Your privacy is important to us
Keeping your personal information safe and secure is our top priority.
We ask that you read this privacy notice carefully. This notice should be read along with our terms and conditions.
Who we are
Way2paye Limited collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation (GDPR), the Data Protection Act 1998 and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK. We are responsible as ‘the data processor' of that personal information for the purposes of those laws.
Way2paye Limited (company number 6765155) whose registered office is 8 Main Street, Bilton, Rugby, Warwickshire, England, CV22 7NB. Our trading address is PO Box 405 Northampton NN6 8WY.
The personal information we collect and how do we use it
Information we collect
In the course of providing payroll services we collect the following kind of personal information when you provide it to us verbally or in writing (including website forms, joining forms, letters and emails.):
Information provided by you about another person
- The personal information we collect from you will vary on the services you engage us to deliver i.e. Company payroll or Nanny payroll. The personal information we collect might include your name, address, telephone number, email address, your Unique Tax Reference (UTR) number, your National Insurance number, bank account details, occupation, identification i.e. copy passport and utility bill, historic payroll information.
- If the client is a business/parent then during the provision of our services we may also collect the names, addresses, dates of birth and employment information, financial information, contact telephone and/or email address relating to: officers, managers, employees, equity owners (i.e. directors, partners).
If you are providing information about another person then you should ensure that you have authority to disclose such information (in accordance with any applicable data protection or privacy laws) and all data should be complete, accurate and up to date.
Collected from other sources
We also obtain personal information from other sources as follows:
Collected from our website
- Our communications systems (such as mobile phones, voicemail, email, messaging systems and internet facilities)
- Other professional organisations (e.g. solicitors or accountants)
- Organisations who have referred work to us (e.g. nanny agencies or accountants)
The way2paye website uses a secure connection from your browser to our server (indicated by the green padlock icon in your browser address bar) so you can be assured communication between your browser and our website is encrypted and secure.
A cookie is a small file on your hard disc used to store information for the website. Our website uses two forms of cookies:-
- these allow the website to link your actions during a browser session.
These session cookies expire after a browser session so are not be stored long term.
A session cookie is used to remember where to go back to after you have filled in certain forms on the website.
A session cookie is used to remember who you are and what parts of the website you can view if you have logged into the website to view member only information.
Session cookies are used to remember settings you have selected during each browsing session.
- these are stored on a user's device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across different websites) to be remembered.
Persistent cookies may be used for a variety of purposes including remembering users' preferences and choices when using a site. This includes setting a cookie to determine that you have agreed to allow cookies.
The way2paye website uses persistent cookies to remember you if you have chosen to register and log in to the website member areas. This enables us remember your login when you return to the website.
The information we gather
We gather the following information about users of the way2paye website in two ways; directly when you supply us with information, and indirectly as you use our website.
Personal Information - directly collected
Personal information is collected when someone registers as a member of the way2paye website. This information includes; your name, your username (an abbreviation of your name or user chosen identity), your e-mail address, information packs requested, any information you chose to disclose for your website profile, and settings you have chosen to personalise the website to your needs.
Personal information like this is ONLY used for the purpose of verifying members of the site and sending requested alerts or occasionally important notices to our customers and will not be supplied to third parties. Way2paye make every effort to keep such information secure.
Browsing Information - indirectly collected
The way2paye website does not use third party services such as google analytics or facebook to track and gather information about how you use our website. Browsing information is gathered indirectly when you access the way2paye website. This information is automatically gathered and includes minimal personal information about you. Browsing information is gathered using the server logs which store the following information; your IP address, the pages visited, the time and date of each action, what kind of browser you were using, where visitors have come from, the referring page if a link was followed, the terms used to find way2paye from a search engine, and errors generated by people using the site. This information is useful to the way2paye website administrators as it helps us to understand where the site can be improved, which areas are popular, and which areas perhaps can be removed or need changing. We do not share this information with third parties.
Use of your personal data
Your information may be used for:
Who we share your personal information with
- Verifying your identity and to establish the funding of any transaction.
- The detection of fraud.
- Communicating with you.
- Providing you with a quotation, advice, preparing documents, or completing submissions and uploads on your or your organisation's behalf.
- Keeping financial records of your transactions and the submissions and uploads we make on your or your organisation's behalf.
- Seeking advice from third parties in connection with your account.
- Responding to any complaint or allegation of negligence against us.
- Internal management and planning which includes; resource management, planning of tasks or meetings, keeping records of sources of work and new enquiries, and storage and archiving of files and documents.
We will share your personal data with third parties when we are required by law, when it is necessary to administer the relationship between us or when we have another legitimate interest in doing so.
"Third parties" includes third-party service providers. The following activities are carried out by third-party service providers: IT and cloud services, ID verification services, professional advisory services, administration services, marketing services and banking services.
All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.
If you do not provide your personal information
If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Alternatively, we may be unable to comply with our legal or regulatory obligations.
How long your personal information will be kept
Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected, or as required by law; normally for a minimum of 4 full tax years from the conclusion or closure of your work. We hold the information for this period after the file is closed just in case you, or we, need to reopen your case for the purpose of defending complaints or claims against us.
Information obtained from prospective clients is kept for up to twelve months for the purpose of providing quotations and any subsequent follow up.
Reasons we can collect and use your personal information
Prior to engaging our payroll services we rely on "Legal Obligation" as the lawful basis on which we collect and use your personal data provided in our information and joining pack to allow us to comply with anti-money laundering legislation. We collect your personal information to be able to provide you with payroll services in line with government legislations. We use this information to set up accounts for you with H M Revenue and Customs and NEST to be able to comply with The Pension Regulator. We rely on our joining forms and your authorisation to be able to carry out payroll services for you. You have agreed to our terms and conditions by completing the joining form.
Keeping your personal information secure
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We have appropriate security measures in place to prevent personal information from being accidentally lost, used, or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know use. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Transferring Personal Data outside the European Economic Area (EEA)
We do not transfer your personal data outside the European Economic Area (EEA). Should this be necessary, the same high level of security precautions will be employed to keep your personal information safe.
You have the following rights:
Access to your information
- You have the right to request a copy of the personal information about you that we hold.
Correcting your information
- We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information
- You have the right to ask us to delete personal information about you where:
Objecting to how we may use your information
- You consider that we no longer require the information for the purposes for which it was obtained.
- We are using that information with your consent and you have withdrawn your consent. See "Withdrawing consent to using your information" below.
- You have validly objected to our use of your personal information. See "Objecting to how we may use your information" below.
- Our use of your personal information is contrary to law or our other legal obligations.
- You have the right at any time to require us to stop using your personal information for direct marketing purposes. In addition, where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
Restricting how we may use your information
- In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where this is no longer a basis for using your personal information but you don't want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Withdrawing consent using your information
- Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given i.e. receipt of newsletters or marketing material.
Please contact us in any of the ways set out in the "How to contact us" section below if you wish to exercise any of these rights.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information but you also have the right to lodge a complaint with the Information Commissioner's Office, whose contact details are as follows.
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113 (local rate) or 01625 545 745
Changes to this privacy notice
This privacy notice was published on 10th May 2018.
We may change this privacy notice from time to time, when we do we will inform you via email.
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you. If you wish to contact us please:
Send an email to: firstname.lastname@example.org
Write to us at: Way2paye PO Box 405, Northampton NN6 8WY
Call us on: 01604 743 346