. This records what pages you view within our site, how you arrived at our site and some basic information about your computer. All of that information is anonymous. We don’t know who you are – just that somebody visited our site.
The information we collect from analytics helps us understand what parts of our website are doing well, how people arrive at our site, and so on. Like most websites, we use this information to make our website better.
Third Party Service Providers
In providing you with the service you request, we may occasionally use third party companies to manage collation, processing and storage of your personal information on our behalf. These companies are carefully selected and screened to ensure maximum protection of your security and privacy and are permitted to use the information only in accordance with our instructions.
These third party providers are not permitted to further transfer your personal data nor are they permitted to use your personal data for their own business purposes.
International Data Transfers
Where possible, we only process your information within the European Economic Area (EEA). However, some of the service providers referred to above may be based outside of the EEA.
We take steps to ensure that where your information is transferred outside of the EEA to our service providers and hosting providers, appropriate measures and controls are in place to protect that information in accordance with applicable data protection laws and regulations
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
We may occasionally contact you by post / email / telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us as indicated under ‘Contact information’ below.
Access to your information: You have the right to request a copy of the personal information about you that we hold.
Correcting your information: We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information: You have the right to ask us to delete personal information about you where:
Restricting how we may use your information: In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Objecting to how we may use your information: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue. You have the right at any time to require us to stop using your personal information for direct marketing purposes.
Withdrawing consent to use your information: Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Please contact us in any of the ways set out in ‘Contact information’ below if you wish to exercise any of these rights.
You may contact us if you have any questions about this policy, if you would like to see a copy of the information that we hold on you, if you would like that information to be corrected or even request for it to be deleted.
If you wish to raise a complaint on how we have handled your personal data, please contact us and we will investigate the matter.
If you are not satisfied with our response or believe our processing of your personal data is not in accordance with the law you can complain to the Information Commissioner’s Office.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.
The Data Protection Officer (DPO) is Nicholas Auton who can be contacted at:
Stipendia Payroll Solutions Limited,
4-6 Swabys Yard,
We seek to resolve directly all complaints about how we handle your personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office at:
Information Commissioner’s Office
Telephone – 0303 123 1113 (local rate) or 01625 545 745
Changes to our privacy notice
We keep this privacy notice under regular review and will place any updates on our website at: https://stipendia.org.uk/privacy-policy/. Paper copies of the privacy notice may also be obtained from the office.
This privacy notice was last updated on 22 May 2018