This policy applies to personal information supplied directly by you or by third parties.
This policy is an important document which we recommend you read carefully.
The registered office of Dale & Newbery LLP is Clarence House, 31 Clarence Street, Staines-upon-Thames, Surrey, TW18 4SY.
What information do we collect?
We will collect personal data from you when you contact us about providing legal services to you (for example your name, address, contact and financial information etc.). We may also be required to collect additional information regarding your identity to comply with regulatory requirements. In addition, we may obtain personal data about you which is publicly accessible from third parties such as Companies House or HM Land Registry.
Depending on the nature of the legal work we do for you we may need to gather and use some information which falls under “special categories”, for example, medical records, ethnic or religious origin, sexual orientation, beliefs or trade union membership. We may also need to keep records of any criminal convictions if it relates to the work we are undertaking for you.
If you provide any personal information regarding children under 16 to us an adult with parental responsibility can exercise their data protection rights on their behalf as set out in this policy.
What do we do with your data?
We use your information primarily to provide legal services to you.
We only use your personal data when it is necessary to enter into or fulfil a contract with you or with your agreement or if we are satisfied there is another lawful basis for doing so i.e. to comply with a legal obligation or if our own (or a third party’s) legitimate interest override your interests (e.g. for debt recovery or complying with fraud and crime prevention).
We will only use the special categories of personal data relating to you or third parties you tell us about when it is necessary for the establishment, exercise or defence of legal claims or with your explicit consent.
Who do we share your data with?
During any work we undertake for you it is often necessary for us to share the information we hold with third parties, such as Barristers and other professional advisers, other parties to a dispute or their advisers, HM Revenue & Customs, HM Land Registry, HM Courts and Tribunals Service, Banks & Building Societies etc. We will not share more information with third parties than is necessary. If you require a full list of people that we may share your data with then please email email@example.com
There may be other situations where we will disclose your information to third parties, for example, if we are under a legal or regulatory obligation to do so (e.g. to The Solicitors Regulation Authority) or to protect our business rights or enforce the terms of contracts (e.g. to our insurers or debt recovery agents).
We will never sell your personal data and presently do not undertake any direct marketing and so will not use your personal data for this purpose. If we do wish to use your data for marketing purposes we will ask for your consent.
In order to fulfil our service to you we have a number of external suppliers some of whom have access to client information. This is mainly in the realms of IT support, software providers and external typing services. At all times we employ the highest level of data security and ensure that these suppliers are aware of their data protection obligations to ensure your privacy is maintained. If you would like a full list of suppliers that we use for such purposes, please contact firstname.lastname@example.org.
How do we protect your data?
We use regular backups, firewalls, anti-malware, anti-virus, passwords and encryption to keep your information from being lost, accessed or used by any unauthorised persons.
However, you should be aware that, whatever safeguards are put in place, use of the internet cannot be entirely risk free. Therefore, we cannot guarantee the security or integrity of any personal information which is transferred via the internet. We hold electronic data off-site on secure servers.
Our offices are secure and alarmed and paper copies of files that are no longer active are held off-site securely by a reputable third-party contractor.
Whenever we destroy or delete personal data this is done securely.
Our staff are given regular cyber security and data protection training to ensure that they are aware of how best to protect the personal data of our clients. Any third-party contractors are also assessed to ensure they are aware of their obligations.
For how long do we keep your data?
We will hold your information throughout the time we are carrying out work for you and, after the work has ended, for as long as we are required to comply with legal and regulatory requirements (a minimum of 7 years).
There is some information we may retain indefinitely, for example, your basic contact details and the nature of the matter we dealt with for you or other information that may be useful if you ask us to work for you again in the future or information contained in original documents you have asked us to store on your behalf. You can ask us to erase your such information (see Your Rights below) or to return original documents to you.
When we transfer your information outside of the European Economic Area (EEA)
We will not transfer any of your data outside the EEA other than with your consent or for the purposes of providing legal services.
If you are outside the EEA, by submitting your personal information to us you agree to the transfer and processing of your information outside the EEA.
What if the information we hold about you is incorrect and what are your rights?
You have the right to ask us to correct any inaccurate information that we hold about you. It is important for us to ensure the information we have is up-to-date. Please, therefore, advise us of any changes.
You also have a right to:
- Ask us to provide details of the information we hold about you. If you wish to make such a request please email email@example.com
- Ask us to erase your personal information if there is no good reason for us to continue holding it.
- Ask us to restrict or suspend the use of your personal information or object to us using your information to further our legitimate interests or those of a third party.
- Ask us to transfer your personal information to another person or organisation.
When the only lawful basis under which we are processing your data is that you have given your consent for us to do so, to withdraw your consent.
Who do you complain to if you are unhappy?
If you are unhappy with our response you can make a complaint at any time to the Information Commissioner’s Office (the UK supervisory authority for data protection issues).
We will regularly review and update this policy as required.