This page is a supplement to the Privacy Policy, focused on GDPR and data protection specifics.
TAX CHECK PRO LTD
Email: [email protected]
We are the data controller for the personal data processed under our Service.
While we do not currently have a formal Data Protection Officer (DPO), for data protection queries you may contact us at [email protected].
As noted in the Privacy Policy, we rely on lawful bases such as performance of contract, legitimate interests, and legal obligations.
We carry out legitimate interests assessments (LIAs) when relying on legitimate interest, balancing our interests against your rights. Users may contact us for a summary of such assessments where relevant.
Where processing is based on your consent (e.g. marketing communications), you have the right to withdraw consent anytime. Withdrawal of consent does not affect processing done before withdrawal.
Some of our internal systems may use automated or semi-automated processes to analyse your documents and compute eligibility for tax claims.
We do not make fully automated decisions that have legal or similarly significant effects on you without human oversight.
You may request meaningful information about the logic used and challenge such decisions.
Where we judge a processing activity involves high risk to rights and freedoms, we will conduct a DPIA and, where required, consult relevant supervisory authority.
We maintain records of processing (Record of Processing Activities, or RoPA).
We ensure "data protection by design and by default" (minimisation, pseudonymisation, access controls).
In case of a personal data breach posing risk, we will notify the UK Information Commissioner's Office (ICO) within 72 hours and communicate to affected individuals when required.
We will cooperate with and comply with lawful orders of the ICO or equivalent supervisory authorities, including in investigations or audits.
Where personal data is transferred outside the EEA, we will use approved safeguards (e.g. standard contractual clauses, adequacy decisions).
We use third-party processors bound by contractual obligations including data confidentiality, security, and use only as instructed.
As set out in the Privacy Policy: access, correction, deletion, objection, restriction, portability, withdraw consent.
If you believe our processing breaches the GDPR, you have the right to lodge a complaint with the UK ICO or equivalent authority in your jurisdiction.