USTAXFS Privacy Notice

1             Who we are

1.1         At USTAXFS, we take your privacy very seriously. This privacy notice explains what personal data we collect about you, how and why we collect, store, use and share your personal data, your rights in relation to your personal data and how to contact us or make a complaint. By ‘personal data’, we mean information which relates to you as an individual and tells us something about you.

1.2         This privacy notice covers the following entities:

• US Tax & Financial Services Inc. (a company registered in the US);
• US Tax & Financial Services Group Ltd (a company registered in England and Wales);
• US Tax & Financial Services Middle East GmbH (a company registered in Switzerland);
• US Tax & Financial Services Sarl (a company registered in Switzerland); and
• US Tax & Financial Services Limited (a company registered in England and Wales).

1.3         References to ‘we’, ‘us’ or ‘our’ in this privacy notice are references to the companies noted above.

2             Data protection basics

2.1         This privacy notice applies to our processing of personal data relating to:

• Individuals located in the UK, Switzerland and the EU, regardless of where the processing takes place; and
• Individuals located anywhere in the world if the processing takes place in the UK or Switzerland.

2.2         When we process the personal data of these individuals, we are regulated under data protection laws of these jurisdictions, and we are responsible as ‘controller’ of that personal data for any processing undertaken by us or our staff for the purposes of those laws.

2.3         The personal data we collect, and the use we make of it, varies depending on our relationship with you.  For that reason, this privacy notice distinguishes between our clients (section 3), our contacts (section 4), our suppliers (section 5) and job applicants (section 6). Please be sure to read the sections of the privacy notice which relate to you.

2.4         Under data protection law, we can only use your personal data if we have a permitted reason for doing so, for example:

• Where you have given consent
• For the performance of our contract with you or to take steps at your request before entering into a contract
• To comply with our legal and regulatory obligations
• For our legitimate interests or those of a third party.

A legitimate interest is when we have a business or commercial reason to use your data, so long as this is not overridden by your own rights.

We explain in sections 3, 4, 5 and 6 below our reasons for using your personal data.

3             Clients (This includes current, prospective and former clients)

3.1         Personal data we collect about you

The personal data we collect about you will generally be provided by you and may include:

• Name, date of birth, gender, contact details (telephone number, email address, postal address)
• Information about your living arrangements, marital status and dependents
• Identifying numbers (Unique Taxpayer reference, National Insurance Number, Social Security Number)
• Bank account details and billing information
• Information about your citizenship, place of birth, place of residence/domicile, immigration status
• Information about your financial position such as your income (including from interest, investment income, pensions, royalties, alimony, benefits, inheritance), expenses/outgoings, gains/losses, assets and trusts; and gifts you have made or received
• Information about tax payments, reliefs, allowances, deductions, exemptions
• Information about your occupation (including employment, self-employment and partnership) and related income, benefits, payments and expenses
• Information about rental property owned by you and sales of real property and other assets
• Information about how you use our website (from Cookies), IT, communication and other systems.

On very rare occasions, this will include information relating to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation or your health. This is known as ‘special category personal data’ and we will process it only with your explicit consent.

3.2         How and why we use your personal data

The table below explains what we use your personal data for and our reasons for doing so:

3.3         Who we share your personal data with

We routinely share your personal data with:

• Our US and Swiss affiliates where necessary to provide you with certain aspects of our services
• The IRS, HMRC and any other relevant tax authority in connection with the submission of your tax returns and related communications
• CCH Inc., which provides and hosts the CCH Axcess software application we use to prepare your US tax returns
• Initor Business Solutions Ltd (Initor), a UK company to which we, on occasion, subcontract the provision of our services. Initor will in turn subcontract this work to its affiliate, Unison Globus Aalliance Private Ltd (Unison). Both Initor and Unison are subject to contractual obligations to treat all your personal data supplied by us as confidential and to other contractual obligations required by the UK GDPR and EU GDPR to safeguard your personal data
• Campaign Monitor which distributes our newsletters and other promotional material for us.  Campaign subcontracts some of this work to other companies in the UK and the US
• Salesforce UK Limited, which provides us with database management tools for our contacts, clients and potential clients
• Our advisers and service providers including accountants, lawyers, insurers, our bank, payment service providers, marketing agencies, website hosts or cloud-based databases
• Law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations
• Potential buyers of some or all of our business or during a restructuring.  Usually, information will be anonymised, but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations
• Any third party to whom we assign or transfer our business.

3.4         Whether information has to be provided by you, and if so why

The provision of your personal data is necessary primarily to enable us to provide you with our services. We do not require you to provide us with your personal data but if you choose not to, it may have an impact on our ability to provide you with our services in part or at all.

3.5         How long we keep your personal data for

We keep your personal data for no longer than necessary for the purposes for which it was collected. Generally, this will be for seven years after you cease to be a client unless a longer period is required by law, or we need the information for longer to respond to any questions, complaints or claims made by you or on your behalf.

When it is no longer necessary to retain your personal data, we will anonymise or securely delete it.

4             Contacts

This section applies to individuals such as current, potential and former clients, legal and business advisers and other third parties who form part of our network of business contacts.

4.1         Personal data we collect about you

The personal data we collect about you, either directly or indirectly, is stored on our customer relationship management system and may include

• Your name, job title, employer organisation and contact details (telephone number, email address, postal address)
• Your business interests
• Information about our contacts and communications with you

4.2         How and why we use your personal data

We use this information to

• Manage and maintain our relationship with you including through marketing communications, meetings and events
• Develop our business including by making and receiving referrals

We do this

• For our legitimate interests or those of a third party.
• With your consent where this is required by applicable law

4.3         Who we share your personal data with

• Our US and Swiss affiliates
• Campaign Monitor which distributes our newsletters and other promotional material for us.  Campaign subcontracts some of this work to other companies in the UK and the US
• Salesforce UK Limited, which provides us with database management tools for our contacts, clients and potential clients
• Our advisers and service providers including marketing agencies, website hosts or cloud-based databases
• Law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations
• Potential buyers of some or all of our business or during a restructuring.  Usually, information will be anonymised, but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations
• Any third party to whom we assign or transfer our business.

4.4         Whether information has to be provided by you

You do not have to provide us with your personal data for the purposes referred to in this section but we will not be able to communicate with you without it.

If you do not want to receive any marketing material from us you can object and we will cease marketing communications within a reasonable time.

If you have consented to the receipt of electronic marketing material, you can withdraw your consent and we will cease electronic marketing communications within a reasonable time.

4.5         How long we keep your personal data for

Generally, we will keep your personal data for as long as we have a relationship with you or your organisation unless we need the information for longer to comply with our legal obligations or to exercise or defend our legal rights.

When it is no longer necessary to retain your personal data, we will anonymise or securely delete it.

5             Suppliers

This section applies to individuals who work for, or are themselves, our suppliers.

5.1         Personal data we collect about you

The personal data we collect about you may include

• Your name, job title, employer organisation and contact details (telephone number, email address, postal address)
• Information to enable us to check and verify your identity
• Your billing, transaction and payment information
• Information to enable us to undertake credit or other financial checks on you
• Your supplier history.

Much of this information will be provided by you or your employer.

5.2         How and why we use your personal data

We use this information to

• Communicate with you or your employer organisation
• Administer our accounts with you or your employer regarding the provision of goods and services to us.

We do this

• For the performance of our contract with you/your employer or to take steps at your/their request before entering into a contract
• For our legitimate interests or those of a third party.

5.3         Who we share your personal data with

Generally, we will not share your information with anyone except our staff and your employer organisation.

However, we will share personal data with law enforcement or other authorities if required by applicable law.

5.4         Whether information has to be provided by you, and if so why

Without your personal data we may be unable to contract with you/your employer for the supply of products or services. The provision of your financial information is necessary to facilitate payments between us.

5.5         How long we keep your personal data for

Generally, we will keep your personal data for seven years after the end of our contractual relationship with you/your employer unless we need the information for longer to respond to any questions, complaints or claims made by you or on your behalf.

When it is no longer necessary to retain your personal data, we will anonymise or securely delete it.

6             Job applicants

6.1         Personal data we collect about you

• Your name, date of birth, gender and contact information (including telephone number, email address and postal address)
• Your qualifications, employment history and other information contained in your curriculum vitae
• References
• Other personal data provided by you.

We collect most of this information from you but we may also collect it from employment agencies, previous employers, educational establishments, other referees and publicly available sources such as LinkedIn.

6.2         How and why we use your personal data

We use your personal data to assess your suitability for a job and to contact you in relation to that job. We do this

• To take steps at your request before entering into a contract
• For our legitimate interests or those of a third party.

6.3         Who we share your personal data with

We may share your information

• where appropriate with employment agencies, previous employers, educational establishments and referees
• with law enforcement or other authorities if required by applicable law.

6.4         Whether information has to be provided by you, and if so why

Without your personal data we are unable to consider your job application.

6.5         How long we keep your personal data for

We will keep your personal data for a maximum of two years from the date when you first contact us in relation to a job.

If you are accepted for a job, your personal data will be kept in accordance with our Privacy Notice for Staff.

When it is no longer necessary to retain your personal data, we will anonymise or securely delete it.

7             Transferring your personal data outside the UK or Switzerland

7.1         To deliver our services to you, it is sometimes necessary for us to share your personal data outside the UK or Switzerland.

7.2         To comply with UK and Swiss data protection laws, we will only make these transfers

• Where the UK and/or Swiss governments have decided the recipient country ensures an adequate level of protection for personal data (known as an ‘adequacy regulation’)
• Where the recipient individual or organisation has entered into a contract containing terms approved by the EU/UK/Switzerland in which they agree to protect your privacy rights (known as ‘Standard Contractual Clauses’); or
• With your explicit consent.

7.3         When we need to transfer your personal data overseas, we will do so:

• In the case of our Swiss affiliates, subject to a UK adequacy regulation
• In the case of our UK affiliates, subject to a Swiss adequacy regulation
• In the case of our US affiliate, the IRS and CCH Inc., with your explicit consent
• In the case of Unison, subject to Standard Contractual Clauses.

8             Your rights

You have the following rights, which you can exercise free of charge.

For further information on each of those rights, including the circumstances in which they apply, please contact us or see relevant guidance from the UK Information Commissioner’s Office (ICO),the Federal Data Protection and Information Commissioner in Switzerland or, if you live in the EU or EEA, your local supervisory authority.

If you would like to exercise any of those rights, please

• email us – for our contact information, see How to contact us below
• let us have enough information to identify you
• tell us know what right you want to exercise and the information to which your request relates.

9             Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We use secure cloud-based databases for storing personal data which can be accessed only by authorised employees, consultants or contractors under contract with us and subject to a duty of confidentiality.

10          How to complain

We hope that we can resolve any query or concern you may raise about our use of your information, see How to contact us below.

The UK GDPR gives you the right to lodge a complaint with the Information Commissioner who may be contacted at https://ico.org.uk/concerns or by telephone on 0303 123 1113.

The Swiss Data Protection Act gives you the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner who may be contacted by telephone on +41 (0)58 462 43 95.

If you live or work in the EU or EEA, you can also complain to your local supervisory authority.

11          Changes to this privacy notice

We may change this privacy notice from time to time so please check it periodically.

12          How to contact us

Please contact us by email if you have any questions about this privacy notice or the information we hold about you, to exercise a right under data protection law or to make a complaint.

Our contact details are shown below.

• Email: privacy@ustaxfs.com

Changes to Our Privacy Policy

This policy was updated on 19 July 2022. We may modify or amend this privacy statement from time to time at our discretion. We encourage you to periodically review this privacy statement to be informed about how we are protecting your information.