Our Privacy Statement
Here at Leigh Graham Associates, we take data security and the protection of our client’s privacy very seriously. We comply openly with data protection law and follow good practice. We do not actively collect data for marketing purposes, and the data we hold is only used to deliver the services you have requested from us, improve our services, and to meet any statutory responsibilities.
Collection of Information
We lawfully acquire information about you only once you have engaged with us to deliver a service for you, either through our website, a visit to our office or by calling us. We may also hold data about you as part of a service we are engaged in as a data processor for another party.
Type of Information
The type of data we may hold on you will vary depending on the services we have been engaged to deliver. The personal information we collect might include your name, address, phone number, email account, tax and NI references, bank accounts and other financial records as well as health information. We also store browsing data from our websites and social media outlets.
How the information is used
Leigh Graham Associates will only use your personal data for duties that you have engaged us to deliver or for a service we are undertaking on behalf of your employer. We only use the data subject to your instructions, all within GDPR guidelines, Data Protections laws and our duty of confidentiality.
We have a legitimate interest to process our client’s data, through a contract with the individual or their data controller.
Throughout the duties you have engaged us in we may have to contact you by post, email or phone. We may need to verify your identity or eligibility for credit, process financial transactions for you or analyse data to prevent crime, fraud or corruption. We will always manage your personal information in accordance with applicable legal and regulatory obligations, including data retention laws.
Who has access to your information?
We do not sell our information to other organisations for marketing purposes. All of our staff with access to data have a duty of confidentiality under the ethical standards that this company is required to adhere by.
We sometimes use third parties to deliver elements of our services, and in those instances we only disclose the minimum of information necessary for that task. Please note that we will only release personal information to third parties if you have requested that we do so, or we are required to do so by law.
Your Choices
Corrections: It is important to us that the information we hold is up to date, and as such we regularly review and correct where necessary. If any information we may need changes, please write or email us so we can update your personal data.
Access: You have the right to request a copy of the information Leigh Graham Associates hold on you, and we will supply this within one month of the received request.
Deletion: You have the right to be forgotten, and can request that we delete all the personal data that we hold on you, providing there are no overriding legislative grounds for us to retain certain information.
Portability: You have the right to request that your personal data is passed on to another party in a structured and commonly used machine readable format.
Security Precautions
Whilst we make every effort to protect your personal information, we cannot guarantee the security of any information that you transmit to us, and you do so at your own risk. We request that all data sent to us is done so with adequate password protection.
Once we receive your information, we do our utmost to protect it securely within our systems. Where we have supplied, or you have requested a password for the transmission of data, we request that you keep this secure and confidential. Please do not share your passwords with anyone, or keep them readily available.
Your data will usually be stored and processed in our UK office. Sometimes we may need to process data on servers outside of the UK and EEA, for instance on cloud accounting systems or processing through spam filtering systems. We take the security of the data very seriously and only use reputable third parties with GDPR policies in place.

Please contact us if you have any questions or concerns at max@leighgraham.co.uk
or write to
Max Ross, 10 John Street, Stratford upon Avon, Warwickshire CV37 6UB