It has always been a policy of Moneysoft to collect as little personal data as possible in order to provide software to our customers. In normal circumstances the only data we will have asked for are those required to provide an invoice (e.g. name, address, email etc.). We never share this data with third parties; nor do we ever use it to send unsolicited or marketing emails. In certain other situations i.e. when you contact us for software support we may ask you to provide us with additional data. Details of this are given below.
When BUYING our software
We collect your name, company name (if applicable), address, telephone number and email address. This information is necessary in order for us to fulfil our contractual obligations to you as a customer and as such there is a ‘Contract’ lawful basis under GDPR for processing this data. Data is stored on our secure internal database and also on the UK server used to host our online order system. These details may be used to verify your purchase should you require support or request details of your software user licence or invoice from us at some point in the future.
We never collect any ‘special’ categories of data as defined by GDPR (e.g. race, political, religion, trade union, genetic, health etc. etc.)
At the point of purchase we also collect your credit/debit card details in order to process your payment via Lloyds Cardnet. We do not store credit/debit card details and are fully Payment Card Industry (PCI) compliant.
We do not share your data with any third parties and never send marketing or other unsolicited emails.
We do not collect personal data when a trial version of our software is downloaded from our website.
When USING our software
Moneysoft does not have access to your software data files, and these are stored locally on your own computer systems (i.e. they are not stored on Moneysoft servers). We recommend that you take the necessary steps to ensure that your data is stored safely and securely and do not allow unauthorised access to your systems.
When using our software to submit information electronically to third parties such as Her Majesty’s Revenue and Customs (HMRC) or NEST Pensions then data is transmitted directly via a secure (‘https’) connection between your system and that of the third party. Data does not travel through Moneysoft servers.
When using our software to email documents such as payslips, P60 forms etc. to employees or employers then data is transmitted directly from your system to your email server and then on to the email recipient. Data does not travel through Moneysoft servers.
When receiving software SUPPORT
Moneysoft offer software support via email. We endeavour to answer all email support queries within 1 working day and will delete your email immediately following the resolution of your issue.
In certain situations, it may be necessary for you to email a backup copy of your data file to us in order for us to resolve your support issue. A feature within the software allows you to create an ‘anonymous backup copy’ of your data which removes all personal employee information before you send your file to us (further details can be found on our website https://moneysoft.co.uk/support/sending-an-anonymous-file-to-moneysoft/).
In some circumstances, and when all other alternatives have been exhausted, it may be necessary to send us a backup copy of your actual data file, complete with employee information. The lawful basis for processing data in these circumstances is that of ‘Legitimate interests’ under GDPR. Before sending data to Moneysoft you should ensure that you are complying with current data protection laws and have received approval from any relevant parties. It is our policy to permanently delete such backup files immediately following the resolution of your support issue.
Moneysoft do not offer ‘remote access’ support and as such never have direct access to your computer systems.
When using our WEBSITE
You can ask to see what information we have and ask for it to be corrected or deleted if you wish (although should you ask to have your details removed entirely from our database then we may not be able to provide you with certain software support). Please send such requests by email to the address firstname.lastname@example.org. We have a legal obligation to reply to your request within one month, although wherever practical we will endeavour to provide you with a response within one working week. We will not make a charge for this service.
You have a right to lodge a complaint with the Information Commissioner’s Office (ICO) if you have a concern about how we are handling your personal information.