GDPR Policy
Privacy Notice

This notice explains how YourRPA collects and stores your personal data when you interact with us. This notice outlines the types of data we collect and how this data is used to provide our services to you.

How we collect your information

We may collect your information directly from you in the following ways:

We may also collect your information from third parties who you have contacted us on your behalf regarding the services we may provide for you.

The types of information we collect

We routinely collect the following types of personal information about you:

We may also collect bank account details from you.

Why we collect this information

We use your personal data to respond to any enquiries you make to us about our services.

We use your personal data in order to enable us to deliver and charge for the services we provide in accordance with the administration of our contractual obligations.

We use any other information as necessary to advise you regarding the services you have requested from us or that we have provided under our contractual obligations with you.

Bank account information is only collected when you have requested a refund from us.

For the purposes of the General Data Protection Regulation and UK data protection laws, when processing your personal data we are relying on the legal basis of:

The information we collect and process is required for us to be able to perform our contractual obligations and receive payment from you for the services we provide. Should you fail to provide this information, we would not be able to deliver these services under the terms of our agreement with you. We rely on you to inform us regarding any changes to contact details and will update our records when we receive such information from you.

How we store your information

Your information may be held in paper and/ or digital format.

We hold the majority of your information in individual client folders. Your contact details and other contractual information is held securely on file in a manner that enables us to fulfil our business obligations.

All digital information is contained in and added to Microsoft OneDrive servers. Microsoft have stated that they comply with GDPR data security principles.

Sharing your information with others

We only share your information with our employees and associates that provide advisory services on our behalf.

Personal information is not shared with third parties unless you specifically request us to contact them on your behalf or unless there is a statutory duty to do so.

Contractual information is shared with our accountant for the purposes of auditing our accounts.

Although YourRPA has accounts on the Facebook, Twitter and LinkedIn social media sites, we do not collect or share information posted on them.

How long your information is kept

Bank account information is deleted once you have confirmed receipt of any payment.

Client folders are archived within three months of the termination of a contract but are retained indefinitely as they contain information on aspects of health and safety which may need to be referred to in the event of a future query.

Our annual accounts (which contain contract information) will be retained until six years after the termination (or sale) of the business.

Contact and complaints

If you have any queries about this privacy notice or how we process your personal data, or if you wish to exercise any of your legal rights, you may contact us by email at:

If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner. You can find out more about your rights under applicable data protection laws from the Information Commissionerís Office website:

About Us
dental_rpa_jan24012007.jpg dental_rpa_jan24012006.jpg dental_rpa_jan24012005.jpg dental_rpa_jan24012004.jpg
The Law
dental_rpa_jan24012003.jpg dental_rpa_jan24012002.jpg dental_rpa_jan24012001.jpg