Zeal Logo

Privacy policy  

Zeal treats privacy and confidentiality very seriously.  

Zeal (referred to as “we”, “us” or “our”) comply with all aspects of the UK’s data protection legislative framework, which includes the European General Data Protection Regulation (GDPR) and the UK’s own legislation.   

As a financial services organisation, we gather and use personal information about a number of different categories of people. This privacy policy has been developed in order to be as transparent as possible about the personal information we collect and how this data is used in the running of our business.  

   

Who does this privacy notice apply to? 

This privacy notice has been written for the benefit of the following categories of people (referred to in this notice as “you”):  

  • our clients and people that represent them or who work for them;  
  • customers of our clients, that our clients have instructed us to act for;  
  • people who make enquiries about our services;  
  • people who receive our newsletters or invitations to our seminars and events and those who attend such events;  
  • people who visit our websites or who follow us on our various social media channels;  
  • business contacts of HJR Tax and Zeal Tax Ltd;  
  • suppliers that we use; and  
  • our regulators, insurers, auditors, professional advisers and certification bodies.  

 

This privacy notice does not apply to:  

  • people who currently work for us, have worked for us or who are interested in working for us. We have written a separate privacy notice for this group.  

If you believe that we are processing your personal information, but you are not included in the above list please contact us to discuss this.  

   

Who does this privacy notice cover? 

  • the personal information that we collect and use;  
  • the lawful bases we rely on to collect and use it;  
  • why we collect and use personal information;  
  • where we get the personal information from;  
  • with whom we share personal information;  
  • how long we keep information and how we ensure it is secure; and  
  • your privacy rights.  

   

Data Controller 

Your information will be held by either Zeal Tax (Newport) Ltd,  Zeal Tax (Worcester) Ltd, Zeal Tax (R&D) Ltd or all as joint controllers.  For Data Protection queries please contact dpo@gozeal.co.uk who can provide any clarity that you may need about this privacy notice.  

   

What information do we collect? 

The personal information that we collect includes:  

  • basic information, such as: name (including name prefix or title), the company name, job title or job position.  
  • contact information, such as: postal address, email address and phone number(s).  
  • identification and background information provided by you or collected as part of our client claim qualification processes. This may include information about your business property and tax position i.e. date of purchase and tax returns  
  • we keep records of your contact with us  
  • financial information, such as payment-related information   
  • technical information collected when you visit our website or digital or in relation to materials and communications we send to you electronically, which includes information about the type of device you are using, your IP address and geographic location, your operating system and version, browser type, the content you view and the search terms you enter.  
  • information you provide to us for the purposes of attending meetings and events we host, including access and dietary requirements.  

If we collect or receive your personal information in the context of our provision of tax consultancy services, we might receive information from third parties such as your accountant or commercial estate agent.   

   

The lawful basis for processing personal information  

We use several legal bases to process personal data:  

Performance of a contract  This applies where we need to collect and use your personal information in order to takes steps to enter into a contract with you or to perform our obligations under a contract with you.  
Legal obligation  This applies where we need to collect and use your personal information to comply with applicable laws and regulatory requirements.  
Legitimate interests   We may collect and use your personal information to further our legitimate business interests. We only do this where we are satisfied that your privacy rights are protected satisfactorily. You have a right to object to any processing of your personal information based on this legal basis (see below).  
Consent   We may (but usually do not) need your consent to use your personal information. You can withdraw your consent by contacting us (see below).  
Public interest  Although we are not a public body, we do collect and use some personal information where this is necessary to perform tasks that are in the public interests.  

 

Why and how we collect and use personal information 

We collect and use personal information for the following purposes, relying on the specific lawful bases set out in the table below:  

Why  The legal basis 
To manage and administer our relationship with our clients and to provide legal and financial advice services to them   Performance of a contract
 
To manage and administer our relationship with customers of our clients and to provide legal and financial advice services to them   Legal obligation
Legitimate interests  
To undertake background checks on potential clients including checking identity and checks undertaken for anti-money laundering, anti-terrorism reasons, to avoid conflicts of interest, financial and reputational checks. We do not undertake any automated decision making, but we use credit reference and fraud prevention agencies who may do so.   Legal obligation
Legitimate interests
Public interest  
To ensure that we provide excellent standards of client service through our own audit, review and quality assurance checks or by those undertaken by our clients, regulators, auditors, professional advisers and certification bodies   Legitimate interests  
To manage and administrate our relationships with suppliers of good and services to us   Performance of a contract
Legal obligation
Legitimate interests  
To make and manage client and supplier payments, including collecting payments due to us   Performance of a contract
Legal obligation
Legitimate interests  
To look into any complaints or queries   Performance of a contract
Legitimate interests  
To otherwise carry out the day-to-day operations of our businesses efficiently including managing our financial positions, business capability, planning, communications, corporate governance and audit   Legal obligation
Legitimate interests
Public interest  
To undertake activities designed to promote and market our services including sending out newsletters, legal updates, holding events and seminars, inviting you to enjoy our hospitality and hosting you, and keeping records of your interests in these activities   Legitimate interests
Consent (where legally required)  
To undertake on-line marketing activities including using a variety of digital and social media channels   Legitimate interests
Consent (where legally required)  
To provide “added value” services to our clients   Legitimate interests  
To train and develop our staff and people who work for us   Performance of a Contact
Legal obligation
Legitimate interests  
To run our corporate social responsibility programmes   Legitimate interests  
To prevent and respond to actual or potential fraud or illegal activities   Legal obligation
Public interest  
To establish, exercise or defend our legal rights or for the purpose of legal proceedings in which we may be involved   Establish, exercise or defend legal rights  

 

Also, we may collate, process and share statistical reports based on an aggregation of anonymised personal information held by us. This is useful for a variety of business reasons.  

   

Client relationship and marketing activities 

We undertake a range of activities designed to provide added value for our clients and business contacts and to build on our already excellent relationships with you.  

 

While we want to keep you fully aware of all of the services we offer, we are keen to ensure that we are not responsible for sending you with unwanted marketing material. We therefore do our best to tailor the information and invites we send out. To do this we store information about your professional and personal interests and communication preferences. We also track your level of engagement with us including via our on-line and digital platforms.  

 

The data protection legislative framework recognises that it is in our legitimate business interests to collect and use personal information for marketing reasons. We do not need your consent to do this lawfully, but we are obliged to inform you that you have a right to object to this. The law also allows us to send marketing communications by electronic means to our existing clients and business contacts without needing consent. Again, you have the right to object to this activity if you wish.  

 

We take the view that we can keep information for marketing purposes indefinitely, and keep communicating with you from time to time, until and unless you ask us to stop. When we send you information about the services we offer or invitations to our events, we always include a simple “unsubscribe” option. If you have any difficulty using it or wish to find out more about this activity, please contact us.  

 

Sources of information 

The personal information we have comes from a range of sources.  

  • You give us your personal information directly, when you engage with us, including via telephone, our website or digital media channels  
  • We obtain additional information in the course of undertaking checks in order to comply with our statutory and regulatory obligations or where such checks are in our legitimate business interests  
  • We obtain contact details and other information from our business contacts  
  • We collect information from publicly available sources such as telephone directories, social media, the internet and news articles, and buy marketing lists of business contacts  
  • We collect personal information while monitoring our technology tools and services, including our websites, email and social media communications. For information about our use of tracking devices and cookies, please refer to our Cookies policy here.  
  • If you wish to give us personal information about another person, please speak to us to ensure that you are legally entitled to give us the information and for advice on whether you need to inform that person.  

   

Sharing of personal information and data 

A number of third parties may have access to your personal information or we may share or send it to them. This includes:  

  • Suppliers, bound by obligations of confidentiality, who provide goods, services and professional advice to us to help us run our businesses  
  • Credit reference agencies to help us undertake identity and credit checks  
  • Third parties engaged in the course of services we provide to clients such as accountants, financial experts, HMRC and other professional advisers  
  • We may also be required to share personal information with regulatory authorities, government agencies and law enforcement agencies. We will use reasonable endeavours to notify you before we do this, unless we are legally restricted from doing so.  

We do not sell, rent or otherwise make personal information commercially available to any third party.  

   

Transfers outside the European economic area (EEA) 

We do not send personal data outside the EEA as a matter of course. None of the service providers we use to help us run our businesses are based outside of the EEA.  

   

Choosing not to give personal information 

If you choose not to provide us with certain personal data, you should be aware that we may not be able to offer you certain services. For example, we cannot act for you unless we are able to check your identity and run anti-money laundering checks.  

 

Security of personal information 

We are committed to information security and take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place procedures to safeguard and secure the information you provide to us.  

   

Your rights to access your personal data 

You have a number of rights in relation to your personal data which we have.   

  • You have a right of access to the personal information we hold about you  
  • You have the right to ask us to correct any information we hold about you that you think is wrong or incomplete  
  • You have the right to object to any processing of your personal information where we are relying on a legitimate interest to do so and you think that your rights and interests outweigh our own and you wish us to stop. There may, however, be legal or other legitimate reasons why we need to keep or use your information. If this is the case, we will consider your request and explain why we cannot comply with it. You can ask us to restrict the use of your personal information while we are considering your request.  
  • You have the right to object if we process your personal data for the purposes of direct marketing. If you no longer want to receive communications from us, please contact us. We will stop sending you communications but will continue to keep a record of you and your request not to hear from us. If we deleted all of your information from our direct marketing databases, we would have no record of the fact that you have asked us not to communicate with you and it is possible that you may start receiving communications from us at some point in the future, if we obtain your details from a different source.  
  • You have the right to ask us to delete your information. This is also known as the right to be forgotten or to erasure. We will not always agree to do this in every case as there may be legal or other legitimate reasons why we need to keep or use your information. If this is the case, we will consider your request and explain why we cannot comply with it. You can ask us to restrict the use of your personal information while we are considering your request.  
  • Where our processing of your personal information is based on your consent, you have the right to withdraw it at any time. Please contact us if you want to do so.  
  • You may have a right to obtain the personal information that you have given us in a format that be easily re-used and to ask us to pass this personal information on in the same format to other organisations. Please contact us to find out if this right applies to you.
     

Complaints procedure  

To notify us of a concern please contact our Data Protection Office via email on dpo@gozeal.co.uk or by post at 22 Chepstow Road, Newport NP19 8EA  

You also have the right to complain to the Information Commissioner’s Office. Find out on their website (www.ico.org.uk) how to report a concern.  

This privacy notice was last updated April 2021. We keep this privacy notice under regular review and may change it from time to time by updating this page in order to reflect changes in the law and/or our privacy practices.   

 Please check this privacy notice for any changes on a regular basis.