- During the course of our dealings with you for or on behalf of a client
- When you provide us with information relating to attendance on seminars or other promotional events
- When you contact us via this website by filling in a form to register for newsletters, email updates, seminars, events sponsored by us, or other services
- When you contact us with queries, we may keep a record of that correspondence
- When you complete surveys for research or quality purposes, although you do not have to respond to them
- When you attend in person at our office, including location data
- When we collect your personal data from other third parties, for example from other clients or their representatives or other law firms, fraud prevention and credit reference agencies and government agencies
- When we collect information about you or your business from publicly accessible and online sources, such as the Land Registry and Companies House and
- For placement, recruitment and selection purposes
5. HOW WE USE PERSONAL DATA
Where we receive personal data in connection with the provision of legal, advisory and/or consultancy services, we process that data for the purposes of the provision of those services. This includes:
(a) Providing legal and related services, such as:
- managing court or other legal proceedings (including legal claims, criminal actions, inquests, tribunals, arbitrations, mediations, investigations and regulatory actions)
- providing legal advice
- providing consultancy services
- providing claims handling services
- advising on and negotiating legal contracts and transactions
- carrying out our obligations arising from any contracts entered into between us
- passing your details to experts, including counsel and other professionals for the purposes of obtaining professional advice and complying with our contractual obligations.
(b) Complying with our legal obligations or making disclosures to government, regulatory or other public bodies where in our reasonable opinion the disclosure is appropriate and permitted by law. This includes:
- performing checks of our clients and others as we are required to do by law or which are good practice, such as anti-money laundering and anti-terrorism checks. In undertaking such checks, we may ask individuals to provide information and use publicly available information
- disclosures required by law or court order
- disclosures to the police, tax authorities, the National Crime Agency or other public or government authorities where in our reasonable opinion the disclosure is required in relation to any criminal investigation or prosecution
- disclosures to our regulators, ombudsman or other government, public or regulatory authority, including any data protection supervisory authority or regulator of legal services, where in our reasonable opinion the disclosure is required or permitted by law
(c) Providing access to our files for audit, review or other quality assurance checks, by our clients, regulators, auditors, professional advisers and certification/accreditation bodies.
(d) Processing required in connection with the day to day operation of our business, for which we may use third party service providers such as IT service providers. This includes:
- billing and payments
- complaints handling
- internal record keeping
- ensuring the content from our website is presented in the most effective manner
- improving our products and services
- assisting with recruitment and selection process
- converting data into anonymised, statistical or aggregated data which cannot be used to identify you but may be used for the purposes of statistics, research reporting and future planning for our business
(e) Processing required in connection with any actual or proposed reorganisation, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business or assets.
(f) Where we have other legitimate reasons, such as to enforce our terms of use, or take other action required or permitted by law or for other safety and security reasons
6. WHO DO WE SHARE YOUR INFORMATION WITH
In providing our services, we may provide your personal data to staff in our office or other third parties, such as:
- To other suppliers, such as expert witnesses, counsel, or other external agencies (including training providers) that we engage on our/your behalf, for example translation agencies, insurance companies etc
- To courts, tribunals and other government bodies and relevant regulators (SRA, The Law Society and the ICO) in connection with matters relating to provision of our services, for example HM Land Registry, HM Revenue & Customs
- To professional indemnity insurers, brokers, auditors and other professional advisers
- To our clients in connection with the provision of our services
- To auditors in connection with maintenance of our quality certifications
- To other third parties when required by law or other regulatory authority, where we are under a duty to do so to comply with legal or professional obligations (for example to comply with anti-money laundering obligations and counter terrorism measures)
- To enforce or protect our rights, property or the safety of our partners, staff and clients. (This includes exchanging information with other companies and organisations for the purposes of fraud prevention and detection and credit risk reduction)
- To other parties in legal proceedings, including solicitors acting on the other side of a case or transaction
- To financial institutions providing finance for transactions.
Where we share personal information with third parties, we will only do so where in our reasonable opinion that information will be adequately protected. Any other service providers with whom we share information are approved by us and subject to contractual obligations designed to ensure that those providers comply with data protection legislation.
We will not sell or rent your information to third parties and we will not share your information with third parties for marketing purposes.
There may be some uses of personal data that may require your specific consent. If this is the case, we will contact you separately to ask for your consent which you are free to withdraw at any time.
7. INTERNATIONAL TRANSFERS
We will not transfer personal data relating to you to a country which is outside the European Economic Area unless:
(a) The country or recipient is covered by an adequacy decision of the Commission under GDPR Article 45
(b) Appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 by us or by our client (on whose behalf we would transfer the data) or
(c) One of the derogations for specific situations under GDPR Article 49 is applicable to the transfer
These include (in summary):
- The transfer is necessary to perform, or to form, a contract to which we are a party with either you or a third party where the contract is in your interests
- The transfer is necessary for the establishment, exercise or defence of legal claims
- You have provided your explicit consent to the transfer or
- The transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests
8. THE LEGAL BASIS ON WHICH WE PROCESS PERSONAL INFORMATION
The legal grounds for processing your personal data depend upon the nature of our relationship with you and the context of processing and are as follows:
- Processing is necessary for the performance of a contract with you, or to take steps prior to entering into a contract with you. Our retainer is comprised of our engagement letter and our Terms and Conditions of Business which sets out the terms of the contract and the services to be provided to you
- Processing is necessary for the purposes of our legitimate interests or those of our clients in the provision of legal services and use in legal proceedings, except where those interests are overridden by the interests, rights or freedoms of affected individuals. In order to determine this we shall weigh up a number of factors, including what you were told at the time you provided your data, what your reasonable expectations are, and the nature of the data as well as its impact upon you
- Processing is necessary for compliance with mandatory legal obligations to which we are subject, such as under anti money laundering law
- By consent