Bassets Solicitors is a Partnership authorised and regulated by the Solicitors Regulation Authority, SRA number: 61006:
We are a ‘data controller’ under the General Data Protection Regulations (GDPR) and other relevant UK and EU legislation.
This Policy explains what information we will collect from you, how we will retain it, and how it will be used. It is important to us that your personal data is kept confidential and understand the importance you place on the privacy and security of information which personally identifies you.
What information will we collect from you?
We will only collect information from you that is relevant to the matter that we are dealing with. In particular, we may collect the following information from you which is defined as ‘personal data’:
- Personal details
- Family, lifestyle and social circumstances
- Financial details
- Business activities of the person whose details we are processing
- Any other personal information that might relate to your matter and your instructions.
We may also collect information that is referred to as being in a ‘special category’. This could include:
- Physical or mental health details
- Racial or ethnic origin
- Religious beliefs or other beliefs of a similar nature
- Criminal convictions
- Sexual orientation
- Trade Union membership
How will we use your information?
We will primarily use your information for the provision of legal advice and this is necessary for the performance of the contract between us. We may also use it for:
- Administering any accounts
- Processing you bank/credit card details to obtain payment
- The prevention and detection of fraud
- Market Research
- Credit reference checks (where appropriate)
Why will we process your data?
We will process your data on the following basis: performance of contract, legal compliance, consent and legitimate interests.
We do not generally process “special category” data unless you have voluntarily provided this to us, or it is relevant to the legal service you have asked us to provide you with. We will process sensitive information where you have provided this information to us and have agreed that we can use this information to deliver products and services to you. Where possible we shall seek to minimise the collection and use of such special categories of personal data.
Examples of when we will process your ‘special category’ data are:
- for the purposes of carrying out the obligations and exercising specific rights in the field of employment law
- for the protection of vital interests of persons where they are physically or legally incapable of giving consent
- for the establishment, exercise or defence of legal claims
- for statistical purposes, doing so proportionately and anonymising your data where possible
Who will we share your information with?
Under the Solicitors Regulation Authority Code of Conduct, we are bound by rules of confidentiality and legal privilege. The rules about who we can share your information with are very strict and will normally be limited to those people who will assist with your matter, or where you specifically consent.
This may include:
- Medical experts
- Experts in any field that are needed to support your case/position
- Private investigators
- Courts and tribunals
- Healthcare professionals, social and welfare organisations
- Land Registry
- Local Councils/Local Authorities
Where you authorise, we may also disclose your information to your family, associates or representative. We may also disclose your information to debt collection agencies if you do not pay our bills.
How long will we keep your information for?
We will keep your information throughout the period of time that we do work for you and afterwards for a minimum period of six years (and longer in some types of legal transactions) as we are required to do so by law.
Transfers outside the EEA:
We do not transfer your personal data outside the European Economic Area (EEA).
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us in writing.
If you are unhappy about how we are using your information or how we have responded to your request, then please raise your concerns to the person responsible for your case. If this does not resolve the problem to your satisfaction, then please contact our Data Protection Officer who will look into the matter for you.
Right to Complain to the Information Commissioner:
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (ico.org.uk). We would, however, appreciate the chance to deal with any concerns you may have before you approach the ICO so would recommend that you contact us in the first instance.
We may edit this policy from time to time. If we make any substantial changes we will notify you by posting a prominent announcement on our web pages.
Cookies and Website Data usage:
Our website keeps track of usage data, such as the source address that the page request is coming from (i.e your IP address, domain name), date and time of the page request, the referring website (if any) and other parameters in the URL (eg search criteria). We use this data to better understand website usage so we know what areas of our websites users prefer. This information is stored in log files and is used for aggregated and statistical reporting but is not attributed to you as an individual.
This website and its contents are protected by copyright. The content provided on this website is for general information. These are our standard terms, and will apply to all instructions which we receive, unless we have written to agree specific variations to them.
Last updated May 2018 – DPO