Privacy Policy Nomi: software for accountants & bookkeepers

1. Introduction

NOMISMA SOLUTION LTD (also referred to as “we”, “us”, “our”, “Nomisma” in this privacy policy) provides payroll, bookkeeping, self-assessment and other related services for all individuals, accountants and businesses across United Kingdom. Any information that you share with us remains with us only. We do not share any of your information (personal or professional details) with any third party. This privacy policy will help you understand how we interact with you and how your information is secured with us. We would also like you to know that we have aligned our privacy policies with the EU General Data Protection Regulation (GDPR) and we support this initiative taken by the EU Parliament. The processing of personal data by Nomisma, such as name, contact number, email address of a person visiting our website shall always be in line with the General Data Protection Regulation (GDPR). As the controller, we have implemented multiple securities to ensure the complete protection of data submitted and processed through this website.

We would request you to go through our privacy policy carefully. If after going through our privacy policy you have any queries, then you can contact our Data Protection Officer (see section 4) or contact us at-

Email Id – [email protected]

Contact Number – 020 3021 2326

Address – Suite 22 Winsor and Newton Building, Whitefriars Avenue, Harrow and Wealdstone, HA3 5RN

2. Defining Audiences

We are defining audiences on the basis of their level of interaction with us. Collectively, we can define all the audiences (Website Visitors, Leads and Customers) as “you” and “your” as required

2.1 Website Visitors (also referred to as “Visitors”) If you have visited our website but have not interacted with us over the Live Chat option or filled any form sharing your details, then you will be referred to as a visitor.

2.2 Lead If you have interacted and shared your details with us to get in touch with you, then you will be defined as a “Lead”.

2.3 Customer If you are already availing our services, whether our free trail model or for paid services, then you are defined as our “Customer”.

3. Controller and Processor

Nomisma acts as both data Processor and Controller as defined in the directive and GDPR.

Customers and Leads will also act as a Controller for the data Nomisma have on them and Nomisma will also be the Processor. Customers and Leads have the right to see the information we have on them and edit, modify or delete any information they want from our database.

4. Data Protection Officer

Nomisma has a Data Protection Officer (also referred to as “DPO”) who is responsible for matters relating to privacy and data protection of all Visitors, Leads and Customers. This Data Protection Officer can be reached at the following address –

Name – Gary Zouvani

Address – Nomisma Solution Ltd, Suite 22 Winsor and Newton Building, Whitefriars Avenue, Harrow and Wealdstone, HA3 5RN

Email Id – [email protected]

Contact Number – 020 3021 2326

5. Who is collecting data?

The data is collected by Nomisma with the help of third party tools like Google Analytics, JotForm and Zendesk who helps us in processing your personal data. To ensure that your data is safe, Nomisma has signed DPA (Data Processing Addendum) with all its sub-processors. You can request for DPA by sending an email to our Data Protection Officer.

6. How data is collected?

Data is collected in the following ways –

6.1 Cookie Data Cookies are small pieces of information sent by a website to a Visitor’s hard disk. Cookies cannot be used to run programs or deliver viruses to your computer. By continuing to visit the website, you agree to the placement of cookies on your device. A temporary cookie may also be used on protected and unprotected sections of our site in order to relay information that is input on one page of the site by the shareholder to other areas that require the same information (e.g. 30 day free trial). This relieves the user of having to input the same data on multiple pages. Temporary cookies will not be placed on the computer hard drive of a user, and will be used only during the current session; they are discarded once the user terminates their session. Cookies are activated only during visits to Nomisma’s website and does not track activity once a user leaves the website.

6.2 Google Analytics We use Google Analytics to collect information related to the pages the visitor has visited, time spent on that particular page and other standard log information. Google Analytics is not allowed to have access to your Personally Identifiable Information (PII) that you share with us.

6.3 Lead Form Visitors may share their information with us by filling up the lead forms. Lead forms usually contains name, contact number and email address. In general, this information is used by our counselors and accountants to reach out to you and sort your queries. All the information shared through lead forms remains with us only.

6.4 Zendesk Chat This live chat is used and operated by Nomisma only. Any information you share over the live chat remains with us only.

7. Declaration of Sub-Processing

Nomisma requires the services of three organizations that acts as a Data Processor for us in the provision of our services to you:

7.1 Google Analytics: It helps us to track the movement of a Visitor within our website and how much time is spent by that Visitor and along with other standard log information. They do not capture, store or use any personal identifiable data that you as a Lead or Customer share with us. You can visit Google’s Privacy Policy for more information by clicking here.

7.2 Zendesk Chat: Zendesk is a chat option which is used and operated by Nomisma. Zendesk is legally not allowed to use any data that you have shared with us. You can visit Zendesk’s Privacy Policy on GDPR for more information by clicking here.

7.3 Jot Form: Jot Form is used to collect information which you as a Customer or Lead fill in the forms given on our website. The data that you share on the forms reside with us only and Jot Form is not legally authorized to use the data that you have shared with us. You can visit Jot Form’s Privacy Policy on GDPR for more information by clicking here.

8. External Links

This website may include relevant hyperlinks to external websites not controlled by us. Whilst all reasonable care has been exercised in selecting and providing any such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do we continually verify the safety or security of the contents which may be provided to you. You are advised, therefore, that your use of external links is at your own risk and we cannot be responsible for any damages or consequences caused by your use of them.

9. About Sensitive Personal Data

GDPR specifies a set of personal data categories which are considered to be “sensitive”, and which require special consideration by Data Controllers. This website, and any services available from this website, do not knowingly collect or process any sensitive personal data.

10. About Children’s Personal Data

This website, and any services available from this website, are not directed to children under the age of 13. If you learn that a child under the age of 13 has provided us with their personal information without having parental consent, please contact the Nomisma’s Data Protection Officer (refer to section 4) immediately so that we can take appropriate action.

11. Data Rights for Leads and Customers

As prescribed within data protection regulations, you have several rights connected to the provision of your personal data to Nomisma using this website. These include your rights to request that we:

• confirm you what personal data we may hold about you, if any, and for what purposes

• change the consent which you have provided in relation to your personal data

• correct any inaccurate or incomplete personal data which may be held about you

• provide you with a complete copy of your personal data for you to move elsewhere

• stop processing your personal data, whilst an objection from you is being resolved

• permanently erase all your personal data promptly, and confirm you that it has been done so

You can reach out to Nomisma’s Data Protection Officer (refer to section 4) for any request relating to your personal data.

If we do not address your request, or fail to provide you with a valid reason why we are unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website (www.ico.org.uk) or by telephone 0303 123 1113.

12. Retention and Deletion of Data

Data of Leads and Customers are kept by us to ensure that we are able to provide you services and further information related to it. Data of Customers are kept all time in our secured databases and will not be modified or deleted until requested by the Customer himself. When a Customer’s stops taking the services from us, automatically all personal data related to that Customer will be deleted from our databases. Data of Leads are retained until the time to fulfill the purpose for which it was collected for or as required by applicable laws or regulations.

13. Retention and Deletion of Data

If you would like to know all the data that we possess about you or would like to edit or delete data, then you can contact our Data Protection Officer (DPO) (refer to section 4). Our DPO will give you the full right to access and modify your data.

14. Our Legal Basis for using your data

Everything we do with records about individuals – obtaining the information, storing it, using it, sharing it, even deleting it – will have an acceptable legal basis. We keep a record of when consent was given by an individual to record their data and how to use it. We also keep record of how that data was shared (e.g. on the website, on a form, verbally) and what they actually consented to.

We also retain the right to reveal the Customer’s or Leads information without their prior permission if it is required by law to initiate any legal proceedings against that person or if we believe that person is responsible for infringing rights and property belonging to Nomisma or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required.

15. How we follow the six principles of GDPR?

Principle 1 – Fair, Lawful and Transparency

We will ensure that all your personal data are handled by us only and only for the services that you have authorized. While collecting data from you, we will ensure that you there is transparency and you understand that you are giving us authorization to connect with you. Your data will not be used for any other services or any unlawful activity.

Principle 2 – Purpose

Visitors who share their data with us become Leads and Leads who avail our services becomes our Customer. The purpose of receiving the data is to connect with you and provide you with complete online accounting solution. The purpose of having Customers data is to ensure that we update them on the latest changes related to our software.

Principle 3 – Adequacy

If you are our Customer, then we might require documents related to your business or work. We do not require any sensitive information and would like you to refrain from sharing such information with us unless explicitly required by law or necessary for filing your taxes or any other services provided by Nomisma. If you are Lead, then we will have only basic personal information about you unless you have shared any other details with us.

Principle 4 – Accuracy

We will ensure that the data you have provided is not altered at any stage and will take every possible necessary steps to verify the authenticity of the data that is provided. Accurate information is very essential to our services as on its basis we are able to reach out to you and provide accurate information.

Principle 5 – Retention

If you are our Customer, then we will require having your data with us till the time you opt out of our service. However, if during the period of availing our service you would like to modify or delete some data, then you will be permitted the access by our Data Protection Officer (DPO) (refer to section 4)

If you are Lead, then at any time you can choose to delete all the data we have on you. Otherwise we will have your data for six months until and unless explicitly given any other time frame to retain your data with Nomisma.

Principle 6 – Rights

You will have the right to access a copy of your information we have, right to object to processing of your data, right to prevent direct marketing, editing your personal data and right to claim compensation for damages by a breach of the Act.

16. Security

Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens. For more information about security, check out Nomisma’s security policy.

17. Organisational Measures

All employees and shareholders of Nomisma are fully made aware of their individual responsibilities under the GDPR and this privacy policy. All employees have been well trained to handle the personal data of Leads and Customers. They are also encouraged to exercise caution, care and discretion while handling data. Nomisma will be monitoring the performance of these employees and will evaluate their performance on a regular basis.

18. Acceptance of these conditions

We assume that all Visitors, Leads and Customers have read this page carefully. If someone does have any query regarding this policy, then please contact our Data Protection Officer (refer to section 4). If you do not agree to this policy, then please refrain from using our website and services.

19. Changes to Privacy Policy

We may change this policy from time to time. However all the changes will be compliant to GDPR to ensure the safety and protection of your personal data. If you continue using our website or services after we have changed our policy then it means that you have accepted our revised policies.