Welcome! Email: info@internalcontrol.co.uk, Call mobile: 07597 386728

GDPR Privacy Statement

How We Use Your Information – GDPR Privacy Statement Internal Control Limited

Internal Control limited may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

Who we Are

Internal Control Limited is a Data Controller and is committed to ensuring that any data is managed securely. We normally only process corporate data, on rare occasions personal information may be stored and processed by our business.

Head Office Address: 11 Stratford Road, Solihull, B90 3LU
Telephone Number: 07597 386728
ICO Registration Number: ZA065321
Company Number: 09096822
For information on all the activities we’re licensed to carry out please visit:

Why we need Customer Information

We need to collect corporate information in order to provide you with consultancy services. We will not collect any information from you that we do not need in order to provide and oversee the services described in the agreement. Sometimes we need to collect senior management personal information for applications as part of the Approved Persons application process to the Financial Conduct Authority.

Our Legal Basis For Processing Your Information

The processing is necessary for the performance of a contract of services.

The data subject has given consent to the processing of their personal data for one or more specific purpose.

What we will do with customers information

If we hold personal information about a data subject this will be used for providing consultancy services to our customer as defined in the service agreement. Any processing or storing of data is by our staff in the UK.

Who the customers data will be shared with

We do not share personal data with any third party.

Whether the data will be sent overseas

We will not send personal data overseas.

How long we will keep your information

We will maintain the data for the period of contract with the corporate entity.

Customers Rights

In the rear instance that we do hold personal information regarding a data subject, you have the following rights related to your personal data and how it’s processed:

  • The right to be informed – this means we must provide, at the point of collecting your data, a privacy or verbal notice informing you of how your personal information will be used.
  • The right to access your personal information – this means that you have the right to know what information we hold on you, and to request a copy of it. This information is provided free of charge.
  • The right to get inaccurately recorded information corrected.
  • The right to erasure – this means that you can request that your personal data is deleted from our records, also referred to as ‘the right to be forgotten’.
  • The right to restrict how your personal information is used – this means that you have the right to object to how we use your personal information, including for direct marketing purposes.
  • The right to receive your personal information in a legible and transferable format.
  • The right to object to the use of your personal information
  • Rights related to automated decision making including profiling – this means you have the right to refuse to your personal information being used to make a decision based on an automatic process without human intervention

For further information on how to action any of these rights please contact the data protection officer at the address on this statement.

How customers make a complaint

Should you wish to make a complaint, you can do so by:

– Email – info@internalcontrol.co.uk
– Telephone – 07597 386728

If we do not handle your complaint to your satisfaction within 8 weeks, you have the right of referral to the ICO who act as the data protection arbitrator.

Details of how to contact the ICO are at this web address https://ico.org.uk/global/contact-us/

What we do to keep customers data secure

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.