Our Privacy Policy

Your information, how we use it & your rights.

AAB People is committed to protecting your personal information.

This privacy policy explains how AAB People uses any personal information we collect about you when you use our services or websites.

Our Privacy Policy contains important information about what personal details we collect; what we do with that information; who we may share it with and why; and your choices and rights when it comes to the personal information you have given us.

We may need to make changes to our Privacy Policy; so please check our website for updates from time to time. If there are important changes such as changes to where your personal data will be processed; we will contact you to let you know.

How the law protects you


Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it outside of AAB People. The reasons we collect and use your data are:

  • To fulfil our contract to provide services to you or the data controller.
  • When you consent to it – when you agree for us to contact you to advise you of events, or products and services from us or other organisations.
  • When we have a legal duty – to obey laws and regulations that apply to us.
  • When it’s in the legitimate interest of the firm or of a third party – to run our business in an efficient and proper way.

What information do we collect about you?


We collect personal data as is required to fulfil our contract with you when you sign an engagement letter or request advice, products or services and, if you agree consent, to email you about other products and services we think may be of interest to you.

Information we may collect includes:

  • Contact details – names, addresses, phone numbers, email addresses
  • Financial details – employment details, bank details
  • Data classified as ‘sensitive’ personal information e.g. relating to your health, marital or civil partnership status. This information will only be collected and used where it’s needed to provide the product or service you have requested or to comply with our legal obligations
  • Open data and public records
  • Documentary data – passport, drivers licence
  • Information on children e.g. where a child is named as a beneficiary for Inheritance Tax planning or on the policy taken out by a parent or guardian on their behalf. In these cases, we will collect and use only the information required to identify the child (such as their name, age, gender)
  • Information that is automatically collected e.g. via cookies when you visit one of our websites
  • If you visit one of our offices e.g. visual images collected via closed circuit television (CCTV)

We also collect personal data as is required if you have completed an application to join one of AAB Group entities.

Information we may collect include, information from above section as well as:

  • Your name, address, contact details, including email address and telephone number, date of birth and gender / preferred title
  • Details of your qualifications, skill, professional memberships, experience and employment history
  • Information about your remuneration.

If you have applied for a position within one of the AAB Group entities via a Recruitment Agency, then please refer to their Privacy Policy.

How do we collect information from you?


Information may be obtained from you face to face, through e-mail or telephone calls, from data controllers, from public information sources such as Companies House, or completion of online documentation. As the information is required to enable us to provide our services if you opt not to provide it we may not be able to continue to provide services to you.

We also collect information when you voluntarily complete customer surveys or provide feedback.

How do we look after your information?


We limit the amount of personal data collected to what is required to fulfil our obligations to you.

We restrict, secure and control all of our information assets against unauthorised access, damage, loss or destruction: whether physical or electronic.

We will keep your personal information while you are a client or as long as required to meet our legal or regulatory obligations. We may keep it longer if we cannot delete it for legal, regulatory or technical reasons.

With your assistance we try to maintain the accuracy of your personal data.

How will we use the information about you?


We will collect and use your information only where:

  • It’s necessary to provide the service or product you have requested i.e. to fulfil the Terms of our Engagement with you
  • We have obtained permission from yourself (consent) e.g. when you agree for us to contact you to advise you of events, or general communication including blogs and industry insights, or to pass on your personal information to our group of companies so that they may offer you their products and services or from the data controller for meeting our contracted requirement with them e.g., payroll services, HR services and whistleblowing services.
  • It’s necessary for us to meet our legal or regulatory obligations – to obey laws and regulations that apply to us.

There may be situations where the information we require is a special category of personal data under the legislation. In this case we will explain why we need it and obtain your consent to obtain the data. This situation most commonly occurs where we are arranging life assurance products and need to obtain medical information from you.

We may share your data with these organisations but only for the reasons outlined in “How the law protects you”:

  • Companies we, or you, have chosen to support us in the delivery of products and services we offer
  • Our Regulators and Supervisory Authorities
  • HMRC
  • Law enforcement for the prevention and detection of crime

We periodically check that these third parties have appropriate safeguards in place to protect your data and that they are compliant with Data Protection Regulations.

Keeping you involved & informed


We would like to send you information about our events or general communication including blogs and industry insights, which may be of interest to you. If you have consented to receive these communications, you may opt out any time by clicking the unsubscribe link at the bottom of any email.

You have a right at any time to stop us from contacting you for these purposes or giving your information to other affiliated entities.

Website Visits - how we use this data


We may collect information about your visits to our websites such as IP address, location, browser type, referral source, length of visit and number of page views. This information may be used to improve our websites’ usability and for marketing purposes. Personal data submitted on this website could be used for the purposes specified in this privacy policy or in any relevant parts of the website.

Cookies are used on this website and more information can be found on our cookie policy.

Third Party Processors

Our carefully selected partners and service providers may process personal information about you on our behalf as described below:

Digital Marketing Service Providers

We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information. Our appointed data processors include:

(i) Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: http://sopro.io. Sopro are registered with the ICO Reg: ZA346877 their Data Protection Officer can be emailed at: dpo@sopro.io.

Access to your information & correction


The accuracy of your information is important to us and we will update the information as appropriate. If you change your contact information please notify us and we will update our records.

You have a number of specific rights, these are summarised below:

  • Access – You may ask for a copy of the information we hold about you and we will provide this within one month of receipt free of charge (we may charge a fee for subsequent or duplicate requests).
  • Rectification – You may ask us to correct any information that we hold that is inaccurate or incomplete.
  • Erasure – You may ask us to delete or cease processing data in certain situations. Please note that we will have regulatory obligations to retain information for certain time periods and we will retain such information as we believe is necessary to fulfil these obligations.
  • Restrict processing – You may ask us to cease processing information. This means that we will be able to retain it but no longer act upon it. In the event that you no longer need our services and terminate them we will automatically cease processing information.
  • Portability – You may have the right to have your data transferred to another service provider in an appropriate electronic format. Please note that we will have regulatory obligations to retain copies of the information as outlined previously.
  • Objection – You may have the right to object to us processing information or using it for marketing purposes.

This is a brief summary of your rights and there may be restrictions on some of them. If you wish to explore any of these rights at any time please contact us on the addresses below and we will be pleased to assist you.

Transferring your information outside of the United Kingdom


The majority of your information is processed in the UK.  However, as part of the services offered to you, some of your information may be transferred to countries outside the UK.

Where your information is being processed outside of the UK we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. We will put in place legal agreements with our third party suppliers and do regular checks to ensure they meet these obligations.

If you use our services while you are outside the UK, your information may be transferred outside the UK in order to provide you with those services.

How to contact us


Please contact us if you have any questions about our privacy policy or information we hold about you.

Please let us know if you believe we are not holding your information correctly, if you are unhappy with how we have used your personal information or have any questions about our privacy policy or information we hold about you. Our Data Protection Officer is Alan Paterson who can be contacted at:

AAB Group
Kingshill View
Prime Four Business Park
Kingswells
Aberdeen
AB15 8PU

Alternatively you can email gdpr@aab.uk

You also have the right to complain to the Information Commissioners Office. You can do this:

  • via their website https://ico.org.uk/concerns
  • In writing to

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.

Company Details


AAB People is a trading style of Anderson Anderson & Brown LLP.

The Registered Office of Anderson Anderson & Brown LLP is:

Kingshill View
Prime Four Business Park
Kingswells
Aberdeen
AB15 8PU

We are registered in Scotland, No: SC474970

Our VAT Registration No is: 237 517 793

Anderson Anderson & Brown LLP is registered with the Institute of Chartered Accountants of Scotland (ICAS) – Firm No. 1464

Audit Registration – our audit service is provided by Anderson Anderson & Brown Audit LLP (SO306316), a firm registered with ICAS – Firm No. 4272

Details about our audit registration can be viewed at www.auditregister.org.uk

A list of entities affiliated with the firm are listed here

Proud to be affiliated with