Prosec Company Secretarial Services Ltd (Prosec) takes the protection of your privacy very seriously. This privacy notice tells you how we look after your personal data when you contact us or when you have agreed that we can stay in touch with you and tells you about your privacy rights and how the law protects you.
To enable us to discharge the services agreed in your engagement letter, comply with related legal and regulatory obligations and for other related purposes, including updating and enhancing client records and analysis for management purposes, as a data controller, we may obtain, use, process and disclose personal data about you (being the person that has instructed us), or persons involved in your business (whether they be shareholders, partners, members, officers, employees, contractors, consultants, advisers or workers (Relevant Persons) as described in this privacy notice. We confirm when processing data on your behalf that we will comply with the provisions of all relevant data protection legislation and regulation.
You are also an independent controller responsible for complying with data protection legislation and regulation in respect of the personal data you process and, accordingly, where you disclose personal data to us you confirm that such disclosure is fair and lawful and otherwise does not contravene relevant requirements. Nothing within the Prosec engagement letter relieves you as a data controller of your own direct responsibilities and liabilities under data protection legislation and regulation.
Data protection legislation and regulation places obligations on you as a data controller where we act as a data processor to undertake the processing of personal data on your behalf. We therefore confirm that we will at all times take appropriate measures to comply with relevant requirements when processing data on your behalf. In particular we confirm that we have adequate security measures in place and that we will comply with any obligations equivalent to those placed on you as a data controller.
We process your personal data on the following lawful bases:
We obtain information about you and/or Relevant Persons when you engage us to deliver our services, for example, when you contact us about our services. This can be done verbally, in writing, by email or otherwise.
The personal information we collect will vary depending on which services you engage us to deliver. The personal information we collect might include an individual’s name, address, telephone number, email address, passport details, driving licence, utility bills, Unique Tax Reference (UTR) numbers, National Insurance numbers or bank account details. Depending on the nature of the services we provide, we may also collect other personal data about you and/or Relevant Persons, which may be sensitive personal data. In the course of delivering our services, we may also generate information about you or your business using AI tools (for example, draft documents or summaries prepared with AI assistance). Such generated information is always reviewed and verified by a member of our team before it is used.
Where we need to collect personal data by law or under the terms of the engagement we have with you, and you fail to provide that data when requested, we may not be able to perform the services required under the engagement. In this case, we may have to terminate our engagement with you. We will notify you if this is the case at the time.
We will only use your personal information to deliver the services you have requested from us and to meet our legal responsibilities. We may use your information to:
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically five or six years. To ensure compliance with all such requirements it is our policy to retain all data for a period of seven years from the end of the period concerned.
As part of delivering our services, we may use artificial intelligence (AI) tools to assist us with certain administrative tasks. The AI tool we currently use is Claude AI, which is developed by a company called Anthropic PBC, based in the United States. We may use AI tools to help us with tasks such as:
When we use AI tools, some of the personal data you have provided to us may be processed by the AI tool provider. We take the following steps to protect your data:
If you would prefer that we do not use AI tools when handling your personal data, please let us know and we will use reasonable endeavours to deliver our services without AI assistance. Please note that this may affect the fees we charge for our services. For more information about how Anthropic handles data, you can visit their privacy policy at https://www.anthropic.com/privacy.
This website uses Google Analytics 4, a web analytics service provided by Google LLC (“Google”). Google Analytics uses cookies and similar technologies to help us understand how visitors use our site.
When you consent to analytics cookies, information about your use of this website (including your truncated IP address) is collected and transmitted to Google, where it may be processed on servers outside the United Kingdom. We have configured Google Analytics to use IP anonymisation so that your full IP address is not stored. Google processes this data on our behalf for the purpose of evaluating website usage, compiling statistical reports on website activity, and providing us with related services. Google will not associate your IP address with any other data held by Google.
We use Google Analytics on the basis of your consent, which we obtain through our cookie consent banner before any analytics cookies are placed on your device. You are under no obligation to consent, and the core functionality of our website is not affected if you decline.
You may withdraw your consent at any time by adjusting your cookie preferences through our cookie consent tool, accessible via the link in the footer of every page. You can also prevent data collection by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout).
For further information on how Google processes data, please see Google’s Privacy Policy (https://policies.google.com/privacy) and Google’s information on safeguarding your data (https://support.google.com/analytics/answer/6004245).
Cookies are small text files placed on your device by websites you visit. They are widely used to make websites function, improve efficiency, and provide information to site owners.
Types of cookies we use
We use the following categories of cookies on this website:
Strictly necessary cookies — These are essential for the website to function and cannot be switched off. They are usually set in response to actions you take, such as setting your privacy preferences, logging in, or completing forms. You can set your browser to block these cookies, but some parts of the site may not function as a result. These cookies do not require your consent.
Analytics cookies — These cookies allow us to count visits and understand how visitors navigate the site, so we can measure and improve performance. All information collected is aggregated and anonymous. These cookies are only placed on your device if you give your consent through our cookie consent banner. If you do not consent, these cookies will not be set and your use of the website will not be affected.
Your choices and how to manage cookies
When you first visit our website, you will be presented with a cookie consent banner that allows you to accept or reject non-essential cookies before they are set. You can change your preferences at any time by clicking the cookie settings link in the footer of any page on our site.
You may also manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. The method varies between browsers, so please refer to your browser’s help documentation for instructions. Please note that blocking all cookies may affect the functionality of this and other websites. For general information about cookies, please visit www.allaboutcookies.org.
We will not use cookies to identify you personally unless you voluntarily provide your details through a form on our website. In some cases, our analytics records may identify the organisation from which a visit originates, and we may use this information in managing our relationship with that organisation.
Consent as the lawful basis
We rely on your consent under the Privacy and Electronic Communications Regulations 2003 (PECR) and UK GDPR as the lawful basis for setting non-essential cookies. Consent is freely given, specific, informed, and obtained before any non-essential cookies are placed on your device.
We may occasionally contact you by post, email or telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us directly (contact details below).
Who has access to your information?
We will not sell, share or rent your or Relevant Persons’ information to third parties for any purpose including but not limited to marketing purposes. Any staff with access to your or Relevant Persons’ information have a duty of confidentiality.
Third Party Service Providers working on our behalf
We will not sell your or Relevant Persons’ personal information to third parties. We may share personal data with the categories of third parties set out below, where necessary for the purposes described in this privacy notice, where required by law, or where you have given your consent., for example, by a court order or for the purposes of prevention and detection of crime, fraud or corruption.
We may have to share personal data with the parties set out below for the purposes set out in section 5 above.
All third parties are required to respect the security of your personal data and to treat it in accordance with the law.
We do not use automated decision-making (including profiling) in a way that produces legal effects concerning you or similarly significantly affects you. While we may use AI tools to assist with the preparation of documents and administrative tasks (see Section 6 — Use of Artificial Intelligence Tools), all decisions relating to your affairs are made by members of our team and not by any automated system.
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary the information that we hold about you. If any of your information changes, please email, write or call us using the contact information listed below. You have the right to ask for a copy of the information Prosec holds about you.
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information or that of any Relevant Persons, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
All our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements. Personal data will usually be processed in our offices in the UK. However, to allow us to operate efficient digital processes, we sometimes need to store or process information on servers located outside the UK. This includes:
Where personal data is transferred to the United States, we ensure that appropriate safeguards are in place in accordance with UK data protection law, including reliance on the Standard Contractual Clauses. If you would like more information about the safeguards we have in place for international data transfers, please contact us using the details in Section 17.
Access to your information: You have the right to request a copy of the personal information about you that we hold.
Correcting your information: We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information: You have the right to ask us to delete personal information about you where:
Restricting how we may use your information: In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information, but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent for legal claims or where there are other public interest grounds to do so.
Objecting to how we may use your information: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
Complaining about how we use your information: You have the right to complain to us about how we have collected or used your personal information, and to complain to the Information Commissioner’s Office. Please see ‘Complaints’ below for how to do this.
Withdrawing consent to use your information: Where we use your personal information with your consent, you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given. Please contact us in any of the ways set out in section 15 below if you wish to exercise any of these rights.
If you have any questions about this privacy notice, please contact our Data Privacy Manager using the details below.
Data Privacy Manager: Max Gower
Tel: 07812 563424
Email: max@prosec-cosec.com
Postal address: 10 Roman Road, Chiswick, London W4 1NA
If you are unhappy with how we have collected or used your personal information, you have the right to complain to us directly. You can make a complaint by any reasonable means, including by post, email or telephone using the contact details for our Data Privacy Manager set out above, or by asking us for a data protection complaint form, which we can provide electronically or in hard copy. We will accept your complaint however it is made and you do not need to use any particular format.
We will acknowledge your complaint within 30 days of receiving it and will take appropriate steps to respond to it without undue delay. We will keep you informed of the progress of our investigation and of the outcome.
Where a complaint is made on your behalf by another person, we will first need to satisfy ourselves that they are authorised to act for you before we investigate the complaint.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745
Website: https://ico.org.uk/concerns
