At BDO Limited, we and our Group Companies are committed to protecting, and respecting your privacy. We aim to be transparent in everything we do.
This policy explains when and why we collect personal information about people who visit our website or request information, purchase, enquire about a product or service from one of our Group Companies.
The policy also sets out how we use personal data, the conditions under which we may disclose it to others and how we keep it secure. We may change and update this policy from time to time so please check this page to keep up to date. By using our website, you’re agreeing to be bound by this policy.
- BDO Limited is registered as a Data Controller with the Office of the Information Commissioner (www.oicjersey.org) with notification number 51301.
- BDO Greenlight Limited is registered as a Data Controller with the Office of the Information Commissioner (www.oicjersey.org) with notification number 18515.
- BDO Sator Regulatory Limited is registered as a Data Controller with the Office of the Information Commissioner (www.oicjersey.org) with notification number 19628.
- ALX Training Limited is registered as a Data Controller with the Office of the Information Commissioner (www.oicjersey.org) with notification number 18498
- C5 Alliance Group Limited is registered as a Data Controller with the Office of the Information Commissioner (www.oicjersey.org) with notification number 16961
- C5 Alliance (Guernsey) Limited is registered as a Data Controller with the Office of the Data Protection Authority in Guernsey with notification number DPA3583
- C5 IT Services (Guernsey) Limited is registered as a Data Controller with the Office of the Data Protection Authority in Guernsey with notification number DPA4141
How do we collect information from you?
We obtain information about you when you use our websites, when you contact us about products and services, if you contract with us to buy our products or services, or if you opt in to receive our marketing materials.
What type of information is collected from you?
When you use one of our websites, the personal information we collect might include your name, address, email address, IP address, and information regarding what pages are accessed and when.
For more information on how to switch off cookies on your computer, visit our full cookies policy at the foot of the page. Turning cookies off may result in a loss of functionality when using our website. If you purchase a product from us, your bank or card information is not held by us, it is collected by our third-party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
How we use your personal information
We use personal information about you in connection with the following purposes:
- To provide you with the information, products and services that you request from us
- To complete any transaction you are undertaking with us
- To carry out our obligations arising from any contracts entered into between you and us;
- To administer any promotion or competition that you enter via our website(s);
- To allow you to participate in interactive features of our service, when you choose to do so;
- In the course of processing a job application or enquiry;
- To meet a legal or statutory obligation; and
- (if you have opted in to our marketing information) to inform you about services and products we think would interest you (see below).
- To provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about;
- To provide you, or selected third parties to provide you, with information about our products or our services that may interest you;
- To measure or understand the effectiveness of advertising we serve to you, and to deliver relevant advertising to you, which may be based on your activity on our website(s) or third parties' websites such as social media; and
- To make suggestions and recommendations to you about products or services that may interest you or them, which may be based on your activity on our website(s) or third parties' websites.
- You have the right to ask us not to process your personal information for marketing purposes. You can exercise your right to prevent such processing by checking or unchecking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
Service Improvements and account management:
- To ensure that content from our site is presented in the most effective manner.
- To administer our site and for internal business administration and operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To notify you about changes to our products and services and to send you service and transactional emails relating to the products/services we are providing to you.
- As part of our efforts to keep our site safe and secure; and
- To manage and operate your account with us.
Third Party Service Providers working on our behalf:
We may pass your information to our third-party service providers, agents’ subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process products and send you mailings).
However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. For more details please contact us.
Keeping your information safe
When you give us personal information, we take steps to ensure that it’s treated securely. Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us online and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We have policies, procedures and training in place in respect of data protection, confidentiality and information security. We regularly review such measures with the objective of ensuring their continuing effectiveness.
Keeping children safe
We do not knowingly collect data relating to children under 18 years of age, except with parental consent. If we learn that we have collected the personal information of a child under the relevant minimum age without parental consent, we will take steps to delete the information as soon as possible. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us at email@example.com
We may, where legally required to do so, use your personal information to detect and reduce fraud and credit risk.
Links to other websites
We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
International Transfers of Personal Data
In the course of running our business and providing services to clients we may transfer personal data to third parties located in other countries, including countries outside the EEA. By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU or if a service provider operates in another jurisdiction. These countries may not have similar data protection laws to Jersey, Guernsey or the EU.
By submitting your personal data, you are agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Provision of Personal Data to Third Parties
We will only share personal data with third parties where we are legally permitted to do so. We do not provide information to third parties for their own marketing purposes and we do not undertake mailings for third parties.
Where we transfer personal data to third parties, we will put in place appropriate contractual arrangements and seek to ensure that there are appropriate technical and organisational measures in place to protect personal data. We may provide personal data to:
- Other BDO Member Firms – we may share personal data with other members of the BDO International Network where required for the provision of services to our clients and/or for administrative purposes.
- Third parties involved in the performance of services – we may also share personal data to third party organisations who assist us in providing services to clients or are otherwise involved in the services we provide to clients.
- Third parties who provide IT services, data processing or functionality – like many professional service providers, we use third party providers to support our business and the provision of services to our clients, such as cloud based software providers, web hosting/management providers, data analysis providers, and data back-up and security/storage providers. We may transfer personal data to such third parties.
- Auditors and advisers – we may transfer personal data to our auditors and advisers as required by law or as reasonably required in the management of our business.
- Third parties where required by applicable law and regulation – we may be requested or compelled to disclose personal data to third parties such as regulators and law enforcement agencies. We will only provide personal data to such parties where there is a legal requirement or permission to do so.
You have rights in relation to any of your personal data held by us as a data controller.
Should you wish to exercise your rights, please contact our Data Protection Officer via email at firstname.lastname@example.org. We will endeavour to respond to any request promptly and within any legally required time limit.
You also have a right to update your personal data that we hold. To do so, please either update the personal data via the web page or applications open to you, contact your usual BDO contact or otherwise contact our Data Protection Officer via email at email@example.com.
Where we process your personal data based on your consent, you have a right to withdraw consent at any time.
Should you wish to do so, please contact our Data Protection Officer via email at firstname.lastname@example.org.
Finally, in addition to the rights above, you may also have other rights in relation to personal data, including a right to access, the right to erasure/deletion, the right to data portability and the right to restrict and/or object to our processing of personal data.
Should you wish to complain about our use of your personal data, please contact our Data Protection Officer via email at email@example.com.
We will investigate all complaints received and will endeavour to respond to complaints promptly.
You may also complain about our use of personal data to the Jersey Office of the Information Commissioner or the Data Protection Authority in Guernsey.
We will only keep personal data for as long as necessary for the purposes for which it was collected, or as required by applicable law or regulation. Unless there are any overriding legal, regulatory or contractual requirements, we will retain records of services provided (which may include personal data) in accordance with our document retention policy.
Any questions regarding this policy and our privacy practices should be sent by email to firstname.lastname@example.org.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in July 2021.