Privacy Policy

Your personal data – what is it?  

Personal data relates to a living individual who can be identified from that data.Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”) and some other UK legislation.  

Who are we?  

McHughLindsay is the data controller. This means we decides how your personal data is processed and for what purposes.Where contracts with clients require, McHughLindsay acts as data processor and complies with the same regulations in such cases.  

What information do we collect about you?  

When you do business with us, become a client of our company we collect some or all of the following personal information from you:  

  • Your name  
  • Your postal address, email address and telephone number  
  • Any information relevant to the services may be providing to you.  

How do we process your personal data?  

McHughLindsay takes your privacy very seriously and complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate organisational and technical measures are in place to protect personal data.  

We use personal data for the following purposes:  

  • To enable us to provide you with consultancy, information or other services that you have asked us to provide.  
  • To maintain our own accounts and records.  
  • To manage our associates.  
  • To inform you, with your consent (see below), about our products and services or information that is likely be relevant to you or your organisation, such as funding opportunities or changes in good practice, regulation or the law.  

Our website and other information-gathering technologies  

When you visit our website, we use Google Analytics to collect standard internet log and visitor behaviour information, e.g.to understand the number of visitors to the site. This information is only processed in ways that do not identify anyone. We do not attempt, and do not allow Google to attempt,to find out the identity of anyone visiting our site.  

What is the legal basis for processing your personal data?  

  • Where personal data is collected in the course of fulfilling our contractual and legal obligations to you or when you have asked us to provide services to you, only necessary data is collected, and it is securely stored and access restricted only to staff who need it. This data is processed to fulfil our contractual obligations to you, to comply with other legal obligations or in our and your legitimate interests (e.g.to provide you with information and services requested by, or promised to you,to ensure continuity of services and manage repeat business effectively and/or to defend any legal claims).The other considerations set out elsewhere in this policy also apply.  

 Sharing your personal data  

We will only share your data with third parties outside McHughLindsay with your explicit consent, unless we are legally or contractually required to do so, or:  

  • for the purposes of securely storing the data, for example on cloud-based servers managed by third party providers (such as Apple, Dropbox, Google, Microsoft, MailChimp etc.) 
  • in connection with any legal proceedings or prospective legal proceedings;  
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);  
  • to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.  

The information you provide will not be transferred to countries outside the European Economic Area (EEA).  

How long do we keep your personal data?  

We keep data in accordance with the GDPR and only for as long as is necessary (for example to keep you informed about information that is likely be relevant to you or your organisation including new information available from us and other information about our products and services or to comply with the record keeping requirements of HMRC or other regulators). In general, we will retain data for 2 years after our last contact with the data subject. We may retain some data for longer periods for reasons of continuity of service delivery, to ensure availability of relevant information about repeat clients, to defend legal claims or protection or legal rights or where we are contractually or legally required to do so. For further information on our detailed retention policies please email [email protected] 

Your rights and your personal data  

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:  

  • The right to request a copy of the personal data McHughLindsay holds about you.  
  • The right to request that McHughLindsay corrects any personal data if it is found to be inaccurate or out of date.  
  • The right to request your personal data is erased where it is no longer necessary or required for McHughLindsay to retain such data. This right does not apply where we have a legal obligation to retain your data.  
  • The right to withdraw your consent to the processing at any time (if we are processing on the basis of your consent).  
  • The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability) . This right only applies where we are processing your personal data based on consent or for the performance of a contract with you and in either case we are processing the data by automated means.  
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing.  
  • The right to object to the processing of personal data. This right only applies where we are processing your personal data based on legitimate interests.  
  • The right to lodge a complaint with the Information Commissioners Office.  

Further processing  

If we wish to use your personal data for a new purpose, not covered by this Privacy Statement, then we will publish a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.  

Contact Details  

Telephone: 07968017337  

Email: [email protected] 

How to complain  

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details above.  

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.  

The ICO’s address:             

The Information Commissioner’s Office – Northern Ireland  
10th Floor  
Causeway Tower, 9 James Street South  
Belfast  
BT2 8DN  
United Kingdom  

Phone: 0303 123 1114 

Email: [email protected] 

Website: Information Commissioner’s Office (external link opens in a new window / tab) 

Scroll to Top