If you are applying for a role with us or if you are an employee of the firm, a different policy will apply to you, which you will be provided with.
What data will we collect from you and why?
We will collect personal information from you, our clients, people who work with or on behalf of our clients and other third parties.
Due to the range of legal services that we provide, the type of data that we collect will vary. However, the data we will need to collect and process is likely to include:
• your full name;
• contact details (such as telephone number, postal and email addresses); and
• associated client information (such as source of funding).
Depending on the nature of the legal services we provide to you, we may also collect special categories of personal data about you. Examples of special category data would include: details about your race or ethnicity, religious or philosophical beliefs, trade union membership and information about your health. We will inform you if such information is required, how we collect this type of data and the purpose of collecting and processing such information. We will also seek your explicit consent prior to collecting and processing this data.
We may use your personal data for the following reasons:
• for the performance of a contract with you or the organisation you work for;
• to fulfill our legal, regulatory, accounting, reporting, or professional obligations;
• to pursue our legitimate interests, which includes providing legal services and defending claims against us;
• to maintain and develop our business relationship with you and our clients;
• to review and answer any requests, enquiries or complaints received by you; or
• because you have provided your explicit consent for the personal data to be processed.
Who may we provide your personal data to?
In the course of providing legal services to our clients and in order to comply with our legal obligations, we may share your personal data with the following third parties:
• third parties involved in providing services to clients, including courts, tribunals, barristers, experts and other third parties involved in a matter;
• our own legal and professional advisers, auditors and insurers; and
• government agencies, regulators and other authorities.
Where will we process your personal data?
There may be circumstances where we may process your personal data outside the European Economic Area (EEA). EEA countries are all member states of the European Union together with Norway, Iceland and Liechtenstein. Data protection laws may not be as strong outside the EEA as they are in the EEA. Therefore, personal data will not be transferred to a country outside the EEA unless the following apply:
• the country to which the personal data is transferred is one which the European Commission considers to provide an adequate level of data protection; or
• the personal data is transferred to a company which is required by our contract with them only to deal with the data in accordance with our instructions and to maintain appropriate security to protect the personal data which we are satisfied they have.
How do we protect your personal data?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Does our website contain links to third party websites?
How long can we retain and process your personal data?
We keep personal data in accordance with our internal retention and archiving procedures, which are determined in accordance with our regulatory obligations. These retention periods depend on the nature of the information and the purpose for which it was collected and processed.
What are your rights?
Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:
• to request access to your personal data;
• to request correction of your personal data. If you believe this to be the case, please tell us by email as soon as possible using the email address below;
• to request erasure of your personal data. However, we will retain your data for the purposes of dealing with any claims or if we have any other legitimate reason to retain it;
• to object or request a restriction to processing of your personal data;
• to request transfer of your personal data; and
• a right to withdraw your consent.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You also have a right to complain about the way in which your personal data has been processed. Should you make a complaint we will investigate and respond to you as soon as we reasonably can. If you remain dissatisfied, you may make a complaint to the Information Commissioner’s Office. For further details, see www.ico.org.uk.
What are our contact details?
Studio 3, The Quays
Telephone: 0113 242 4444