The General Data Protection Regulation (GDPR), which came into force on 25 May 2018, introduces changes to the information that we must provide to you about how we use and store your personal data. This Privacy Notice incorporates these new requirements.
How do we collect personal information about you?
We receive personal information about you directly from you or your representatives when you instruct us to act for you. We may also receive data from other people such as your accountant, investment or financial adviser, bank/mortgage provider, governmental agencies etc.
What personal information do we collect about you?
We collect and process the following categories of personal information:
- Your contact information, including your name, address, email address, telephone number
- Your national insurance number, date of birth, occupation and employer
- Details about any benefits or pension you may receive
- Bank account details including bank name, sort code and account numbers
- Family details
- Other information that you or your representative may tell us as your matter progresses
On what basis do we hold and how do we use your personal information?
We use your personal information so that we can:
- fulfil the requirements of our agreement with you as set out in our client care letter to you
- confirm your identity and address and communicate with you
- record our communications with you (telephone calls and correspondence)
- respond to requests for information from governmental and law enforcement agencies
- comply with our legal obligations. This includes our obligation to report information where we suspect money laundering or terrorist financing offences may be taking place or we may be required to disclose information by way of court order or for the prevention and detection of crime
- perform our own internal business functions
- send you information about the firm and about areas that we think will interest you
How do we keep your information safe?
We make sure that your personal data is protected against loss, theft and unauthorised access or disclosure. Current paper documentation is kept in the office which is supervised at all times when we are open. Archived files are kept in our storage unit which is locked at all times unless someone is on site.
Electronic information is kept either on our server which is password protected and backed up weekly or held on a system operated by a GDPR compliant third party on our behalf.
How long do we keep your personal information for?
We will keep your personal information only for the period of time necessary to comply with our regulatory requirements and the requirements of our professional indemnity insurance. The length of time depends on the nature of the work we have carried out, but is usually:
- wills and powers of attorney and estate planning advice: indefinitely
- probate and trust: 12 years
- conveyancing: 6 years
After this time, we will destroy our paper records and erase any electronic information we hold.
Who might we share your information with?
We have a duty of confidentiality to you at all times. However, we may share your information with third parties as follows:
- Your other advisers such as accountants, financial advisers, bank etc as notified by you to us
- Law enforcement agencies and fraud prevention agencies where we are required to do so by law
- Regulatory authorities for example the Solicitors Regulation Authority and the Legal Ombudsman
- To satisfy our legal obligations or regulatory requirements including disclosure to our auditors, other professional advisers and insurers
What are your rights with respect to your personal information held by us?
You have the right to:
- Ask for a copy of your personal information at any time;
- Ask us to correct or delete any of your personal information or restrict the processing of your personal information
- Object to that processing
- Ask us to transfer your personal data to another party
- Complain to the Information Commissioner’s Office
- Withdraw your consent at any time