Privacy statement


This policy sets out the different areas where user privacy is concerned and outlines the obligations and requirements of the user, the website and website owners.  Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.

The website

David Owen & Co, as the owner of this website, take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience.  This website complies with all UK national laws and requirements for user privacy.

Use of cookies

What are cookies?

Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website.  This allows the website, through its server to provide the users with a tailored experience within the website.

What do we use cookies for?

We may use cookies to remember personal settings you have chosen at our website.  In no other context do we use cookies to collect information that identifies you personally.  Most of the cookies we set are automatically deleted from your computer when you leave our website or shortly afterwards.

We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features.

This website uses tracking software to monitor its visitors to better understand how they use it.  This software is provided by Google Analytics which uses cookies to track visitor usage.  The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.

Should users wish to deny the use and saving of cookies from this website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.

For more information about cookies or if you would like to learn how to remove cookies set on your device, visit:

Personal information

Whilst using our website, software applications or services, you may be required to provide personal information (name, address, email, account details, etc).  We will use this information to administer our website, applications, client databases and marketing material.  We will ensure that all personal information supplied is held securely in accordance with the General Data Protection Regulation (EU) 2016/679, as adopted into law of the United Kingdom in the Data Protection Act 2018.  Further, by providing telephone, fax and email details, you consent to David Owen & Co contacting you using that method.  You have the right at any time to request a copy of the personal information we hold on you.  Should you wish to receive a copy of this or would like to be removed from our database, please contact us at

Information collection and use

How do we collect information?

David Owen & Co collects information in two possible ways:

a. When you directly give it to us (“Directly Provided Data”)

When you visit our site or communicate with us, you may choose to voluntarily give us certain information – for example, by filling in text boxes or completing registration forms.  All this information requires a direct action by you at that time in order for us to receive it.

b. When you give us permission to obtain from other accounts (“User Authorised Data”)

Depending on your settings or the privacy policies for other online services, you may give us permissions to obtain information from your account with those other services.  For example, this can be via social media or by choosing to send us your location data when accessing our website from your smartphone.

How long do we keep your data for?

David Owen & Co will not retain your person information longer than necessary.  We will hold onto the information you provide either while your account is in existence, or as needed to be able to provide the Services to you, or for as long as is necessary to provide support-related reporting only.

If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms & Conditions, we may also retain some of your information for a limited period of time as required, even after you have closed your account or it is no longer needed to provide the Services to you.

Choosing how we use your data

We understand that you trust us with your personal information and we are committed to ensuring you can manage the privacy and security of your personal information yourself.

With respect to the information relating to you that ends up in our possession, and recognising that it is your choice to provide us with your personally identifiable information, we commit to giving you the ability to do all of the following:-

  • You can verify the details you have submitted to David Owen & Co by contacting our offices detailed on our Contact Us page.  Our security procedures mean that we may request proof of identity before we reveal information, including your email address and possibly your address.
  • You can also contact us by the same method to change, correct or delete your personal information controlled by David Owen & Co regarding your profile at any time.  Please note though that, if you have shared any information with others through social media channels, that information may remain visible, even if your account is deleted.
  • You can always feel free to update us on your details at any point by contacting us at our offices.
  • You can request a readable copy of the personal data we hold on you at any time. To do this, please contact us at

Useful information

For copies of our “Statement of Compliance to GDPR” and our “Standard Terms of Business” please contact us at

Provision of Services Regulations disclosures

  • We are a firm of statutory auditors registered to carry on audit work in the UK by the Institute of Chartered Accountants in England and Wales. Details about our audit registration can be viewed at under reference number C005394156.
  • The professional rules applicable to our audit work in the UK are the Audit Regulations which can be found at In addition there are the International Standards on Auditing (UK and Ireland) at
  • In carrying out our audit work we are subject to the Code of Ethics which can be found at With respect to audit work we are also subject to the APB Ethical Standards which can be found by searching for ‘Ethical Standards’ at These are available in English.

VAT number – David Owen & Co: GB 138 0497 60

Job Applicant Privacy Statement

Data controller: David Owen & Co

As part of our candidate and recruitment process, we David Owen & Co collect, process and store information about you. We process this information for a range of purposes relating to the recruitment process and assessment of your suitability for the role you have applied for. We are committed to being transparent about how we collect and use that data and to meeting our data protection obligations. This document sets out:

  1. What personal data we collect.
  2. Why we collect/process your personal data?
  3. How it is processed within the recruitment process.
  4. Who has access to your personal data?
  5. How we protect your personal data?
  6.  How long we keep your personal data?
  7. What if you do not provide your personal data?
  8. Your rights.

What personal data do we collect?

We collect a range of information about you. This includes: –

  • Personal details such as your name, address and contact details, including email address and telephone number.
  • Work history such as previous employers, positions, dates etc.
  • Education such as qualifications and skills.
  • Information about your current level of remuneration, including benefit entitlements.
  • Information about your entitlement to work in the UK such as passport, driving licence, National Insurance number.
  • Assessment results such as psychometric assessment results

During this process we may also capture some sensitive personal data about you such as disability information. We would do this to enable us to make reasonable adjustments to enable you to apply for a job with us, participate in the application and assessment processes and to ensure that we are complying with our regulatory obligations.

We may collect this information in a variety of ways e.g.: data might be contained in application forms, CVs or resumes, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment.

We may also collect personal data about you from third parties, such as references supplied by former employers (information from employment background check providers and information from criminal records checks). (We will seek information from third parties only once a job offer to you has been made and will inform you that we are doing so.)

Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).

Why do we collect/process your personal data?

In order to manage your application, we need to process certain personal information about you. We only process your information as necessary for the purposes of progressing your application or as required by law or regulatory requirements.

  • Legal requirement

In some cases, we need to process data to ensure that we are complying with our legal obligations. For example, we are required to check a successful applicant’s eligibility to work in the UK before employment starts.

(For some roles, we are obliged to seek information about criminal convictions and offences. Where we seek this information, we do so because it is necessary for us to carry out our obligations and exercise specific rights in relation to employment.)

  • Legitimate Interest

We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.

Who has access to your personal data?

We will need to share your personal information internally for the purposes of the recruitment exercise. This includes (members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles). (Where we engage an external HR Consultant to support us in the recruitment process, we may share your information with them.)

We will not share your data with any other third parties, unless your application for employment is successful and we make you an offer of employment. We will then share your data with former employers to obtain references for you and the Disclosure and Barring Service (DBS) to obtain necessary criminal records checks.

We will not transfer your data outside the European Economic Area.

How do we protect your personal data?

We take the security of your data seriously and have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.

How long do we keep your personal data?

We will not use your data for any purpose other than the recruitment exercise for which you have applied.

If your application is unsuccessful, we may keep your personal data on file for a period of 6 months after the end of the relevant recruitment process in case there are future employment opportunities for which you may be suited. We will ask for your consent before we keep your data for this purpose, and you are free to withdraw your consent at any time. At the end of that period [or once you withdraw your consent], your data is deleted or destroyed.

If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice for employees.

What if you do not provide your personal data?

You are under no statutory or contractual obligation to provide data during the recruitment process. However, if you do not provide the information, we may not be able to process your application properly or at all.

Automated decision-making

Recruitment processes are not based solely on automated decision-making.

Your rights

Under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 you have several rights with regard to your personal data:

You have the right:

  • to access and obtain a copy of your data on request;
  • to require us to change incorrect or incomplete data;
  • to require us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
  • to object to the processing of your data where we are relying on its legitimate interests as the legal ground for processing.

If you would like to exercise any of these rights, please contact Michael Buckland.

If you believe that we have not complied with your data protection rights, you can complain to the Information Commissioner.

Please note, we are constantly reviewing how we process and protect data, therefore, changes to our policy may occur at any time.  We will endeavour to publicise any changes.