Data & Privacy Notice
This Notice is primarily for the benefit of our clients or potential clients or for related third parties whose data we may process as part of the provision of legal services. We maintain and will provide separate privacy notices in relation to the collection and use of personal information about our staff and employees, including potential employees, during and after their working relationship with us.
This firm processes your data in accordance with the terms of the Data Protection Act 2018, the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 and the relevant provisions relating to the General Data Protection Regulation contained within the European Union (Withdrawal) Act 2018 (UK GDPR). This Data & Privacy Notice explains, in detail, the types of personal data we may collect about you when you interact with us. It also explains how we will store and handle that data and keep it safe. Unless otherwise indicated, references in this Data and Privacy Notice to the GDPR refer to the UK GDPR.
We know that there’s a lot of information here, but we want you to be fully informed about your rights, and how our firm uses your data. We hope the following sections will answer any questions you have but if not, please do get in touch with us.
Conditions for Processing Data
We are only entitled to hold and process your data where the law allows us to. The current law on data protection (Article 6 GDPR) sets out a number of different reasons for which a law firm may collect and process your personal data. These include:
The main purpose for our holding your data is to provide you with legal services under the agreement we have with you. This agreement is a contract between us and the law allows us to process your data for the purposes of performing a contract (or for the steps necessary to enter in to a contract).
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. This may include to satisfy our external quality auditors or our Regulators.
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity.
In some situations, we can collect and process your data with your consent. For example, when you tick a box to receive email newsletters. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
When do we collect your data?
We normally collect your data when you provide it to us or when it is provided to us by others (your opponent’s solicitors for example) during your case. You may give us your data by email; through an online web form; over the telephone; face to face; or by post.
What sort of data do we collect?
Information you provide to us
You voluntarily give us your personal information for instance when:
- you contact us via our website
- provide a comment on our website
- write a review
- sign up to any newsletters
- interact with us on social media platforms, and/or
- use our services.
Where we request information from you we will collect the information set out in the relevant web pages, or as explained to you over the telephone or face to face.
We may collect personal data as follows:
- name and contact details (including address, email and phone numbers). This may include asking for and keeping a copy of your passport/driving licence and proof of address
- date of birth
- personal information that may be included in communications with us
- payment information and financial information that relates to a contractual relationship including bank details.
We may gather details of your age; ethnicity; gender etc.
We also collect and hold information about your case or legal problem.
Depending on the circumstances of their legal matters, for some clients, we may have access to or process special category data including:
- personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership
- genetic data
- biometric data processed for the purpose of uniquely identifying a natural person, or
- data concerning health or a natural person’s sex life or sexual orientation.
In addition to contract lawful condition for processing under Article 6 of the GDPR (see above), Article 9(2)(f) of the GDPR) permits us to process this data where it is necessary for, connected to and/or or relates to legal claims including for the purposes of assisting with legal proceedings, obtaining legal advice and/or establishing, exercising or defending legal rights. We will only process this specific data if it is necessary to establish, exercise or defend a client’s legal rights. We will ensure that the use of this data is relevant and proportionate and that we do not hold any more data than is needed. All such data is processed in line with the commitments and policies within this Privacy Notice.
Website or third party sources
We collect certain related technical information including, but not limited to, traffic data, location data, logs (including, where available, the IP address and location of the device connecting to the online services and other technical information and identifiers about the device and the nature of the visit such as clickstream to, through and from our website) and other communication data, and the resources that you use.
How do we use your data?
Provision of services
We only use your data for the purposes of providing you with legal advice, assistance and where appropriate, representation and for reasons directly associated with those services (i.e. providing information to quality auditors etc.).
- to deliver our services
- to manage our relationship and communicate with you
- to provide you with advice or guidance about our services
- to make and manage payments
- to respond to complaints and seek to resolve them
- to train our staff and measure the quality of the service we give to clients.
We also use data to communicate with our regulators or legislators and to obey laws, regulations and codes of conduct that apply to us.
For example, we will process your data to enable us to identify and/or verify your identity and conduct fraud, credit and anti-money laundering checks in accordance with anti-money laundering and counter terrorism financing legislation and regulation.
We may use your data to notify you of our other services but only where we have your consent to do so.