This policy covers how we collect, use and when we might share your personal information. We take your privacy seriously and will take all measures to keep your personal information secure.
This policy provides an explanation as to what happens to any personal data that you share with us directly, through our website or email. For Russell and Russell clients you should read this notice alongside our terms and conditions which provide further information on confidentiality and data privacy.
For the purpose of the GDPR (General Data Protection Regulation) you can contact our Risk and Compliance Officer, Neil Seddon, who can be contacted via email at firstname.lastname@example.org. He is supported in data protection matters by our Data Protection Officer Andrew Perry.
This policy covers the following:
- Who are we?
- What information do we collect from you?
- Why do we collect this information?
- What do we do with your information?
- Marketing and sharing your information
- How long do we keep your information?
- How you can access the information we hold about you?
- Websites linked to ours.
- How to contact us about data privacy?
Who are we?
- Russell and Russell Solicitors is a partnership, authorised and regulated by the Solicitors Regulation Authority under number 54676. Our ICO Registration Number is: Z6494991.
Sources of information
- We may collect and process the following data about you:
- Information that you provide by filling in enquiry or quote request forms on our website or when you register to receive information such as a newsletter or contact us through our Get in Touch page.
- Information provided to us when you communicate with us for any reason, usually in connection with work we are doing for you.
- Information may be passed to us by third parties in order that we can undertake legal work on your behalf. For example, referrers of work, banks, building societies and medical institutions.
- Russell and Russell do not drop cookies on visitors’ computers or mobile devices. Google, however, does so that it can track website activity anonymously through Google Analytics software.
What information do we ask for?
- The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you. This notice is intended for clients and prospective clients.
- Personal data: is the general information that you supply about yourself, such as your name, address, gender, date of birth & contact details and information needed to complete identity (ID) checks. It may also include other information depending on your legal matter such as financial and banking information, family details and similar.
- Sensitive personal data: is, by its nature, more sensitive information and may include your racial or ethnic origin, religion, health or criminal convictions or details of your children for example.
- In the majority of cases personal data will be restricted to basic personal information necessary to act on your behalf. However, some of the work we do may require us to ask for more sensitive personal information.
How do we use your information?
- We use the information you provide primarily for the provision of legal services to you and our use of that information is subject to your instructions, data protection law and our duty of confidentiality.
- The following are some examples of how we use your data:
- To carry out our contractual commitments to you, comply with the law or where processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
- To carry out identity and source of funds checks.
- To keep your records up to date
- To seek advice from third parties; such as legal and non-legal experts. For example, barristers, expert witnesses and other professional advisers, including sometimes advisers appointed by another party to your matter.
- To provide you with information requested from us relating to our services and to provide information on other services which we feel may be of interest to you if you have consented to receive such information.
- We will not normally send data outside the European Economic Area (EEA). We may sometimes send such data to a recipient in a country outside the EEA which has been designated by the EU Commission as providing adequate data protection. If we need to send data to a country outside the EEA that has not been so designated we will have appropriate contract clauses agreed with the recipient place to protect the data.
Marketing and sharing your information
- If you’d like to receive marketing information from us in the future you will need to give us consent to send information to you about our services. To opt in please complete our marketing consent form.
- You can also opt out of receiving marketing information from us at any time by clicking on “unsubscribe” on emails you receive from us or contacting email@example.com.
- We might share your information with legal representatives on the other side of the transaction and with third party experts if required. We may also share your information with government and other organisations when necessary such as the Legal Aid Agency, HMRC, the Courts, National Probation Service or Court of Protection to name some common examples.
- We understand the importance of your privacy, so you can be assured that we’ll not share your information with any third parties for marketing purposes.
How long do we keep your information?
- Your personal information will be retained in computer and paper files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us. For example:
- As long as necessary to carry out your legal work. The retention period will be noted on your file closing correspondence at the completion of your case.
- For most matters a minimum of 6 years from the conclusion or closure of your legal work; in the event that you, or we, need to re-open your case for the purpose of defending complaints or claims.
- Some information or matters may be kept for 16 years – such as matrimonial matters (financial orders or maintenance agreements etc).
- Probate matters where there is a surviving spouse or civil partner may be retained until the survivor has died in order to deal with the transferable Inheritance Tax allowance.
- For the duration of a trust.
- Property purchase and re-mortgage matters and Wills and related documents may be kept indefinitely.
- Deeds related to unregistered property may be kept indefinitely as they evidence ownership.
- Personal injury matters which involve lifetime awards or PI Trusts may be kept for longer periods.
How do we protect your personal data?
- We recognise that your information is valuable and we take all reasonable measures to protect it whilst it is in our care.
- We have high standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.
- We use computer safeguards such as firewalls and data encryption and we enforce, where possible, physical access controls to our buildings and files to keep data safe.
How you can access the information we hold about you
- You have a right of access under data protection law to the personal data that we hold about you. We seek to keep that personal data correct and up to date. You should let us know if you believe the information we hold about you needs to be corrected or updated.
- You are entitled to request a copy of your personal data, known as a Subject Access Request. A request for access to your personal data means you are entitled to a copy of the data we hold on you – such as your name, address, contact details, date of birth, information regarding your health etc. This means that a Subject Access Request will not normally result in you getting a copy of your file because you are only entitled to your personal data – not the documents that contain that data.
- If you wish to make a request, please do so in writing addressed to our Data Protection Officer on the contact details below or contact the person dealing with your matter.
Websites linked to ours
- You might find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies.
Contact us about data privacy
- We welcome any queries, comments or requests you may have regarding this policy please do not hesitate to contact us at firstname.lastname@example.org.
- If you would prefer to write to us then our contact address is Russell and Russell, Churchill House, Wood Street, Bolton, BL1 1EE.
- We keep our privacy notice under regular review so please check for updates from time to time. This privacy notice was last updated on 29th November 2018.