This firm is committed to protecting the privacy of the clients of the firm. This commitment begins when you first contact us and you can expect us to take all reasonable steps to ensure the safety of your personal information.
This policy sets out important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Who are we and are we registered data controllers?
As a firm of solicitors we have to collect and use your personal information in order to deal with your case. By collecting and using personal information we have to comply with UK Data Protection Legislation and the General Data Protection Regulation (GDPR).
We are registered with the Information Commissioner’s Office under Registration number Z7334579.You can view our registration details at https://ico.org.uk/ESDWebPages/Entry/Z7334579. We are responsible as “data controllers” ‘controller’ of personal information under the relevant laws.
What personal information do we collect and use?
When you contact us we may collect personal information that you provide to us such as contact information or details about your enquiry. By contacting us you are requesting us to process your personal data to enable us to provide information or assistance to you and we will use and store your information for that purpose.
How we use personal information
If you are contacting us about a potential legal case or matter we will use your personal information to:
- assess whether or not you have a case;
- assess if we want to take your case on;
- assist with compliance with relating cases such as money laundering; and
- deal with your case if we have decided to take it on. We will keep your data for a period of 6 years, from the conclusion of your enquiry or case which we consider a legitimate time period taking into consideration applicable UK law.
Who we share your personal information with
If we take your case on then we may share your personal data with third parties in order to assist us to investigate or progress your case, provide you with legal services or comply with legal obligations. Examples might include barristers, courts and medical experts. Our obligation to keep your data safe does not extend to third parties. Each third party has its own obligations to keep data safe and we do not accept any liability for data losses/breaches by them.
In addition to the above we may use third-party service providers and your personal data may be shared in the process of providing services to us. These might include:-
- marketing automation platform and email marketing services
- off-site archiving and storage facilities
- IT (including back-up) services; and
- ID verification services and money laundering checks
- Third party software such as Noise Assist. We may on occasion need to transfer your information outside of the European Economic Area (EEA). Countries outside of the EEA do not have the same data protection laws.
Contacting us for other reasons
You may be contacting us for reasons other than connected with legal advice. For example, you might be sending the firm your curriculum vitae when applying for a job or you may be employed by the firm. In such circumstances we will collect and store your data. The data will be retained for a period of no more than 6 years after your last contact with the firm.
Your privacy rights
You have the following rights:-
- The right to be informed about the collection and use of your personal information
- The right to access your personal information
- The right to correct any mistakes in the information which we hold
- The right to erasure of personal information
- The right to restrict processing of your personal information
- The right to move, copy or transfer your personal information
- The right to object to direct marketing
Rights in relation to automated decision making and profiling. For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation. You can find ICO at:-https://ico.org.uk and the information about GDPR at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/
Personal information secure
We have a number of measures in place to prevent personal information from being accessed or lost by those whom are not authorised to access it.
In the unlikely event of a suspected or actual data breach, we have procedures in place to deal with it. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We will always protect the privacy of children. We cannot accept instructions directly form a child and either a parent or guardian will represent their interests and interact with us. We will use the child’s personal information, and that the of the adult representatives, for the purposes of dealing with their case only.
Please contact feel free to contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact our Data Protection Officer, please send an email to firstname.lastname@example.org or put your query in writing to Janine at the firm’s address.
You also have a right to complain to the information commissioner and you can access their website at:-https://ico.org.uk
“ Thank you to Steven [Evans] for his kindness, patience, efficiency and professionalism throughout this process. I didn’t think my dad would cope well with the requirements but Steven’s calm nature and knowledge made a fairly grim situation much easier to bear. We contacted other solicitors at the start of this process, and their hard-sell approach was dreadful – thank goodness for you and your team! ”