Privacy Policy

Introduction

Clearstone respects the privacy of its customers, suppliers and partners. We have therefore formulated and implemented a policy on complete transparency regarding the processing of personal data, its purpose(s) and the possibilities to exercise your legal rights in the best possible way. For employees, we have formulated a separate privacy policy, available upon employment and upon request.

If you require any additional information about the protection of personal data, please visit the following website: www.ico.org.uk.

This currently available version of this privacy policy (June 2021) is the only version that applies while visiting our website until a new version replaces the current version.

 

Definitions

  • Party responsible for processing personal data: Clearstone Business Services Ltd., The Dock Hub, Wilbury Villas, Hove, England, BN3 6AH, company registration number: 7473450.
  • Data Protection Authority: Information Commissioner UK.
  • Data Protection laws:
    *The UK GDPR 2020 and the UK Data Protection Act 2018;
    *The EU GDPR 2018;
    *The EU e-privacy directive 2002 (soon to be replaced by the EU e-privacy regulation).

 

Collection of data

Your personal data will be collected by Clearstone and its data processors.
Personal data means any information relating to an identified or identifiable natural person (‘data subject’).

An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The types of personal data we may collect:

TypeLegal BasisPurpose   
Customer Identification InformationConsentCustomer management, work planning, direct marketing, administration
Supplier or partner Identification Information
ConsentSupplier management, Work planning, administration
Customer Financial Information
ConsentCustomer management, administration
Supplier or partner Financial InformationConsentSupplier management, administration
Contracts with customers and suppliers
Legitimate interest/consentCustomer or supplier management, administration

How we collect, store or otherwise process your data:

Your data is protected by Wordvoice and its processors in pursuance to all legal requirements set by the relevant data processing laws. Wordvoice has taken technical and organisational security measures to protect your data and requires its data processors to meet the same requirements. Wordvoice has signed processing agreements with its processors to ensure an adequate level of data protection.

Description of processingTypeThird-party recipients (click on the link for security measures)International data transfer?  
Website: Collection of cookies, filling out of contact form by user.User identification informationRocket.net; Microsoft and Active CampaignNo
Email: Corresponding with customers, suppliers and partnersCustomer Identification Information, Supplier or partner Identification Information, Customer Financial Information, Supplier or partner Financial Information, Employee employment or educational history, ContractsMicrosoftNo
Using cloud-services for storing and exchanging documentsCustomer Identification Information, Employee Identification Information, Customer Financial Information, Contracts,Copies of IDDropbox
Yes, based on SCC’s
Storing contracts with customers on business devicesCustomer Identification Information, Contractsn/aNo
Providing accounting services to clientsCustomer Identification Information, Customer Financial InformationXero; Accountancy Manager; Dext; Fluidly;Xero: yes, based on EC adequacy decision and SCC’s. Accountancy Manager: No.
Dext: No.
Fluidly: No.

Storage and protection of data

Your data is protected by Clearstone and its processors in pursuance to all legal requirements set by the relevant data processing laws. Clearstone has taken technical and organisational security measures to protect your data and requires its data processors to meet the same requirements. Clearstone has signed processing agreements with its processors to ensure an adequate level of data protection.

The measures taken by Clearstone to secure your data on business devices include the following:

  • Antivirus or anti-malware
  • Updating operating systems as soon as updates become available
  • Administrator rights
  • Access controls (where not everyone has access to the data)
  • Password and multi-factor authentication requirements
  • Firewall
  • Back ups
  • VPN 

 

Your rights regarding information

Pursuant to Article 13 paragraph 2 sub b UK GDPR and corresponding articles in EU data protection laws, each data subject has the right to information on and access to, and rectification, erasure and restriction of processing of his personal data, as well as the right to object to the processing and the right to data portability.

You can exercise these rights by contacting us at the following email address: support@clearstonebusiness.co.uk. Each request must be accompanied by a copy of a valid ID, on which you put your signature and state the address where we can contact you. Ensure that you write “GDPR request” in the subject line of your email.

Within one month of the submitted request, you will receive an answer from us. We will not charge you for submitting your request unless the request is manifestly unfounded or otherwise unreasonable in its nature. Depending on the complexity and the number of the requests this period may be extended to two months.

 

Marketing

You may receive commercial offers from Clearstone. If you do not wish to receive them (anymore), please send us an email to the following address: support@clearstonebusiness.co.uk and ensure that you write “GDPR opt-out” in the subject line of your email.

Your personal data will not be used by our partners for commercial purposes.

If you encounter any personal data from other data subjects while visiting our website, you are to refrain from collection, any unauthorised use or any other act that constitutes an infringement of the privacy of the data subject(s) in question. The collector is not responsible in these circumstances.

 

Data retention

The collected data are used and retained for the duration determined by law. You may, at any time, request your data to be deleted from any Clearstone account, system or other data processing medium in accordance with the process described above.

 

Applicable law

These conditions are governed by British law. The court in the district where the controller has its place of business has the sole jurisdiction if any dispute regarding these conditions may arise, save when a legal exception applies.

 

Contact

For questions about this privacy policy, product information or information about the website itself, please contact: support@clearstonebusiness.co.uk