1.2. Brendmo processes personal data for a variety of purposes. We collect this personal data directly from you, for example, if you engage us to prepare your tax return, if you visit www.brendmo.com (our Site), if you submit your contact details to receive marketing communications from us. Alternatively, we process your personal data in the context of providing professional services to your employer or service provider. This privacy notice is intended to cover all of the above-mentioned scenarios.
- Data Covered
2.1. In order to provide you with the proper services, you may be required to provide Brendmo with Personal Information. Personal Information is information that identifies you as an individual including but not limited to your name and contact details, an identification number, location data or an online identifier. It also refers to physical, physiological, genetic, mental, economic, cultural or social identity of an individual.
2.2. It also includes special categories of personal data (special category data) from which we can determine or infer an individual’s:
2.2.1. Racial or ethnic origin; Religious or philosophical beliefs; Membership of a trade union; Genetic data; Biometric data; Sex life or sexual orientation; as well as personal data relating to criminal convictions and offenses
2.3. You have the following rights with respect to your personal data:
2.4. To access the personal data held by Brendmo about you.
2.5. To have your personal data corrected, for example, if it is incomplete or incorrect;
2.6. To opt-out of receiving marketing communications at any time.
2.7. To restrict or object to the processing of personal data or request erasing personal data (in certain circumstances and subject to applicable law).
2.8. To receive a copy of the personal data which you have provided to Brendmo.
2.9. Where you have provided personal data voluntarily, or otherwise consented to its use, the right to withdraw your consent.
2.10. The right to complain to a data protection authority.
- Voluntary information provided by you
3.1. We collect personal data that you provide voluntarily through our site, for example, when completing online forms to contact us, subscribing to receive marketing communications from us, The information we collect about you may include the following:
3.2. Name; Job title, job level or job function role; Contact information, including primary email, email address and telephone numbers; Demographic information, such as industry, country, postcode, information pertinent to fulfilling our services to you
3.3. Any other personal data that you voluntarily choose to provide to us.
3.4. We do not intentionally collect sensitive category data, unless you provide us with such data. If you choose to provide any sensitive personal information in a text box on our website, you acknowledge you consent to the collection and processing of this sensitive information.
- Automatic collection of information
4.2. Our site also uses various social media plugins.
- Reasons for processing information as a visitor to our website:
5.1. To manage our site, including to confirm and authenticate your identity, and prevent unauthorized access to restricted areas of our site.
5.2. To personalise and enrich your browsing experience by displaying content that is more likely to be relevant and of interest to you.
5.3. To analyse the data of visitors to our site and site traffic information.
5.4. To develop our business and services.
5.5. To conduct data analysis (for example, regarding usage of our site and demographic analyses of visitors of our site).
5.6. To understand how visitors use the features and functions of our site.
5.8. To conduct quality and risk management reviews.
5.9. To allow services and information to be delivered effectively to you.
5.10. Any other purpose for which you provided information to Brendmo.
5.11. To provide effective delivery of information and services to you, and the effective and lawful operation of our businesses.
5.12. To develop and improve our site, and your user experience.
5.13. Explicit consent of the visitor to the website, knowing what information is being used when visiting the site.
6.1. When you engage us to provide you with professional services, we collect and use personal data when we have a valid business reason to do so in connection with those services.
6.2. In the context of providing professional services to clients, Brendmo also processes personal data of individuals who are not directly our clients (for example, employees, customers or suppliers of our clients).
6.3. The majority of the personal data we collect and use to provide our services is supplied voluntarily by (or collected by us from third-party sources at the request of) our clients. If you are a client of Brendmo, then it will generally be obvious to you what personal data we collect and use. This information can include:
6.3.1. Basic information, such as your name, the company you work for, your position and your relationship to a person.
6.3.2. Contact information, such as your postal address, email address and telephone numbers.
6.3.3. Financial information, such as payment-related information.
6.3.4. Any other personal data relating to you or other third parties which you provide to us for the purpose of receiving our services.
6.4. We use this information:
6.4.1. To provide services for you.
6.4.2. To administer our relationship and maintain contractual relations.
6.4.3. For accounting and tax purposes.
6.4.4. For marketing and business development.
6.4.5. To comply with our legal and regulatory obligations.
6.4.6. To establish, exercise, or defend legal right.
6.4.7. Given the diversity of the services we provide, we process many categories of personal data. See below some examples:
188.8.131.52.1. In providing assurance services, Brendmo will process information that contains personal data, such as payroll files, board records and other documents attributable to the audit client’s and any group companies’ activities. Examples of categories of personal data that are processed are:
184.108.40.206.1.1. Contact details, such as name, address, telephone numbers and email address
220.127.116.11.1.2. Details of employment, such as employment number, employment department, role and employment time
18.104.22.168.1.3. Health and absence data, e.g., medical certificate and information on sick leave, leave of absence or parental leave
22.214.171.124.1.4. Trade union membership
126.96.36.199.1.5. Personal identity number
188.8.131.52.1.6. Information on financial conditions, such as bank account information, salary details and other benefits, insurance data and the license plate number of a company car
184.108.40.206.1.7. Information on insurances and occupational pensions, or
220.127.116.11.1.8. Other categories of personal data needed for conducting the audit in accordance with good auditors and auditing standards.
18.104.22.168.1. Examples of personal data categories processed by Brendmo:
22.214.171.124.1.1. Personal details for the individual client and their family members, including names, addresses and demographic, contact information, dates of birth, and tax identifiers, including social security numbers and email addresses;
126.96.36.199.1.2. Tax return files: liability, dates produced and sent, and comments on tax return;
188.8.131.52.1.3. Tax equalization data: liability, dates produced, settlement amounts and taxes paid
184.108.40.206.1.4. Forms used to edit client information received from organisers or other means; compensation data from employers; sourcing of income based on assignment and travel calendar data;
220.127.116.11.1.5. Current, past or future travel information for the individual, including locations visited and workday activities that occurred in each location;
18.104.22.168.1.6. Documents, such as tax returns, assignment letters, audit requests from taxing authorities, and official and personal documents (birth certificates, marriage licenses, education documentations and degrees, and passport copies);
22.214.171.124.1.7. Company-specific information: corporate client personnel contacts and division names.
126.96.36.199.1. In providing advisory services, Brendmo processes a wide variety of information, including potentially all types of personal data. The scope depends on the service and the sector in which Brendmo firm’s client is active.
188.8.131.52.2. Examples of personal data categories received or processed by Advisory client engagement teams are:
184.108.40.206.2.1. Contact details, such as name, address, telephone numbers and email address
220.127.116.11.2.2. HR and supplier records of clients, which include personal details of employees or suppliers of the client, such as name, contact details, date of birth, race, government identification numbers, employment contracts and service contracts
18.104.22.168.2.3. Financial data, such as wage and salary information, pension and retirement benefits information, and bank account numbers
22.214.171.124.2.4. Personal data of employees potentially impacted by supply chain changes or outsourcing
126.96.36.199.2.5. Customer data, including race or gender during a customer experience engagement.
- Personal Data Collected In Connection With Services Rendered
7.1. Brendmo processes personal data of person/s whom we do not have a contractual or other relationship. If we required to do a statutory audit which will include looking at employee payroll data, supplier data and financial data, etc.
7.2. We seek confirmation from our clients that they have the authority to provide personal data to us in connection with the performance of the services and that any personal data they provide to us has been processed in accordance with applicable law.
7.3. Given the diversity of services we provide, we process many categories of personal data such as:
7.3.1. Personal details (such as name, age, data of birth, gender, marital status and country)
7.3.2. Contact details (such as phone numbers, email address and postal address)
7.3.3. Financial details (such as salary, payroll, income, investments, benefits and tax status)
7.3.4. Employment details (such as role, rank, experience, performance data and employment numbers)
7.4. For certain services, we also process special category data. This data is collected intentionally and will be used only where necessary in connection with the provision of the service for which the data was collected, such as determining the correct taxation of our client’s income and for claiming the correct tax deduction with respect to such payments.
7.5. Legal grounds :
7.5.1. Compliance with a legal or regulatory obligation.
7.5.2. Our legitimate interest in making sure our clients are provided with continuous, reliable and quality services.
- Social Media
8.1. We use social media to provide you with easy access to relevant information.
8.2. While Brendmo will be responsible for the content it publishes using social media platforms. Brendmo will not be responsible for managing the social media platforms (such as creating user statistics or placing cookies). When using these social media platforms, you are obliged to adhere to the legal and privacy terms imposed by the social media platform providers.
8.3. Such providers collect personal data about you, including statistical and analytical data regarding your use of the social media platforms, such as an overview of pages you have accessed, “likes,” recent visits, posts you publish or find interesting. If you require access to such data or want to invoke one of your other rights (such as the right to object to the processing of your data), you should contact the social media platform provider.
8.4. Some social media providers provide Brendmo with aggregate data relevant for our pages, such as the amount of “likes” triggered by our content or the amount of posts, visitors to our sites, photos that are downloaded or links that are clicked.
9.1. Brendmo uses a variety of tools to maintain the security, including our email facilities. Examples of such tools are:
9.1.1. Systems that scan incoming emails to Brendmo recipients for suspicious attachments and URLs, in order to prevent malware attacks
9.1.2. Tools that provide end-point threat detection to detect malicious attacks
9.1.3. Tools that block certain content or websites
9.2. If you correspond via email with a Brendmo staff member, your emails will be scanned by the tools Brendmo operates to maintain the security of its IT infrastructure, which could result in content being read by authorized Brendmo persons other than the intended recipient.
9.3. Legal grounds :
9.3.1. Our interest protecting our IT structure against unauthorised access or data leakage.
9.3.2. Our interest in analysing email traffic.
- Voice Services
10.1. The phone service is hosted internally. When you call Brendmo, only your phone number will be stored on Brendmo servers and will be delivered to the recipient of your call on their handset and via an email. No other personally identifiable information is collected but technical logs and reports may be stored for trouble shooting purposes.
11.1. We process personal data about our suppliers (including subcontractors, and individuals associated with our suppliers and contractors) in order to manage our relationship and contract, and to receive services from our suppliers. These are contact information, i.e. name, company name, phone number/email and other contact details) and financial information relating to payment.
11.2. In addition, we also use data about our suppliers to check whether we have a conflict of interest or audit independence restriction to appointing a supplier. We also check for criminal records.
11.3. Legal grounds:
11.3.1. Performance of a contract;
11.3.2. Compliance with a legal or regulatory obligation;
11.3.3. Managing payments, fees and charges, and to collect and recover money owed to Brendmo;
11.3.4. Understanding any conflict of interest or challenge with regard to independence legislation;
11.3.5. Safeguarding against Brendmo inadvertently dealing with the proceeds of criminal activities or assist in any other unlawful or fraudulent activities (for example, terrorism).
- Other Providers
12.1. We transfer or disclose the personal data we collect to external support providers (and their subsidiaries and affiliates) who are engaged by us to support our internal ancillary processes. For example, we engage support providers to provide (a) general office support including printing, document production and management, and archiving; (b) accounting, finance and billing support; (c) IT functions including system management and security, data storage, analytics, business applications, voicemail and replication of systems for business continuity/disaster recovery purposes; and (d) conflict checking, risk management and quality reviews.
12.2. It is our policy to only use third-party support providers that are bound to maintain appropriate levels of data protection, security and confidentiality, and that comply with any applicable legal requirements for transferring personal data outside the jurisdiction in which it was originally collected.
12.2.1. Brendmo discloses your personal data:
188.8.131.52. Where processing or further processing of personal data is required
184.108.40.206. By applicable law
220.127.116.11. If we believe that such disclosure is appropriate to enforce or apply terms of engagement, and other agreements or otherwise protect and defend Brendmo rights, property or safety
18.104.22.168. In order to comply with a judicial proceeding, court order or other legal obligation, or a regulatory or government inquiry; or
22.214.171.124. With your consent.
12.3. In certain jurisdictions, Brendmo is legally obliged to report any suspicious transactions or other illegal activities to the relevant authorities under the anti-money laundering, terrorist financing, or related legislation. Any suspicious criminal activities is required to be reported to the law enforcement bodies. We not permitted by law to inform you about this in advance of the disclosure.
13.1. Brendmo ensures it protects the confidentiality and security of information it obtains in the course of its business. Access to such information is limited, and policies and procedures are in place that are designed to safeguard the information from loss, misuse and improper disclosure.
- Information updated
14.1. It is important that you inform us of any updates to your contact details or other personal data so that we have the most up-to-date information about you. Please contact the person you usually deal with at Brendmo or email us at email@example.com.
- Retention Of Information
15.1. Our policy is to retain personal data only for as long as it is needed for the purposes described in the section “Purposes for which we process personal data.” In order to meet our professional and legal requirements, to establish, exercise or defend our legal rights, and for archiving and historical purposes we need to retain information for significant periods of time.
16.1. Our Site is not intended for use by minors under the age of sixteen (16) years. We do not knowingly collect, disclose, or sell the personal data of minors under 16 years of age. If you are under 16 years old, please do not provide any personal data even if prompted to do so. If you believe that you have inadvertently provided personal data, please ask your parent(s) or legal guardian(s) to notify us and we will delete your personal data.
- Changes to the Policy
18.1. If you are concerned about an alleged breach of privacy law or any other regulation by Brendmo, you can contact: firstname.lastname@example.org
18.2. Your complaint will be investigated, and information will be given to you about how it will be handled.
18.3. You also have the right to complain to the data protection authority in your country or refer the matter to a court of competent jurisdiction or as specified in any applicable engagement agreement with Brendmo.
- Access to your information
19.1. You have the right to access the personal information we hold about you. If you wish to obtain a copy of it, please contact us at email@example.com.