PRIVACY POLICY

Please read the following information carefully. This privacy notice explains how we collect, store and otherwise process your personal information in the course of our business and the reasons for our so doing. It also explains who we share this information with, the security mechanisms that we have put in place to protect such information and how you can contact us in the event that you need further information.

In this notice, the following words shall have the following meanings:

We – Albertson Solicitors and the firm’s employed staff and “us”, “our” and “ourselves” shall be construed accordingly. You – Individuals who are our clients or potential clients and/or other individuals whose personal information we obtain in the course of our business (except staff and applicants for positions in the firm and for references) and “your” shall be construed accordingly.

In the course of our business, we may collect, use and be responsible for personal information about you. When we do this we are the ‘controller’ of this information for the purposes of the GDPR and the United Kingdom Data Protection Act 2018. If you need to contact us about your data or its processing you can use the contact details at the end of this notice.

USE OF PERSONAL INFORMATION

We will collect only the minimum amount of your personal information necessary for the purpose for which we collect it.

INFORMATION COLLECTED FROM YOU

In the course of our business we may collect some or all of the following personal information from you:

  1. Personal details
  2. Family details
  3. Lifestyle and social circumstances
  4. Goods and services
  5. Financial details
  6. Education, training and employment details
  7. Physical or mental health details
  8. Racial or ethnic origin
  9. Political opinions
  10. Religious, philosophical or other beliefs
  11. Trade union membership
  12. Sex life or sexual orientation
  13. Genetic data
  14. Biometric data for the purpose of uniquely identifying a natural person
  15. Criminal or regulatory proceedings, outcomes and sentences, and related security measures whether in the UK or other jurisdictions
  16. Other personal information relevant to instructions to provide legal services, including data specific to the instructions in question.

INFORMATION COLLECTED FROM OTHER SOURCES

The same categories of information may also be obtained from third parties, such as other legal professionals or experts, members of the public, your family and friends, witnesses, courts and other tribunals, suppliers of goods and services, investigators, government departments, regulators, public records and other resources.

Purposes for Which We Use Your Personal Information We may use your personal information for the following

Purposes:

  1. To provide legal services to clients, including the provision of legal advice and representation in courts, tribunals, arbitrations and mediations
  2. To keep accounting records and carry out office administration
  3. To take or defend legal or regulatory proceedings or to exercise a lien over material for unpaid fees
  4. To respond to potential complaints or make complaints
  5. To check for potential conflicts of interest in relation to future cases
  6. To promote and market our services
  7. To carry out anti-money laundering and terrorist financing checks
  8. To train our staff
  9. To respond to requests for references
  10. To fulfil equality and diversity and other regulatory requirements
  11. To procure goods and services
  12. To publish and comment on legal judgments and decisions of courts and tribunals
  13. As otherwise required or permitted by law.

PERSONAL INFORMATION YOU MUST PROVIDE

If a professional member of staff at Albertson Solicitors has been instructed by you or on your behalf in a case or matter, your personal information has to be provided to enable him/her to provide you with advice or representation, to enable him/her to comply with his/her professional obligations, to keep accounting records and to comply with all statutory and professional regulatory requirements binding upon him/her whether under the applicable professional rules and regulations of the Law Society of England and Wales or the Solicitors Regulation Authority of England and Wales [ the “SRA”] or such other jurisdiction in which the member of staff is qualified. If you are offering to provide or are providing us with goods or services your information will be processed in relation to such offers or contracts.

LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION

Non-Sensitive Information In respect of the following information:

  • Personal details
  • Family details
  • Lifestyle and social circumstances
  • Goods and services
  • Financial details
  • Education, training and employment details
  • Other personal information relevant to instructions to provide legal services, including information specific to the instructions which does not fall into the special category of sensitive information set out below we rely on the following as the lawful bases on which we collect and use your personal information:
  • If you are a professional or lay client, we are entitled by law to process the information where necessary for the performance of a contract for legal services to which you are party, or in order to take steps at your request prior to entering into such a contract; or
  • We are entitled by law to process the information for our legitimate interest, your legitimate interest and/or the legitimate interests of a third party in carrying out the processing for the purposes set out above; or
  • We are entitled by law to process the information where the processing is necessary to protect your vital interests or of another natural person where you are physically or legally incapable of giving consent.

SENSITIVE INFORMATION

In respect of the following sensitive information:

  • Physical or mental health details
  • Racial or ethnic origin
  • Political opinions
  • Religious, philosophical or other beliefs
  • Trade union membership
  • Sex life or sexual orientation
  • Genetic data
  • Biometric data for the purpose of uniquely identifying a natural person
  • Criminal proceedings, outcomes and sentences, and related security measures we rely on the lawful bases set out above in relation to non-sensitive information and, in addition, on the following lawful bases set out in Article 9 GDPR in relation to sensitive information:
  • We are entitled by law to process the information where the processing is necessary for legal proceedings, legal advice or otherwise for establishing, exercising or defending legal rights; or
  • We are entitled by law to process the information where the processing is necessary to protect your vital interests or those of another natural person where you are physically or legally incapable of giving consent; or
  • We are entitled by law to process the information where the processing relates to information that you have manifestly made public.

In certain circumstances processing of data (whether sensitive or non-sensitive) may be necessary in order that we can comply with a legal obligation to which we are subject (including carrying out anti-money laundering or terrorist financing checks).

In certain circumstances processing of data (whether sensitive or non-sensitive) is necessary to publish and comment on judgments or other decisions of courts or tribunals.

SHARING PERSONAL INFORMATION

If you are a client, some of the information that you provide will be protected by legal professional privilege unless and until it becomes public in the course of any proceedings or otherwise. As solicitors we have an obligation to keep this information confidential, except in circumstances in which it otherwise becomes public or is disclosed as part of a case or proceedings.

It may be necessary to share your information among ourselves and also with the following:

  • Data processors, such as email providers, data storage providers and website providers.;
  • Other legal professionals;
  • Experts and other witnesses;
  • Prosecution authorities;
  • Courts and tribunals;
  • Lay and professional clients;
  • Your family and associates;
  • In the event of complaints, the Solicitors Regulation Authority and the Legal Ombudsman;
  • Other regulatory authorities;
  • Current, past or prospective employers or employees;
  • Education and examining bodies;
  • Business associates, professional advisers and trade or professional bodies, e.g. the Law Society or SRA;
  • Providers of outsourced functions such as book-keeping and accounting services and fee collection;
  • Public sources, such as the press, legal directories, public registers and law reports; and
  • The general public in relation to the publication of legal judgments and decisions of courts and tribunals.

We may be required to provide your personal information to regulators such as the SRA, the Financial Conduct Authority or the Information Commissioner’s Office. In the case of the Information Commissioner’s Office, there is a risk that your information (including privileged information) may lawfully be disclosed by it for the purpose of any other civil or criminal proceedings, without our or your consent.

We may also be required to disclose your personal information to the police or intelligence services where required or permitted by UK law.

SOURCES OF INFORMATION

The personal information that we obtain may include information which has been obtained from:

  • Other legal professionals;
  • Experts and other witnesses;
  • Prosecution authorities;
  • Courts and tribunals;
  • Lay and professional clients;
  • Your family and associates;
  • In the event of complaints, the SRA and the Legal Ombudsman;
  • Other regulatory authorities;
  • Current, past or prospective employers;
  • Education and examining bodies;
  • Business associates, professional advisers and trade or professional bodies, e.g. the Law Society;
  • The intended recipient, where you have asked us to provide a reference;
  • The general public in relation to the publication of legal judgments and decisions of courts and tribunals;
  • Data processors, such as our IT support company, email providers, data storage providers and website providers;
  • Providers of outsourced functions such as fee collection; and
  • Public sources, such as the press, legal directories, public registers and law reports.

TRANSFER OF YOUR PERSONAL INFORMATION OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)

This privacy notice is of general application and as such it is not possible to state whether it will be necessary to transfer your information out of the EEA for any particular purpose. However, if you reside outside the EEA or that purpose involves persons or organisations or courts and tribunals outside the EEA then it may be necessary to transfer some of your personal information out of the EEA for that purpose. If you are in a country outside the EEA or if any instructions that you provide come from outside the EEA then it is inevitable that information will be transferred out of the EEA. If this applies to you and you wish additional precautions to be taken in respect of your information you must notify us at the earliest opportunity. Some countries and organisations outside the EEA have been assessed by the European Commission and their data protection laws and procedures have been found to provide adequate protection for your information. However, most do not. If your information has to be transferred outside the EEA, then it may not have the same protection as it would and you may not have the same rights as you would within the EEA. We may transfer your personal information to the following which are located outside the European Economic Area (EEA):

  • Cloud data storage services based in the USA who have agreed to comply with the EU-U.S. Privacy Shield, in order to enable us to store your personal information and/or backup copies of it so that we may access it when we need to. The USA does not have the same data protection laws as the EU but the EU-U.S. Privacy Shield has been recognised by the European Commission as providing adequate protection. To obtain further details of that protection click here.
  • Cloud data storage services based in Switzerland, in order to enable us to store your personal information and/or backup copies of it so that we may access it when we need to. Switzerland does not have the same data protection laws as the EU but has been recognised by the European Commission as providing adequate protection; see further details here. We will not transfer personal information outside the EEA except as necessary for providing legal services or for any legal proceedings. If you require any further information, you should use the contact details at the end of this notice.

STORAGE OF YOUR PERSONAL INFORMATION

We will normally store all your personal information until at least one year after the expiry of any applicable limitation period. If you are a client, for example, this will be six years from the latest of (1) the date on which the last item of work is carried out for you, (2) the date that the last fee payment is received or (3) the date on which all outstanding fees are written off. This is because it may be needed for potential legal proceedings. At this point, the need for any further retention will be reviewed and the information will be marked for deletion or for retention for a further period. The further retention period is likely to occur only where the information is still needed for legal proceedings, regulatory matters or active complaints. Deletion will be carried out (without further notice to you) as soon as reasonably practicable after the information is marked for deletion.

We will store indefinitely that element of your information that is needed to carry out conflict checks. However, this is likely to be limited to your name and contact details and the name of your case and will not include any information within categories (g) to (o) above. Information relating to anti-money laundering checks will be retained until six years after the completion of the relevant transaction or the end of the business relationship between you and us, whichever is the later.

YOUR RIGHTS

Under the GDPR, you have a number of rights that you can exercise in certain circumstances. These rights are exercisable free of charge. In summary, you may have the right to:

  • Ask for access to your personal information and other supplementary information;
  • Ask for correction of mistakes in your personal information or to complete missing information that we hold on you;
  • Ask for your personal information to be erased in certain circumstances;
  • Receive a copy of the personal information that you have provided to us or have this information sent to a third party in a structured,
  • Commonly used and machine readable format, e.g. a Word file;
  • Object at any time to processing of your personal information for direct marketing;
  • Object in certain other situations to the continued processing of your personal information;
  • Restrict the processing of your personal information in certain circumstances; and
  • Request not to be the subject of automated decision-making which produces legal effects that concern you or affect you in a significant way.

If you require more information about your rights under the GDPR, you should refer to the guidance from the Information Commissioners Office.

If you want to exercise any of these rights, you should:

  • Use the contact details at the end of this notice;
  • Note that we may need to ask you to provide other information so that you can be identified;
  • Provide a contact address so that you can be contacted to request further information to verify your identity;
  • Provide proof of your identity and address; and
  • State the right or rights that you wish to exercise.

We will respond within thirty days from when we receive your request.

COMPLAINTS

The GDPR also gives you the right to lodge a complaint with the Information Commissioner’s Office if you are in the UK or with the supervisory authority of the EU member state where you work or normally live or where the alleged infringement of data protection laws occurred. The Information Commissioner’s Office can be contacted here.

FUTURE PROCESSING

We do not intend to process your personal information except for the reasons stated within this privacy notice. If this changes, this privacy notice will be amended and placed on the firms’ website.

CHANGES TO PRIVACY NOTICE

This privacy notice was published on 1st February 2022. We continually review our privacy practices and may change this policy from time to time. When we do, the amended policy will be placed on our website.

CONTACT DETAILS

If you have any questions about this privacy notice or the information that we hold about you, you should contact the Principal of the firm by email in the first instance:- peterdovey@albertson.law

WEBSITE DATA

We collect certain information or data about you when you use this website. This includes:

  • Questions, queries or feedback you leave, including your name and email address if you send an email to us via the site;
  • Your IP address, and details of which version of web browser you used; and
  • Information on how you use the site, using cookies and page tagging techniques to help us improve the website. This helps us to:
  • Improve the site by monitoring how you use it;
  • Respond to any feedback you send us, if you’ve asked us to; and

We store your data on our secure servers in the UK. By submitting your personal data, you agree to this. Transmitting information over the internet is generally not completely secure, and we cannot guarantee the security of your data. Any data you transmit is at your own risk. We have procedures and security features in place to try and keep your data secure once we receive it. We will not share your information with any other organisations for marketing, market research or commercial purposes, and we do not pass on your details to other websites.