What Does This Notice Cover?
This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
What Are My Rights?
Under the GDPR, you have the following rights, which we will always work to uphold:
- The right to be informed about the collection and use of your personal data.
- The right to access the personal data we hold about you.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to certain types of processing.
- The right to data portability.
- Rights relating to automated decision-making and profiling
What Personal Data Do You Collect?
We will only collect personal data that we require in order to carry out the services that we have been instructed to perform by our clients.
How Do You Use My Personal Data?
Under the GDPR, we must always have a lawful basis for using personal data. Your personal data may be used for one of the following purposes:
- Providing the service that you have instructed us to perform and managing your file.
- Communicating with you. This may include responding to emails or calls from you.
- Communication with third parties that we have to communication with while acting for you, including third party solicitors and enforcement.
- The courts and experts
How Long Will You Keep My Personal Data?
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will be kept for the period of time we are required to retain it by professional regulators and the law in the event that claims arise in the future that involve data we are holding.
How and Where Do You Store or Transfer My Personal Data?
We will only store your personal data in the UK. Your data is stored on One Drive Business and the information is held on servers in Wiltshire and London. This means that it will be fully protected under the GDPR. Access to One Drive on our computers is restricted by encrypted passwords, to prevent unauthorized access.
Do You Share My Personal Data?
We will not share any of your personal data with any third parties for any purposes, unless that is necessary for the progressing of your case or that we are legally required to comply with legal obligations, a court order, or the instructions of a government authority.
How Can I Access My Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”. All subject access requests should be made in writing and sent to the email or postal addresses shown above. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover administrative costs in responding.