Privacy Policy

For the purposes of this statement “WePower Consulting” refers to WePower Consulting Ltd.

WePower Consulting (“we”, “us”, “the firm”) takes the protection of your privacy very seriously and we are firmly committed to the protection of personal data. We define personal data as being any information which can identify a living person. As such, there are numerous different ways in which we collect and use personal data. We will only use your personal information to deliver the services that you have requested from us and to meet our legal responsibilities. Set out below in this Privacy Statement are the ways and reasons that we collect personal data and how we use it. We have also stated the lawful basis of processing, and the period for which each type of personal data is retained.

Who do we hold or process data on?
We hold and/or process personal data on any of the following:

- Personal clients
- Contacts, targets and intermediaries
- Website visitors
- Directors and consultants

How do we collect information from you?
We obtain information about you when you engage us to deliver our services and/or when you use our website, for example, when you contact us about our services.

What type of information do we collect from you?
The personal information we collect from you will vary depending on which services you engage us to deliver. The personal information we collect might include your name, address, telephone number, email address, date of birth, bank account details, your IP address, which pages you may have visited on our website and when you accessed them.

When we take on new clients we also request personal data to verify the client in accordance with the Money Laundering Regulations. We also carry out regular reviews of our client base to establish whether we need to update our verification data which may involve further personal data being requested. Personal data may be obtained direct from the client or from other publicly available sources.

Sensitive personal data
We typically do not collect sensitive or special categories of personal data about individuals. When we do need to process sensitive personal data, it is with the consent of the individual unless it is obtained indirectly for legitimate purposes. Examples of sensitive personal data we may obtain include:

- Dietary restrictions or access requirements when registering for in-person events that reveal religious beliefs or physical health.
- Personal identification documents that may reveal race or ethnic origin, and possibly biometric data of private individuals, beneficial owners of corporate entities, or applicants.
- Expense receipts submitted for individual tax or accounting advice that reveal affiliations with trade unions or political opinions.
- Adverse information about potential or existing clients and applicants that may reveal criminal convictions or offences information.
- Information provided to us by our clients in the course of a professional engagement.
- Lawful reasons for processing personal data

We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our products and services:

Contract – We may process personal data in order to perform our contractual obligations.
Consent – We may rely on your freely given consent at the time you provided your personal data to us.
Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. These include
Delivering services to our clients – To deliver the professional services our clients have engaged us to provide:
Direct marketing – To deliver timely market insights and speciality knowledge we believe is welcomed by our business clients, subscribers and individuals who have interacted with us.
Legal obligations and public interests – We may process personal data in order to meet regulatory and public interest obligations or mandates.

How is your information used?
In general terms, and depending on which services you engage us to deliver, as part of providing our agreed services we may use your information to:

- contact you by post, email or telephone
- verify your identity where this is required
- understand your needs and how they may be met
- maintain our records in accordance with applicable legal and regulatory obligations
process financial transactions
- prevent and detect crime, fraud or corruption

We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically at least seven years. To ensure compliance with all such requirements it is the policy of the firm to retain all data for a period of at least seven years from the end of the period concerned. If you have any doubts about how long we will retain your data please contact info@wepowerconsulting.com.

Processing data on for personal clients
In addition to basic contact details, the processing of data for personal clients includes data such as income, assets and investments, tax references, family information, employment and business interests.

We may need to process personal data in certain of the services that the firm provides:

Data obtained from personal clients is used to complete HMRC tax returns and general business advice to sole traders, partnerships and directors of limited companies;

We may also process personal data as part of the day to day running of the firm. For example, in managing our client relationships, organising client seminars and training events and general management of our website.

Who has access to your information?
We will not sell or rent your information to third parties and we will not share your information with third parties for marketing purposes.

Any staff with access to your information have a duty of confidentiality under the ethical standards that this firm is required to follow.

Use of third parties
There are occasions when personal data held by us may be transferred to other parties. For example, we use other providers of IT services such as website hosting, cloud based software, IT security and storage. We ensure that the IT systems used by those third parties are located in secure sites and that the companies themselves have compliant GDPR systems and procedures. Where we use third parties to process personal data on behalf of the firm we ensure that written contracts are in place which set out our respective responsibilities and liabilities.

We may also have a need to disclose personal data to other parties such as the firm’s auditors, other professional firms and our own regulatory bodies. We may also have a legal obligation to disclose personal data to government and regulatory authorities for compliance purposes.

How you can access and update your information
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email us at info@smithcooper.co.uk. We will make every effort to ensure that the data is updated as soon as possible.

You have the right to ask for a copy of the information which WePower Consulting holds about you.

Security measures in place to protect the loss, misuse or alteration of your information
We take the protection and security of personal data very seriously. We have detailed and documented policies in place covering the security of personal data and our staff are trained in the requirements of data protection legislation. Personal data will only be shared with others when we are legally entitled to do so. In such situations we ensure that contractual agreements are in place with those other parties to ensure that the personal data is protected and kept confidential.

Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Your data will usually be processed in our office in the UK. However, to allow us to operate efficient digital processes, we sometimes need to store information in servers located outside the UK, but within the European Economic Area (EEA). We take the security of your data seriously and so all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.

Your choices
We may occasionally contact you by post, email or telephone with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and, where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us at info@wepowerconsulting.com.

Where we send regular newsletters and other marketing material to clients and contacts this may fall outside the legitimate interest and lawful basis for processing data and may also fall within the scope of the Privacy and Electronic Communications Regulations. We therefore obtain your consent prior to sending any such material to you. At any time, you may choose to opt out of further mailings by contacting us at info@wepowerconsulting.com.

Your rights
Access to your information: You have the right to request a copy of the personal information about you that we hold.

Correcting your information: We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.

Deletion of your information:
Under certain circumstances, you may have a right to have any personal data held by the firm deleted. If you would like to exercise this right please contact us at info@wepowerconsulting.com. There may be statutory or other reasons why we are unable to remove the data and if this is the case, we will inform you of this.

You have the right to ask us to delete personal information about you where:

- you consider that we no longer require the information for the purposes for which it was obtained
- you have validly objected to our use of your personal information – see ‘Objecting to how we may use your information’ below
- our use of your personal information is contrary to law or our other legal obligations

Restricting how we may use your information: In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.

Objecting to how we may use your information: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.

Withdrawing consent to use your information: Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.

Please contact us in any of the ways set out in ‘Contact information’ below if you wish to exercise any of these rights.

Website visitors
If you choose to email us or to subscribe for any information on the website or for future mailings you will provide us with your name, company, email address and other contact details. Certain other personal data will also be captured via cookies (see the separate cookie policy). We will never ask for any sensitive personal data and if you provide any such data you will be deemed to have given your consent for us to use that information.

Personal data obtained from visitors to our website is used to request information, sign up to mailshots or to sign up to attend seminars

If you do not opt out of receiving other information we may use the personal data to contact you about other services offered by the firm which we think may be of interest to you.

Personal data will be retained for as long as we have a relationship with the visitor

Directors and consultants
Personal data on directors and consultants is collected in the ordinary course of running our business. Personal data obtained from consultants and directors will be retained for sufficient time to comply with employment laws and HMRC regulations.

Changes to our privacy notice
We keep this privacy notice under regular review and will place any updates on our website at www.wepowerconsulting.com

Contact information
Please contact us with any concerns or amendments to personal data at info@wepowerconsulting.co.uk

Complaints
We seek to resolve directly all complaints about how we handle your personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office at

Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone – 0303 123 1113 (local rate) or 01625 545 745
Website: https://ico.org.uk/concerns