PRIVACY NOTICE
In this privacy notice the terms Gadsden Coupe Solicitors/we/our/us means Gadsden Coupe Ltd. Under the UK’s data protection regulations, you have the right to be informed about the collection and use of your personal data and we have legal responsibilities to tell you what we do with your data and how we keep your data safe.
WHO WE ARE
In terms of the GDPR, we are data controllers, bound by the UK’s data protection laws. This means that we determine the purpose and means for processing your personal data. We are registered as a data controller with the UK Information Commissioner’s Office (ICO) under registration number ZA933396
OUR DETAILS
The data controller in respect of our website is Gadsden Coupe Ltd ZA933396 of The Chapel House, Bath Street, Lytham, FY8 5ES. You can contact the data controller by writing to our office address or by sending an email to info@gadsdencoupe.co.uk.
If you have any questions about this Privacy Policy, please contact the data controller
YOUR DATA
Your rights
Regardless of how we hold your personal data, you have the right to request a copy of the information that we hold about you. We also want to make sure that your personal information is accurate and up to date and you may ask us to correct or remove information which you think is inaccurate. In certain circumstances you have a right to object to the processing of your personal information and can ask us to delete personal data that we hold about you, but this does not apply where we have a legal justification to continue processing your data or an overriding legitimate interest.
What categories of personal information do we process?
Depending on why we are collecting your personal data, we may process your:
– Contact details (for example your name, telephone number and address)
– Date of birth
– National insurance number
– Proof of identity documents, like your passport, driving licence, armed forces card, utility bills or bank statements
– Financial information like banking, tax, pay, pension and asset information
– Personnel information like absence, performance, employment history, training and qualification information
– Special categories of personal data, for example trade union association, ethnicity, health related data or data relating to a child
– Digital footprint, for example IP address
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your 7 personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so
Data retention
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us. In some circumstances you can ask us to delete your data: please contact our data controller for further information. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Using third parties to process your personal data
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes unless they are required to determine how they process your data, for example, an occupational therapist would need to determine how they record and use your personal information to carry out their specific role, in these cases they are joint controllers of your information. Please note that our website, www.emgsolicitors.com and other digital platforms may contain links to third party websites / digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms and therefore we recommend that you check the privacy and security policies of each and every other website / digital platform that you visit.
IF YOU ARE A POTENTIAL CLIENT OR LOOKING FOR INFORMATION OR ASSISTANCE
When you make an enquiry over the phone or through our enquiry email address, we take your contact details so that we can respond to your request. Our legal basis for processing your information is consent if you have voluntarily made contact with us, or contractual if we are processing your information in order to take steps, at your request, prior to entering into a contract.
We will retain the information collected at this point for one year before destruction of our records. If you contact us through our website there is a section below about how we manage personal data gathered from this medium.
IF YOU ARE A CLIENT
As a client, so that we can provide you with a legal service, we will ask and record personal questions about you. We will only process personal data which is necessary for the performance of our contract with you.
As a client we may be required to share your personal and sometimes sensitive information with:
– Regulatory authorities to comply with our legal obligations, like the Solicitors Regulation Authority.
– Credit reference agencies to check your identity in accordance with our legal obligations.
– Property search companies to identify any issues that might influence your decision to buy or sell a property.
– Insurers, for the purpose of providing you with appropriate financial cover for an identified insurable risk, or in connection with any claim made by you against us.
– Property agents, brokers, lenders, and other solicitors involved in your transaction representing other party(ies) in your matter, to enable them and us to fulfil our obligations to you.
– Other government departments such as HMRC, Companies House, HM Probate Registry, the Court of Protection or HM Land Registry to fulfil your and our legal obligations.
– Experts and barristers required to work on your matter.
Generally, our legal basis for processing your information is contractual, but we also process your information to comply with our legal requirements. For example, to prevent against money laundering, terrorist financing or financial crime, we may also be obliged to disclose information by court order.
If we have been appointed by the Court of Protection to the role of deputy, we are legally responsible for acting and making decisions on behalf of a person who lacks capacity to make those decisions for themselves. In this case, our legal basis for processing your information is to exercise the official authority vested in the deputy and to protect your vital interests (or the vital interests of another person).
As a client we will retain your personal information in accordance with applicable laws and for no longer than is necessary to:
- carry out services for your matter,
- respond to any questions, complaints or claims made by you or on your behalf and
- to keep records required by law to comply with our legal obligations and our duties to the regulator
Further information about the actual retention period will be provided to you when your matter concludes. After the retention period we will destroy all data.
From time to time we would like to send you information about the services that EMG Solicitors Limited offer, using your contact information. Our legal basis for processing this information will be either direct consent or legitimate interest. As an example, if there has been a change in law relating to your matter we might contact you and our legal basis for doing so would be your legitimate interest.
IF YOU HAVE APPLIED FOR A JOB WITH US
We will ask you for your contact details and work-related history so that we can carry out our selection process prior to inviting you to interview. We may also collect information about you by reference or word of mouth, for example, you may be recommended by a friend or former colleague. Our legal basis for processing your information is a legitimate interest in finding a work opportunity within our firm and you consent to the processing of your data when you make an application.
We will hold your contact details, work history and interview notes for one year if you are unsuccessful in the selection process, and for 6 years after our contract is terminated if we enter into a contract of employment.
We use third party suppliers to collate information throughout the recruitment process. We only share data necessary for the third party to perform their function and obtain a copy of their own privacy notice or a confidentiality agreement for assurance that they process your data in line with the UK’s data protection regulation.
IF WE EMPLOY YOU
When you start to work for us, we ask for your personal data so that we can carry out the terms within our contract of employment, for example, we ask for your bank details to pay your salary. Our legal basis for processing your data is contractual.
We also have legal requirements to report tax information to the HMRC, and have a duty to make reports to the Solicitors Regulation Authority (SRA). Our legal basis for processing this information is our legal obligations.
So that we can carry out our duty of care, we may share your personal data internally with management and first aiders, or externally, with, for example, paramedics. Our legal basis for processing your information for this purpose is protecting your vital interests.
We use third party suppliers to carry out business functions which we outsource for example, IT support, financial advisor, HR consultant, pension provider and payroll provider. We only share data necessary for the third party to perform their function and obtain a copy of their own privacy notice or a confidentiality agreement for assurance that they process your data in line with the UK’s data protection regulation.
We store your information for the duration of your employment plus 6 years after our contract is terminated.
IF YOU ARE A THIRD PARTY SUPPLIER
We take your contact details so that we can enter into a mutual agreement and make payment for your services, reporting to HMRC as required. Our legal basis for processing your information is contractual and also to comply with our legal obligations.
We may use your contact information to invite you to attend one of our specialist seminars or events if we think there is a legitimate interest in the subject matter.
If our contract terminates then we will keep your personal details on record until we destroy the data after a 6 year period from termination of contract.
IF YOU ARE NOT A CLIENT BUT COMPLAIN TO US
If you are not a client of ours but you complain to us about how we have processed your personal information or you seek to exercise a data protection right such as a data subject access request, we will retain details of your complaint or request. We will only use the personal information we collect to process the complaint or request, to audit the level of service we have provided and to provide information to our insurers or regulator.
We will keep information in connection with the complaint or request in line with our retention policy. In most cases this means we will retain the information for six years.
IF YOU DIGITALLY SIGN A DOCUMENT
If we use a third party service to send and receive documents for digital signing, part of this process is to record all signees digital footprint, this provides a secure audit of the signing process. All data with the third party is purged on a regular basis and kept for no longer than is necessary.
IF YOU ARE A VISITOR TO OUR WEBSITE
Our website is operated by Gadsden Coupe Ltd, and we use a third party to host and maintain the website. We collect information about you when you voluntarily complete our enquiry form, send us a message or contact us by any other means of communication. By voluntarily making contact with us, the legal basis for processing your information is consent. We will destroy your personal data which we hold from your website enquiry after one year.