Privacy Policy Your Privacy Matters

“Kent Finance” (and “we”, “us”, or “our”) refers to Kent Finance Limited (registered in England under registration no. 9877141 and with its registration address at 1 Sunflowers, Pluckley, Kent, TN27 0PD).

Kent Finance Limited is strongly committed to safeguarding the privacy of your personal data. We comply with the GDPR and Data Protection Act 2018 by processing personal data lawfully, transparently, and for specified purposes. The details of collection, lawful bases, use, and retention periods are outlined within this policy or as stated at the point of collection. This applies to personal data provided to us, both by individuals themselves or by others authorised on their behalf.

Personal data is any information relating to an identified or identifiable living person. When “you” or “your” are used in this statement, we are referring to the relevant individual who is the subject of the personal data.

We only collect and process personal data necessary to provide professional services and ensure clients are informed of its use in compliance with GDPR.

Our clients may use relevant sections of this privacy policy or refer data subjects to this privacy policy if they consider it appropriate to do so.

The categories of personal data processed by us in relation to our services are:

• Personal details (e.g. name, age/date of birth, gender, marital status, country of residence);
• Contact details (e.g. email, contact number, postal address);
• Financial details (e.g. salary and other income and investments, benefits, tax status); and
• Job details (e.g. role, grade, experience and performance information).

For certain services or activities, we may process special categories of personal data (such as in performing ‘know your client’ checks and providing immigration and tax services, which involve us processing government identification documents that may contain biometric data or data revealing racial or ethnic origin or as part of an audit of an organisation in the health sector).

Generally, we collect personal data from our clients or from third parties when providing services to the relevant client.

We collect data through a variety of methods including but not limited to:

• Direct interactions – You may give us your identity, contact and financial data via forms or other correspondence:
  • Post, phone, email, business cards
  • Marketing, newsletters and other publication subscriptions.
  • Collateral downloads.
  • Promotions, surveys.
  • Event invitations.
• Automated technologies or interactions – Through website interaction we may automatically collect Technical Data about your equipment, browsing actions and patterns. This data is collected through cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
• Third parties or publicly available sources – We may receive personal data about you from various third parties and public sources as set out below:

Identity and Contact Data from publicly availably sources such as Companies House, government websites and LinkedIn.

Identity, Contact, Financial, Transaction, Usage, Technical, Profile, Marketing and Communications Data from our members who have been in contact with you for the delivery or potential delivery of services, invitation to our events or subscription for our newsletter.

We process personal data for the following purposes, in compliance with GDPR:

• Providing Professional Services: To deliver our range of services (click here for information on our services), including audits, tax, pensions, and global mobility advice. This may involve processing payroll data, government identification documents, or other relevant information.
• Business Administration and Development: To manage client relationships, improve service delivery, maintain IT systems, host events, and administer our website and applications.
• Security and Risk Management: To protect client and company information through security measures, quality monitoring, and risk assessments. This includes conducting due diligence checks and using publicly available sources to identify potential risks.
• Marketing and Communication: To provide clients and prospective clients with updates, insights, and information about our services, unless they opt out.
• Compliance with Legal and Regulatory Obligations: To meet our obligations under laws, regulations, and professional standards, such as anti-money laundering checks.
• Improving Services and Innovation: To analyse and de-identify data for benchmarking, industry insights, and the development of new technologies and offerings.

Legal Grounds: Processing is based on legitimate interests, legal obligations, public interest, or consent, as applicable.

In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is 8 years.

Personal data may be held for longer periods where extended retention periods are required by law or regulation and in order to establish, exercise or defend our legal rights.

When and how we share personal data and locations of processing

Further details about the processors (such as IT service providers) used by Kent Finance and locations of processing are provided here. We may use other organisations to help us deliver our services as agreed with our client on an engagement-specific basis.

We take the security of all the data we hold very seriously. We have a framework of policies, procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.

When and how we share personal data and locations of processing

We will only share personal data with others when we are legally permitted to do so. When sharing data with others, we put contractual arrangements and security mechanisms in place as appropriate to protect the data and to comply with our data protection, confidentiality and security standards.

Personal data held by us may be transferred to:

Third party organisations that provide applications/functionality, data processing or IT services to us

We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based software as a service providers, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them

• Third party organisations that otherwise assist us in providing goods, services or information
  On certain client engagements, we may engage or otherwise work with other providers to helps us provide professional services to our clients.
• Our clients
  Where we need to process personal data to provide professional services to our clients, we may share personal data in our deliverables (such as the reports we create).
• Accountants, insurers and professional advisers
  Our accountants are Kreston Reeves LLP 37 St Margaret’s Street, Canterbury CT1 2TU. We have a number of business insurance policies in place (further details are available here) and we may need to share personal data with the insurer, for example, in the event of a claim. We use other professional advisers, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business. Personal data may be shared with these advisers as necessary in connection with the products and services they have been engaged to provide.
• Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation
  Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation. Details of our regulators are available here.

We use cookies to enhance the user experience and collect usage data. Please be aware, if you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information, see our Cookie Policy

We recognise that transparency is an ongoing responsibility so we will keep this privacy statement under regular review.

This privacy statement was last updated on 03 July 2025.

We are generally controllers for the personal data we process, however, we may provide some services, such as payroll services, as a processor (in which case our client is the controller). If you have any questions about this privacy statement or how and why we process personal data, please contact us at:

Data Protection Officer
Kent Finance Limited
1 Sunflowers
Pluckley
Kent
TN27 0PD
Email: enquiries@www.kentfinance.co.uk

Individuals have certain data protection rights over their personal data and controllers are responsible for fulfilling these rights.

Individuals’ rights may include

• The right to be informed about the personal data the Company processes on you;
• The right of access to the personal data the Company processes on you;
• The right to rectification of your personal data;
• The right to erasure of your personal data in certain circumstances;
• The right to restrict processing of your personal data;
• The right to data portability in certain circumstances;
• The right to object to the processing of your personal data that was based on a public or legitimate interest;
• The right to withdraw consent at any time; and

• The right to lodge a complaint with a supervisory authority under GDPR. Please contact us via email to exercise these rights.

Where you have consented to the Company processing your personal data you have the right to withdraw that consent at any time by contacting William Napier-Fenning wf@www.kentfinance.co.uk.

There may be circumstances where the Company will still need to process your data for legal or official reasons. We will inform you if this is the case. Where this is the case, we will restrict the data to only what is necessary for the purpose of meeting those specific reasons

If you believe that any of your data that the Company processes is incorrect or incomplete, please contact us using the details above and we will take reasonable steps to check its accuracy and correct it where necessary.

You can also contact us using the above details if you want us to restrict the type or amount of data we process for you, access your personal data or exercise any of the other rights listed above.

If you wish to complain about this privacy policy or any of the procedures set out in it, please send an email with the details of your complaint to enquiries@www.kentfinance.co.uk.

You also have the right to lodge a complaint with The Information Commissioner’s Office (“ICO”) on 0303 123 1113 or at https://ico.org.uk/concerns/, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.