Legal & Privacy policy
Terms for using this site

Fiscale is the trading name of Fiscale Limited, a wholly owned subsidiary of Fiscale (Holdings) Ltd. Fiscale is a registered Trademark of Fiscale Ltd. Our Trademark must not be used without our approval.

All rights, including copyright and database rights, in the Fiscale website (www.fiscale.com) and its contents, are owned by or licensed to Fiscale, or otherwise used by Fiscale as permitted by applicable law.

Throughout this site, Fiscale is used to mean Fiscale (Holdings) Limited and all of its wholly owned subsidiaries, including, but not exclusively, Fiscale Limited, Fiscale (North West) Limited.

By using this site, you confirm that you accept these terms of use and that you agree to comply with them. Please do not use this site if you do not agree to these terms.

Our Privacy Policy can be viewed here.

©Copyright 2020 Fiscale Ltd. All rights reserved.

Using our website

We endeavour to ensure the content of this website is accurate and reliable. We may change and update the site from time to time.

Use of this website is offered free of charge without any representation or endorsement made. The website is offered without warranty of any kind .

The tax advice provided on this site is for guidance only for UK residents and companies incorporated in the UK. The content of the site may not be appropriate for other countries.

It is based on Fiscale’s current understanding of both tax law and HMRC practice. As these both change on a frequent basis, you should consult either Fiscale or another qualified professional before acting on any of the information supplied on this website.

Fiscale accepts no responsibility for any loss, financial or otherwise, resulting from the content of this website. In no event will Fiscale be liable for any damages including, without limitation, indirect or consequential damages, or any damages whatsoever arising from use or loss of use, data, or profits, whether in action of contract, negligence or other tortious action, arising out of or in connection with the use of the site.

Fiscale is not responsible or liable for the content of any external websites linked to from this site.

Contacting Fiscale

This site is operated by Fiscale, whose Registered Office is Smithfield House, 25 Rookwood Way, Haverhill, CB9 8PB; Company Number 08838304. Our Chartered Tax Advisors are Regulated by the Chartered Institute of Taxation and Fiscale voluntarily adheres to the CIOT Code of Practice in respect of Anti-Money Laundering and all operating standards.

1.0 – Our core beliefs regarding user privacy and data protection

  • User privacy and data protection are human rights
  • We have a duty of care to the people within our data
  • Data is a liability, it should only be collected and processed when absolutely necessary
  • We will never sell, rent or otherwise distribute or make public your personal information

2.0 – Relevant Legislation

Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection officer (details of whom can be found in section 11.0) for clarification.

3.0 – Personal information that this website collects and why we collect it

The Fiscale website collects and uses personal information for the following reasons:

3.1 – Site visitation tracking

Like most websites, the Fiscale website use Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our websites, to better understand how they find and use our web pages and to see how they journey through the websites’ pages.

Although GA records data such as your geographical location, device type, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this information. We consider Google to be a third party data processor (see section 6.0 below).

GA makes use of cookies, details of which can be found on Google’s developer guides. FYI our website uses the gtag.js implementation of GA.

3.2 – Email links

Should you choose to contact us using email links like this one, none of the data that you include will be stored by this website or passed to / be processed by any of the third party data processors defined in section 6.0. Instead, it will be sent to us using mail servers provided either by your own email provider (Gmail, Hotmail etc.) or by your internet service provider (BT, TalkTalk, Sky etc.).

3.3 – Contact forms

Should you choose to contact us using a contact form such as our We’ll call you / Request a callback form, the personal data you include will not be sent to us via email. Instead it will be submitted to a secure database and the most relevant individual or department within our organisation notified of the submission via email. Once our staff team have logged into the secure database and responded to your enquiry, the form submission details will be deleted from the database but they may be retained within our email systems for auditing purposes or so that that we can continue the dialogue that has been opened by you.

4.0 – How we store your personal information

Personal data submitted to our website is stored on encrypted solid state drives on UK-based servers operated by a UK-based website hosting provider (see section 5.0 for details).

As outlined in section 3.3, all personal data that is stored by this website is deleted once it has been used for the purposes for which it was collected for example once a Request a callback form submission has been responded to.

5.0 – Website, database and Mail servers

5.1 – Website and database server

The Fiscale website and database are all hosted within a Tier III data centre located in North London within the United Kingdom.

Some of the data centre’s more notable security features are as follows:

  • 3m high perimeter fence
  • Internal and external IP CCTV with complete site coverage
  • 24×7, 365 on-site security team
  • Manned vehicle entry gate to site
  • Security bollards at building perimeter
  • Full authentication & access policy control
  • Biometric entry system

All traffic (transferral of files) between the Fiscale website and your browser is encrypted and delivered over HTTPS.

5.2 – Mail server

All email from the Fiscale website (such as Request a callback form submission notification emails) is sent from the website@fiscale.com email address via SMTP mail servers provided by Sendgrid. Sendgrid aim to make the sending of email as secure as it can be and we follow all of their best practice recommendations to secure the emails that we send from our website through their systems.

We consider Sendgrid to be a third-party data processor.

6.0 – Our third-party data processors

6.1 – Google LLC

Used for website analytics as outlined in section 3.1Privacy policyEU-U.S Privacy Shield certification

6.2 – SendGrid, inc.

Used to send all email from our websites as outlined in section 5.2Privacy policyEU-U.S Privacy Shield certification

6.3 – Fellowship Productions Ltd.

The UK-based design and digital marketing agency responsible for building and maintaining the Fiscale website.

6.4 – Nimbus Hosting Ltd.

The UK-based web hosting company used to host the Fiscale website.

7.0 – Data breaches

We will report any unlawful data breach of our website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

8.0 – Privacy Notice for Fiscale

8.1 – Introduction

This document refers to personal data, which is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject)

This notice explains what personal data  we hold about you, how we collect it, and how we use and may share information about you. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you.

The General Data Protection Regulation (GDPR) seeks to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU.

Fiscale is used to mean Fiscale (Holdings) Limited and all of its wholly owned subsidiaries, including, but not exclusively, Fiscale Limited and Fiscale (North West) Limited.

8.2 – Personal Data

When entering into a commercial relationship, Fiscale collects data from you and from other sources, to process in different ways depending on the nature of our commercial relationship. Depending on our relationship, personal data may include but not limited to, contact information, Identification documents, bank account, National Insurance and PAYE reference numbers Fiscale may also collect statistics about the behavior of visitors to its website.

Fiscale’s website uses cookies, which is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Fiscale website visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using Fiscale’s website.

Fiscale will only collect the information needed so that it can provide you with professional services and will never sell or broker your data.

If you have engaged with Fiscale as a client, Franchisee or Professional Referrer, we will continue to hold personal data about you on a contractual basis. 
If you are a potential client (lead), business contact, a strategic partner or supplier we may hold personal data about you based on a Legitimate Interest assessment.  We believe that we hold this information, and communicate with you, on the basis that it is essential for you to be informed about Government Legislation that could lead to valuable claims being made for Research & Development Tax Credits, Patent Box and any other professional services.

8.3 – Disclosure

Fiscale may share your personal data with other related companies and in some cases the person or organisation who referred you. Fiscale may on occasions pass your Personal Information to third parties such as HMRC to process your claim. Fiscale do not broker or pass on information gained from your engagement without your consent. However, Fiscale may disclose your Personal Information to meet legal obligations, regulations or valid governmental request.

8.4 – Retention Policy

Fiscale will process personal data and will continue to store such personal data in accordance with our policy, which is set out below.
The personal data may, but not exclusively, include the following, not all of which will be held in every case.

Our Relationship with youPersonal Data we may, but not necessarily, holdLegal Basis for collecting informationRetention Policy
Business Contacts, LeadsContact details

Employee Salary

Telephone and meeting notes
Legitimate Interest18 months after most recent contact recorded in the CRM Hub
ClientContact Details

Bank Account Details

Identification documents

National Insurance Number, PAYE Number, Salary, Overtime and Bonus details

Details of staff and Directors, including above items

Photographic or Video website content
Contractual6 years after most recent claim is processed
Professional ReferrersContact Information

Our Agreement

Bank Account Details
Contractual18 months if arrangement not concluded or 18 months after the final claim for the final referral is processed
Strategic PartnerContact informationLegitimate Interest18 months if arrangement not concluded or 18 months after the final claim for the final referral is processed
FranchiseeContact Information

Our Agreement

Bank Account Details

Identification Documents

National Insurance Number

PAYE Number

Credit Rating

CV

Performance Details

Payment Records

Training Records

AMLL Training Details

Website content, including photographs or video
Contractual18 months if arrangement not concluded or 18 months after the final claim for the final referral is processed

8.4 – Data Storage

Data is held in the United Kingdom using multiple secure servers. Fiscale does not store personal data outside the EEA.

8.5 – Automated Data Processing

Fiscale does not use automated data processing

8.6 – Your Rights as a Data Subject

At any point whilst Fiscale is in possession of or processing your personal data, all data subjects have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete
  • Right to be Erasure – in certain circumstances you can ask for the data we hold about you to be erased from our records
  • Right to restriction of processing – where certain conditions apply you have a right to restrict the processing

Please note that exercising some rights may have contractual consequences

8.7 – Keeping your Personal Information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

8.8 – Your right to correct and access your information and to ask for it to be erased

Please contact our Data Protection Officer (DPO) at email dpo@fiscale.com if you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our Data Protection Officer for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Data Protection Officer will provide you with further information about the right to be forgotten, if you ask for it.

8.9 – Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Fiscale, you have the right to complain.

Contact the Fiscale Data Protection Officer at email DPO@fiscale.com

If you do not get a response within 30 days you can complain to the Information Commissioner Office.

9.0 – Data Protections Policy

9.1 – Definitions

Fiscale:  Fiscale (Holdings) Limited including all wholly owned subsidiaries but not exclusively restricted to Fiscale Limited and Fiscale (North West) Limited.

Workers: includes, employees, apprentices, work experience, interns, agency workers and casual employees

Third Parties: includes but is not exclusively restricted to Franchisees, Business Contacts, Clients, Professional Referrers, Strategic Partners, Client Referrers and Suppliers

Data: For the purpose of this documentData means personal data or information which relates to a living person who can be from that data (a ‘data subject’) on its own, or when taken together with other information which is likely to come into our possession. It includes any expression of opinion about the person and an indication of the intentions of us or others, in respect of that person. It does not include anonymised data.  It may include but is not exclusively restricted to contact details and date of birth, bank details and information in relation to tax status including national insurance number, identification documents including passport and driving licence and other information, an agreement with us, images (whether captured on CCTV, by photograph or video);

GDPR: The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.           

Data Controller: the entity that determines the purposes, conditions and means of the processing of personal data

Data Protection Officer (DPO): an officer of Fiscale who is responsible for ensuring that Fiscale is adhering to the policies and procedures set forth in the GDPR

Data Subject: a natural person whose personal data is processed by a controller or processor

Processing: any operation performed on personal data, whether or not by automated means, including collection, use, recording, etc.

SAR: Data subjects can make a ‘subject access request’ to find out the information we hold about them.

Subject Access Right: also known as the Right to Access, it entitles the data subject to have access to and information about the personal data that a controller has concerning them.

2018 Act: the Data Protection Act 2018.

9.2 – Overview

Fiscale takes the security and privacy of data seriously. We need to gather and use information or ‘data’ as part of our business and to manage our relationships. We intend to comply with our legal obligations under the 2018 Act and GDPR in respect of data privacy and security. We have a duty to notify a data subject of the information contained in this policy.

Fiscale has measures in place to protect the security of data in accordance with our Data Security Policy.

Fiscale will hold data in accordance with our Data Retention Policy.

Fiscale will only hold data for as long as necessary for the purposes for which we collected it.

Fiscale is a ‘data controller’ for the purposes of data held by Fiscale.

This policy explains how Fiscale will hold and process Data and explains the rights of data subjects. It is intended that this policy is fully compliant with the 2018 Act and the GDPR. If any conflict arises between those laws and this policy, Fiscale intends to comply with the 2018 Act and the GDPR.

9.3 – Data Protection Principles

Data must be processed in accordance with six ‘Data Protection Principles.’ It must:

  • Be processed fairly, lawfully and transparently
  • Be collected and processed only for specified, explicit and legitimate purposes
  • Be adequate, relevant and limited to what is necessary for the purposes for which it is processed
  • Be accurate and kept up to Date. Any inaccurate data must be deleted or rectified without delay
  • Not be kept for longer than is necessary for the purposes for which it is processed
  • Be processed securely

We are accountable for these principles and must be able to show that we are compliant.
This policy applies to all Data whether it is stored electronically, on paper or on other materials.

Data might be provided to us by data subjects, or someone else (such as a Business Contact).

‘Processing’ means any operation which is performed on data such as:

  • Collection, recording, organization structuring or storage
  • Adaption or alteration
  • Retrieval, consultation or use
  • Disclosure by transmission, dissemination or otherwise making available
  • Alignment or combination
  • Restriction, destruction or erasure

This includes processing Data which forms part of an electronic filing system and any automated processing.

9.4 – How we will process your data

We will use your Data for:

  • Complying with any legal obligation; or
  • It is necessary for our legitimate interests.

However, we can only do this if your interests and rights do not override ours. You have the right to challenge our legitimate interests and request that we stop this processing. See details of your data subject rights below.

We can process Data for these purposes without the knowledge or consent of the data subject.

We will not use Data for an unlawful purpose.
If you choose not to provide us with certain Data you should be aware that we may not be able to carry out certain parts of the contract between us. For example, if you do not provide us with your bank account details we may not be able to pay you or in the case of a client, to pass on refunds from HMRC paid to the Fiscale Client Account as a consequence of our making a R&D Tax Credit claim on your behalf.

Examples, but not necessarily an exhaustive list, of when we might process your Data

We have to process your Data in various situations.

  • To carry out the contract between us including where relevant, its termination
  • Monitoring our compliance and that of others with our policies and our contractual obligations
  • Running our business and planning for the future
  • The prevention and detection of fraud or other criminal offences, including anti-money laundering legislation
  • To defend fiscale in respect of any investigation or litigation and to comply with any court or tribunal orders for disclosure
  • For any other reason which we may notify you of from time to time
  • Complying with our legal obligations of whatsoever nature

9.5 – Data Protection Impact Assessment

This may be carried out by Fiscale for all and any new projects and/or new uses of data.

9.6 – Sharing your Data

Whatever the nature of your relationship with Fiscale we may share your Data with workers, group companies, Franchisees ,our sub-contractors or relevant third parties to carry out our contractual obligations, or for our legitimate interests.

We require those recipients to keep your Data confidential and secure and to protect it in accordance with the law and our policies. They are only permitted to process your data for the lawful purpose for which it has been shared and in accordance with our instructions.

  • We will not share Data informally
  • We will keep Data secure and not share it with unauthorised people
  • We will regularly review and update Data which we have to deal with for our work
  • We will not make unnecessary copies of Data and will keep and dispose of any copies securely
  • We will use strong passwords as required by our Data Security policy and Mobile Device Policy
  • We take necessary precautions to protect data by securing access to systems whilst not in use, as required by our Data Security policy and Mobile Device Policy
  • We have the capability to anonymise data on our Customer Database so that the data subjects cannot be identified.  We will use this where we want to keep Company information, but not the associated data
  • We do not store Data on personal computers or other mobile devices for longer than is necessary to process the information

Data is never transferred outside the European Economic Area, except in compliance with the law and under authorisation of the Data Protection Officer and consent of the data processor.

Printed data is shredded and disposed of securely when finished with, in compliance with our Data Security Policy Our workers will ask for help from our Data Protection Officer if they are unsure about data protection or if they notice any areas of data protection or security we can improve upon.

9.7 – Data Retention

We will only keep data for as long as is required to fulfil our legal obligations.  We will not keep data longer than necessary and will keep this under review.

9.8 – How to deal with Data Breaches

Fiscale has robust measures in place to minimise and prevent data breaches from taking place. Should a breach of Data occur (whether in respect of you or someone else) then we will take notes and keep evidence of that breach. If the breach is likely to result in a risk to the rights and freedoms of individuals, then we will also notify the Information Commissioner’s Office within 72 hours. If relevant, Data Subjects will be advised of any high-risk breach.

If you are aware of a data breach you should contact our Data Protection Officer immediately and keep any evidence you have in relation to the breach.

9.9 – Subject Access Requests

Data Subjects can make a ‘Subject Access Request’ (‘SAR’) to obtain a copy of the information we hold about them. This request must be made in writing.

If you would like to make a SAR in relation to your own Data, you should make this in writing to our Data Protection Officer. We will respond within one month unless the request is complex or numerous, in which case the period in which we will respond could be extended by a further two months.

There is no fee for making a SAR. However, if a request is manifestly unfounded or excessive we may charge a reasonable administrative fee or refuse to respond to the request.

9.10 – Your Data Subject Rights

You have the right to information about the Data we hold and process and on what basis it is held.

A Data Subject has the right to access any Data by way of a Subject Access Request (see above).

Inaccuracies in data can be corrected by contacting the Data Protection Officer.

A Data Subjects has the right to request that we erase Data where we were not entitled under the law to process it or it is no longer necessary to process it for the purpose it was collected by contacting the Data Protection Officer.

A Data Subject has the right to object to data processing where we are relying on a legitimate interest, direct marketing to do so and the data subject believes that his/her rights and interests outweigh our own and you wish us to stop. 
Where professionally required and legally possible, Fiscale will port your data to another Data Controller without fees.
In most situations we will not rely on your consent as a lawful ground to process your data. If we do however request your consent to the processing of your Data for a specific purpose, you have the right not to consent, or to withdraw your consent later, subject to contract.

You have the right to complain to the Information Commissioner. You can do this by contacting the Information Commissioner’s Office directly. Full contact details including a helpline number can be found on the Information Commissioner’s Office website (www.ico.org.uk). This website has further information on your rights and our obligations.

9.11 – Implementation of Policy

Fiscale’s Data Protection Officeris responsible for reviewing this policy and updating the Board of Directors on Fiscale’s data protection responsibilities and any risks in relation to the processing of data. You should direct any questions in relation to this policy to

Fiscale’s Data Protection at DPO@fiscale.com

10.0 – Data controller

The data controller for the Fiscale websites is: Fiscale Limited, a UK Private limited Company with company number: 08838304

Whose registered office is:

Smithfield House,
25 Rookwood Way,
Haverhill,
England,
CB9 8PB

11.0 – Data Protection Officer

For more information about our data protection policies or to report a concern regarding our use of personal data, please contact:

Jon Mayhew
Chairman
01440 708333

12.0 – Changes to this policy

This privacy policy may change from time to time inline with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

12.1 – Change log

08/03/2020

  • This privacy policy instigated

14/04/2020

  • This Privacy Policy was updated to incorporate our wider commitments and obligations to privacy. This includes:
    • 8.0 – Privacy Notice to Fiscale (applicable to engaged clients and business partners)
    • 9.0 – Data Protections Policy (applicable to engaged clients and business partners)
    • Updated contact details for Fiscale’s Data Protection Officer (DPO)