Data Protection (GDPR) General Privacy Notice – where you are not a Client
We take our responsibilities regarding the protection of data very seriously and have processes in place to provide security and confidentiality of data. We use information you provide for the purposes for which it is provided, and for any mandatory additional purposes including statutory returns, legal and regulatory compliance, updating records and audit/analysis to help us manage our practice. Our use of that information is subject to your directions, data protection law and our duty of confidentiality.
We may give information to others who perform services for us, to ensure our service is prompt and efficient, such as overflow typing, photocopying or call-answering. In addition, our practice may be audited or checked by our accountants, regulator, and by other organisations for ISO quality purposes. We also use the services of storage companies for the storage of archived files. The Lawful basis of such processing is a legal obligation and legitimate interests. All third parties to whom we supply data are required to maintain confidentiality in relation to that data.
We will not normally send data outside the European Economic Area (EEA). We may sometimes send such data to a recipient in a country outside the EEA which has been designated by the EU Commission as providing adequate data protection. If we need to send the data to a country outside the EEA that has not been so designated appropriate arrangements will be agreed with the recipient place to protect the data.
You have various rights under data protection law regarding your personal data including a right of access to the personal data that we hold about you. We seek to keep that personal data correct and up to date. Please let us know if you believe the information we hold about you needs to be corrected or updated. If you have any questions regarding Data Protection please refer to Paul Stott who is the Partner responsible for Data Protection matters at Mercers. Full details of your rights are set out in the ICO website, www.ICO.gov.uk and complaints about data protection matters can be referred to the ICO.
Retention of files and data – We retain information for periods relevant to their subject matter as required by professional rules and legislation. The time periods vary depending on the area of law and facts involved, so decisions regarding retention or destruction of files and data will be made on a case by case basis.
Your data protection obligations – If you send us personal data about anyone other than yourself you will ensure you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us.
Keeping you informed – we may from time to time send you information which we think might be of interest to you (for example about legal developments or our other services). The lawful basis for this is legitimate interests. If you do not wish to receive that information please notify us, preferably in writing.