We provide quality carpentry services across the UK

GDPR policy


GDPR legislation policy statement


MB Management Services (MBMS) Ltd will comply with the Data Protection DPA) 2018 incorporating the General Data Protection Regulation (GDPR) from 25 May 2018. We believe that protecting our contractors personal data is very important, so this statement outlines how we use and protect that information and your rights under the new GDPR regulations.


We need to collect and process personal data, so we can provide you with speedy payment and validate you on the HMRC CIS website. Most of this data is routinely collected at the point you agree to subcontract to MMBMS generally it will have been provided by yourselves, as the subcontractor.

However, we may also collect personal data about you from third parties, such as HMRC.

Data will also be used for invoicing and accounting purposes.

It is necessary to process this data to fulfil the company requirements to provide   monthly updates to HMRC with regard to CIS withheld payments.

It may sometimes be necessary to process such data to comply with legal obligations for example; under the Anti Money Laundering Regulations 2017.

We also use the personal data to communicate with you about topics arising from our business relationship with you.


As your contractor we are required to share your data with HMRC and where relevant Companies House.

Our Public Liability Insurers may require data to be shared with them in the event of a claim.

We may also need to share data with our accountant who provides MBMS with professional cover in the event of the director’s incapacity or death, to fulfil existing financial obligations to you.


Personal data is stored in a range of different places, including your client file held on  password protected document and computer, the online accounting system used by MBMS and the email system used by the company.

Data is backed up to the ‘cloud’ held on servers under EU jurisdiction as required by GDPR.


MBMS Ltd will hold your personal data for the duration of your contract with us. Once the business relationship has ended we are required under guidance issued, to hold the relevant tax data for 7 years, all other data not tax related will be destroyed. After that time your personal tax data will be removed securely from our records.


MBMS Ltd takes the security of your personal data seriously and has internal

policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed and is not accessed except by the director and administrative assistant.


You have the right to request a copy of the information that we hold about you. If you would like a copy of your personal information please e mail M Bealby at marcus@mbmsltd.com.

It is important that your personal data is accurate and up to date. You may ask us to correct or remove information that you think is inaccurate.

If you believe that there is a problem with the way we handle your data please contact us, you also have the right to complain to the Information Commissioner.

This policy was updated on the 26th April 2019 and will be reviewed regularly and updated when necessary.