“William Duncan + Co Ltd have audited the accounts of Scottish Engineering for many years, and we are highly satisfied with the services provided by John Wallace. Since taking up my position, I have had WD provide a half-yearly audit, as well as the standing year-end arrangement. The standard of auditing is exemplary and John is happy to engage in pragmatic debate whilst offering professional advice on any very rare contentious issues. The half-yearly summary makes an excellent basis for review with our Finance Committee.”
General Data Protection Regulation (GDPR)
Our network of businesses (WD) acts as a data controller for client’s personal data and as such have responsibilities to manage the data in a secure and professional manner. The regulations for holding this data are changing under a law called the General Data Protection Regulation (GDPR). It became EU law on May 25th 2018 and as such it will apply to all organisations holding personal data, both electronic and paper copies; in this case it will be WD. GDPR will not be affected by Brexit. WD are reviewing all their policies and practices for holding personal data.
That review includes the legal level of permission under which WD hold the data (whether WD have your permission to hold the information we have), exactly what data is held and why WD need to hold it. WD also have responsibility for any data that is processed by a third party and we will be reviewing our arrangements with any such organisation.
It will also be important WD update all policies to be GDPR compliant and review the length of time that personal data is held for.
WD are complying with GDPR by drawing up a new Privacy Information Notice to ensure you know what is kept on file, for how long and how you can complain about our data policies or breaches to the supervisory body.
This notice will be updated regularly over the next few months as WD make progress towards the end goal of being GDPR compliant within the regulatory timeframe.