Privacy Policy

1. Introduction

Braithwaite Tax Recovery Consultants Ltd, registered in United Kingdom (company number 05269190) and Braithwaite Technology Consultants Limited, registered in Ireland (company number 506246) (“Braithwaite”) and its group companies (together “we”, “us”, “our”) are committed to protecting and respecting your privacy. Your privacy is important to us and we are committed to protecting and safeguarding your data privacy rights.

The companies within the Braithwaite group are:

  • Braithwaite Technology Consultants Inc, registered in Canada
  • Braithwaite Technology Consultants Limited, registered in Ireland (company number 506246)
  • Braithwaite Tax Recovery Consultants Ltd, registered in United Kingdom (company number 05269190)
  • GrantMatch Corp.

This privacy policy applies to all group companies and sets out the basis on which any personal information we collect, or that is provided to us, will be processed by us. The policy outlines the steps Braithwaite take when personal information provided to us is collected and processed, in accordance with GDPR. This policy also explains how we use the personal information collected and the procedures we have in place to safeguard privacy. It also explains rights under GDPR.

We use the term “processing” to cover all activities involving personal information including collecting, handling, storing, sharing, accessing, using, transferring and disposing of the information. This privacy policy documents our lawful basis for processing personal information and outlines our compliance to GDPR.

Should you decide to submit personal information whilst on the website, through other online sources or directly to our employees via email, you agree to be bound by this privacy policy and other policies. Furthermore, before you disclose the personal information of another person to us, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.

Please read the following carefully to understand our views and practices regarding personal information and how we will treat it. The person responsible for data protection across all group companies is the Data Protection Officer. If you have any questions about this privacy policy or the use of personal information by any group company, please contact us.

2. Who are we and what we do?

We are a group of tax recovery consultants and tax credit advisory businesses. We provide tax credit advisory services and other related services to our clients. We collect the personal information of the following types of people to allow us to undertake our business:

  • Prospective and live client contacts
  • Prospective and placed contacts for introducer agreements
  • Supplier contacts to support our services
  • Employees, subcontractors, consultants, temporary workers
  • Employees, subcontractors, consultants and temporary workers of prospective and live contact contacts

We collect personal information in order to carry out our core business and ancillary activities.

3. How we obtain personal information?

a. Information you give us or we may collect from you:

We may collect personal information when corresponding with us by phone, e-mail or otherwise. It includes information you provide when we carry out tax credit advisory services, undertake sales meetings, attend events, register on our website, employ staff, pay suppliers and appoint consultants/subcontractors.

The personal information given to us or we collect may include:

  • Full Name and Title – clients, suppliers, employees
  • Gender
  • Home address, postcode, contact number(s) and email address – clients, suppliers, employees
  • Work contact number(s) and email address – clients, suppliers, employees
  • Date and place of birth – employees
  • Job titles, job duties and dates of employment of client’s R&D employees
  • Academic qualifications and professional memberships of client’s R&D employees as well as current employees
  • Passport and UK work visa information of current employees
  • Photograph(s) of current employees
  • Current salary and current employment benefits of client’s R&D employees
  • Professional training history and training plans of client’s R&D employees
  • Notes from any face-to-face, video or telephone communication
  • Bank details of clients, suppliers and employees
  • Employment or character references of current employees
  • Driving license details and National Insurance number of current employees
  • Health conditions of current employees
  • Information about your visits to our website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths)
  • Information provided when registering on our website (your name, contact details, email address)
  • Information contained in any documents that you send to us for any purpose
  • Any other financial information, compliance documentation and technical information provided when carrying out tax credit advisory services
  • Links to professional profiles available in the public domain eg. LinkedIn, Twitter, Business Facebook or corporate website
  • Information that you provide about yourself when negotiating or entering into a contract with us

b) Information we collect about you when you visit our websites

With regard to each of your visits to our websites, we will automatically collect the following information:

  • Information that you provide by filling in forms or sections on any of our websites. This includes information provided to us at the time of registering to use any of our websites (where applicable), subscribing to any of our services (where applicable), web blogs, web discussions, personalising any of our websites with your preferences or requesting further services
  • technical information relating to your visits including, but not limited to, traffic data, location data, how you use the website, the frequency with which you access our website, the times that our website is most popular, web blogs, other communication data and the resources that you access
  • information when you respond to a survey and/or when you report a problem with one any of our websites

c) Information we obtain from other sources

This is personal information that we obtained from other sources such as LinkedIn, corporate websites, third party market research, online and offline media, relevant external events, business cards and personal recommendations. In this case, we will inform you by sending you this privacy policy within a maximum of 30 days of collecting the information of the fact that we hold personal information, the source of the personal information and whether it comes from publicly available sources, and for what purpose we intend to retain and process personal information.

We work closely with other third parties including other group companies, our clients, other suppliers and other agencies who may be acting on your behalf. We may receive personal information about you from them for the purposes of tax credit advisory services and other related support services.

4. Why we hold personal information and how we use it?

In order to provide our services to you, we need to process personal information. We will only process personal information that is necessary for the purposes of tax credit advisory services and other related support services in accordance with this privacy policy, unless such processing conflicts with UK law, in which case, the applicable law will prevail.

Please note that not all purposes set out below will apply to you all of the time. Our purposes for processing personal information include:

    • Providing tax credit advisory services and other related support services
    • Paying clients, suppliers and employees
    • Allowing us to contact potential clients via telephone, text or email about offering tax credit advisory services and other related support services
    • Enabling you to use our website, including personalising the website for you
    • Sending you marketing communications relating to our business or those of carefullyselected

third parties which we think may be of interest to you by post, email or text, where you have specifically agreed to this

  • Dealing with enquiries or complaints made by or about you, relating to our services or website
  • Keeping our website secure and preventing fraud
  • Verifying compliance with our Website Terms Of Use governing the use of our website (including monitoring messages sent through our website “contact form”)
  • Carrying out our obligations arising from any contracts entered into between you and us
  • Notifying you about changes to any of our services
  • For client service, customer satisfaction, product analysis and market research purposes
  • Ensuring that content from our websites is presented in the most effective manner for you and for your computer
  • Providing you with information or services that you expressly request from any of us or which any us feels may interest you, where you have consented to be contacted for such purposes
  • Carrying out any obligations or provide you with any other services, functionality or content which you specifically agree to on any of our websites
  • Helping us establish, exercise or defend legal claims
  • Complying with our legal obligations and adhering with UK legislation

Except for the mailing list activities which each group company runs on some parts of our websites, where you explicitly consent to receive materials from us, we will not use your personal information collected from our websites to carry out unsolicited marketing activities. You may change your marketing preferences at any time by contacting us.

We do not use personal information to make automated decisions. All our tax credit advisory services and related support services involve human decision making in the process.

5. The legal basis for processing personal information

Your right to be informed under GDPR requires Braithwaite to provide you with details about our legal basis for processing personal information. Depending on the purpose that we hold and process personal information for, we will rely on one or more of the following legal grounds to process personal information:

a) Legitimate Interests

We will rely on legitimate business interests to process personal information to carry out tax credit advisory services and other related support services. The exchange of personal information of our client contacts and other contacts is a fundamental, essential part of this process. We believe that the processing of personal information is necessary in order to provide tax credit advisory services and does not prejudice any individuals in any way.

Legitimate business interests means the interests of Braithwaite and/or any of its group companies in conducting and managing our tax credit advisory business. Legitimate business interests can also apply to the processing of personal information that is in your interests of clients. When we process personal information, we make sure we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws by carrying out a Legitimate Interest Assessment. We will not use personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

b) Necessary for the performance of a contract

Personal information will be processed as necessary throughout the carrying out of services in order to perform the contract. We will also rely on the contract if we are negotiating or have entered into a contract to provide services to you or receive services from you or your organisation.

c) Necessary for compliance with a legal obligation

We will rely on legal obligation if we are legally required to hold personal information to fulfil our legal obligations and where the processing of personal information is necessary for Braithwaite to comply with the law.

d) Consent

We will ask for explicit consent to process personal information for a specific purpose. We will request consent orally, by email or by an online process. Should we want or need to rely on consent for other processing activities, we will request consent orally, by email or by an online process for the specific purpose we require consent for. Your responses will be recorded on our system. Where consent is the lawful basis for our processing you have the right to withdraw your consent to this particular activity at any time by contacting us.

6. Who do we share personal information with?

Personal information provided to us allows us to provide tax credit advisory services and other related support services. Personal information shared internally at Braithwaite is limited to what is required by us to provide tax credit advisory services.

Personal information may be shared externally with the following:

  • Third party suppliers who offer services that support our tax credit advisory services that may not be available internally to us.
  • In the event that any of us sell or buy any business or assets, in which case each of us may disclose personal information to the prospective seller or buyer of such business or assets.
  • If we are under a duty to disclose or share personal information in order to comply with any legal obligation, or in order to enforce our website terms of use and other agreements, or to protect the rights, property or safety of Braithwaite and its group companies, our customers, and others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
  • We may also share personal information to the extent that we are required to do so by law, in connection with any ongoing or prospective legal proceedings. We may also disclose personal information in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
  • In the event that any of us outsource any of our business functions under which we collect or store personal information in which case we will ensure that any such service provider adheres to at least the same obligations of security with regard to personal information as undertaken by us.
  • Where any of us use personal information to carry out credit assessments we will need to share your information with credit reference agencies to assess your suitability as a client or supplier and to verify identity.
  • Each of us may share personal information with our associates, UK and overseas law enforcement agencies or regulatory authorities and other relevant bodies for crime prevention purposes.
  • Any person who we reasonably believe may apply to a court or other competent authority for disclosure of personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of personal information.

The legal basis for the third party processing of personal information will include:

  • Their own legitimate business interests in processing personal information, in most cases to fulfil their internal resourcing needs.
  • Satisfaction of their contractual obligations to us.
  • For the purpose of a contract in place or in contemplation.
  • To fulfil legal obligations.

7. How do we store and protect personal information?

Braithwaite holds personal information in a combination of secure online and offline computer storage facilities, and paper-based files. All information that you provide to us in physical form such as documents will be stored securely at our offices or at a secure storage facility. All information you provide to us electronically is stored on our secure servers.

We take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of personal information. We will also take all steps reasonably necessary to ensure that personal information is treated securely and in accordance with this privacy policy. We care about protecting personal information and so have put in place appropriate measures that are designed to prevent unauthorised access and misuse of personal information.

We use a number of processes to protect personal information including:

  • Locks and security systems
  • Computer passwords, firewalls and limited access to shared network drives to authorised staff only
  • Virus checking
  • Auditing procedures and data integrity checks
  • Recording of file movements
  • Security classification to identify data needing special protection.

Our website and integrated email systems are protected to ensure that unauthorised or unlawful processing of personal information, accidental loss or destruction of, or damage to, personal information does not occur.

We use third party suppliers such as consultants to support our tax credit advisory services and share personal information with them in order to assist us in providing these services. Where we share personal information with third party suppliers, we require that such personal information is protected as required by law. We also maintain processes designed to ensure that any processing of personal information by third party suppliers is consistent with this privacy policy and protects the confidentiality, availability and integrity of personal information.

Where required by law, we put in place legal mechanisms designed to ensure adequate data protection of your personal information. We also require our third-party suppliers to guarantee the same level of protection as provided by ourselves, in accordance with GDPR. Please note that our third-party suppliers have confirmed they hold personal information in a combination of secure online and offline computer storage facilities and any paper based files are stored securely at their offices.

Unfortunately, sending personal information to us via post, fax, email or the internet is not completely safe and secure. Although we will do our best to protect personal information, we cannot guarantee the security of personal information sent to us by any of these means and any information sent to us in this way is at your own risk. Once we have received personal information, we will use strict procedures and security features to try to prevent unauthorised access and require our third party suppliers to do the same.

8. How long do we hold personal information for?

We are required by law to hold personal information for as long as is necessary to comply with our statutory and contractual obligations (including tax authority obligations), and in accordance with our legitimate business interests in providing tax credit advisory services.

We will use reasonable endeavours to ensure that personal information is maintained and up to date. We may also contact you from time to time to check that the information is still correct. However, you are required to inform us of any changes to personal information to ensure it is up to date, and we will update or delete personal information accordingly.

We understand our legal duty to retain accurate information and only retain personal information for as long as we need it for our legitimate business interests and that you are happy for us to do so. Accordingly, we have a data retention policy and run data routines to remove data that we no longer have a legitimate business interest in maintaining.

9. Deleting personal information & your rights under GDPR

You have the right to ask us not to process personal information for marketing purposes. We will usually inform you (before collecting personal information) if we wish to use personal information for such purposes or if we intend to disclose personal information to any third party for such purposes and we will collect your express consent from you if legally required prior to using personal information for marketing purposes. You can exercise your right to accept or prevent such processing by contacting us.

Our websites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.

The GDPR provides you with the following rights. To:

  • Request correction of personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  •  
  • Request erasure of personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove personal information where you have exercised your right to object to processing.
  • Object to processing of personal information where we are relying on a legitimate business interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing personal information for direct marketing.
  • Request the restrictions of processing of personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of personal information to another party in certain formats, if practicable, and so have the right to data portability.
  • The right of access and the right to be informed
  • Request not to be subject to automated decision making and processing.
  • Make a complaint to a supervisory body which in the UK is the ICO if you think there is a problem with the way we are handling personal information.

If you want to exercise any of your rights, then please contact us. We will aim to respond to requests to exercise any of your rights within one calendar month of the requests.

10. Subject access to information

GDPR gives you the right to access personal information held about you. We also encourage you to contact us to ensure personal information is accurate and complete. If you would like to access personal information held about you, then please send us a subject access request by email or post. Any subject access request under GDPR will not be subject to a fee. We will aim to respond within one calendar month of the request but may seek an extension to this time limit in the event of a lengthy request.

11. International data transfers

Braithwaite is a global organisation and therefore personal information we collect from you may be transferred outside the EEA to the overseas companies in the Braithwaite group. Such transfers will occur where they are necessary in providing tax credit advisory services or where the transfer is authorised by law. By providing personal information to us, you agree that personal information may be transferred outside of the EEA in such circumstances.

12. Cookies

A cookie is a bite-sized piece of data that is stored on your computer’s hard drive. Almost all websites use them and they do not harm your system. We use them to track your activity on our websites and to distinguish you from other users. This helps us to provide you with a good experience when you browse our websites and also allows us to improve functionality, analyse traffic and for advertising purposes.

Below is a list of the cookies being used on this website with description of each.

Purpose

Description

Type & Expiry

Performance (i.e., User’s Browser)

Our web sites are built using common internet platforms. These have built-in cookies which help compatibility issues (e.g., to identify your browser type) and improve performance (e.g., quicker loading of content).

Session, deleted upon closing the browser, or persistent.

Security Cookies

If you register for access to a restricted area, our cookies ensure that your device is logged for the duration of your visit. You will need your username and password to access the restricted areas. 

Session, deleted upon closing the browser, or persistent.

Site Preferences

Our cookies may also remember your site preferences. Seek to enhance your experience

Session, deleted upon closing the browser, or persistent.

Analytics

We use several third-party analytics tools to help us understand how site visitors use our web site. This allows us to improve the quality and content on our website for our visitors. The data cover items such as total visits or page views, and referrers to our web sites.

Persistent, but will delete automatically after two years if you no longer visit our website

Social Sharing

We use third party social media widgets or buttons to provide you with additional functionality to share content from our web pages to social media web sites and email. Use of these widgets or buttons may place a cookie on your device to make their service easier to use, ensure your interaction is displayed on our web pages (e.g. the social share count cache is updated) and log information about your activities across the Internet and on our web sites. We encourage you to review each provider’s privacy information before using any such service.

Persistent, but will delete automatically after two years if you no longer visit our website

13. Changes to our Privacy Policy

We may update this privacy policy from time to time. If at any time we decide to use personal information in a manner significantly different from that stated in this privacy policy, or otherwise disclosed to you at the time it was collected, we will notify you by email and you will have a choice as to whether or not we use personal information in the new manner as per GDPR guidelines.