Knowledgebase Support HMRC Useful links
Knowledgebase home
Tax Return Production
Accounts Production
Client Hub
Practice Management
VAT Filer
CloudConnect
Anti-Money Laundering
Support home
Hot Topics
SimpleStep Guides
Release Notes
Technical
Known Issues

HMRC Status
Useful Links
MTD for Agents MTD for Businesses What is MTD
Preparation
Agent Services Account
MTD for VAT
MTD for Income Tax
MTD for VAT
Digital Record Keeping
Quarterly Updates
Step-by-step Guide
HMRC's MTD Timeline
TaxCalc's MTD Journey

Accountancy Practices and Tax Advisors
PRACTICE MANAGEMENT
Practice Management
Client Hub
Companies House Integration


PRACTICE COMPLIANCE
AML Centre
NEW

AML Identity Checking
GDPR Centre  
COMPLIANCE SERVICES
TAXATION AND HMRC
Tax Return Production
Vat Filer

FINANCIAL REPORTING
Accounts Production

COMPANY SECRETARIAL
Company Incorporator
Companies House Forms
COMMUNICATION MANAGEMENT
eSign Centre


SERVICES
CloudConnect

TaxCalc's approach to GDPR

Article ID: 2832
Last updated: 30 May, 2018

What is GDPR

GDPR stands for General Data Protection Regulation. The GDPR effectively replaced the Data Protection Act (1998) as of 25 May 2018.

The GDPR sets out guidelines for managing personally identifiable information. It applies to data ‘controllers’ and ‘processors’ and is entirely based on ‘principles’ not ‘rules’ - aspiring to a set of broad goals and standards, rather than specific adherence to stipulated laws.

What is a Data Controller?

A data controller determines the purposes and means of processing data. It is also often the collector of the data from the data subject.

What is a Data Processor?

A data processor is responsible for processing personal data on behalf of a data controller.

Within this article we will cover the instances in which TaxCalc is:

There is another Knowledge Base article where TaxCalc is the data processor in relation to our CloudConnect Service.

GDPR Data Controller Compliance

TaxCalc is the data controller in terms of the information we hold for your account with us. This complies with the GDPR regulations as set out by the ICO (Information Commissioner's Office). We have reviewed all personal data within our systems to ensure we only collect and process relevant data and have identified the lawful basis for doing so. Please refer to our Information Security Policy and Privacy Policy for more details.

Consent management is a crucial area for TaxCalc. We have reviewed our process for consent management so that it complies with the GDPR and have implemented changes to the registration process and account management.

All of TaxCalc’ s existing policies, internal and external have and will be continuously reviewed.

Although there is not a requirement to appoint a Data Protection Officer, TaxCalc has had one for many years. Currently Ian Belcher (TaxCalc's Chief Information Officer) fulfils this role and the Compliance team are leading the ongoing changes for GDPR.

Data Processor Compliance

A lot of actions mentioned in the Data Controller section apply here as well. Data audit is one of the core areas. The same information management mapping is applied to processed data as it is to controlled data.

Further notes

For further information on GDPR regulations, please refer to the ICO website. They are the regulators and provide detailed information and guidance on the GDPR.

The GDPR does not stop on 25 May 2018. We continuously review our processes and documentation to keep up to date and remain compliant with all areas of regulation, but especially data protection. We are dedicated to ensuring your personal data is kept as safe and secure as possible at all times.

Article ID: 2832
Last updated: 30 May, 2018
Revision: 2
Views: 233
This article was: