Data Protection (GDPR) Privacy Notice for Clients
We take our responsibilities regarding protection of data very seriously and have processes in place to provide security and confidentiality of data. We use the information you provide primarily for the provision of legal services to you and for related purposes including statutory returns, legal and regulatory compliance, updating and enhancing client records and audit/analysis to help us manage our practice. Our use of that information is subject to your instructions, data protection law and our duty of confidentiality.
Please note that our work for you may require us to pass on such information to third parties such as expert witnesses and other professional advisers, including sometimes advisers appointed by another party to your matter. The lawful basis on which we process the information is our performance of the contract to supply you with legal services, so that we may advise you and act effectively in your matter.
We may also give such information to others who perform services for us, to ensure our service is prompt and efficient, such as overflow typing, photocopying or call-answering. If you do not want work to be outsourced in this way, please tell us as soon as possible, so we can consider this with you. In addition, our practice may be audited or checked by our accountants, regulator, and by other organisations for ISO quality purposes. We also use the services of storage companies for storage of archived files. The Lawful basis of such processing is a legal obligation and legitimate interests. All third parties to whom we supply data are required to maintain confidentiality in relation to that data.
You have various rights under data protection law regarding your personal data including a right of access to the personal data that we hold about you. We seek to keep that personal data correct and up to date. Please let us know if you believe the information we hold about you needs to be corrected or updated. Full details of your rights are set out in the ICO website, www.ICO.gov.uk and complaints about data protection matters can be referred to the ICO.
Retention of files and data – We retain information regarding client matters for periods relevant to their subject matter as required by professional rules and legislation. The time periods vary depending on the area of law and facts of the specific case so decisions regarding retention or destruction of files and data will be made on a case by case basis. After expiry of the relevant retention periods, client files and data may be destroyed without further reference to you. If you do not wish your master file to be destroyed in accordance with our standard procedure, you must inform us in writing within two months of conclusion of the matter that you would like the file retained (if there is any doubt as to the date of conclusion it shall be taken to be the date the final bill is issued by the firm).
Your data protection obligations – If you send us personal data about anyone other than yourself you will ensure you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us.
Keeping you informed – we may from time to time send you information which we think might be of interest to you (for example about legal developments or our other services). The lawful basis for this is legitimate interests. If you do not wish to receive that information please notify us, preferably in writing.