Privacy policy

1. Introduction

1.1. I take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who I am and how and why I collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact me or my supervisory authorities in the event you have a complaint.

1.2. When I use your personal data I am regulated under the General Data Protection Regulation (GDPR) which applies across the European Union (including in the United Kingdom). I am responsible as ‘controller’ of that personal data for the purposes of the GDPR. My use of your personal data is subject to the GDPR, other relevant UK and EU legislation and with regard to my clients their instructions and my professional duty of confidentiality.

2. Key terms

2.1. It would be helpful to start by explaining some key terms used in this policy:

Personal data

Any information relating to an identified or identifiable individual

Special category personal data

Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, trade union membership, health issues, Genetic and Biometric Data, sex life or sexual orientation, or criminal offences or convictions.

3. Overview

3.1. The nature and extent of the data I collect about you, how it is collected and stored, how and why it is used and shared and for how long it is kept will depend on whether you are a client, a representative of a client, a business contact or otherwise.

4. Personal data I may collect about you

I set out below the personal data I may collect:

4.1. Personal data I regularly collect: –

  • Your name, address and telephone number
  • Electronic contact details, eg your email address and mobile phone number
  • Information about your use of my IT, communication and other systems, and other monitoring information

4.2. Personal data I may collect depending on why I have been instructed by you: –

  • Information relating to the matter on which you are seeking my advice or representation
  • Information to enable me to check and verify identity, eg your date of birth or passport details Your National Insurance and tax details
  • Your nationality and immigration status and information from related documents, such as your passport or other identification, and immigration information, eg if necessary for compliance with the money laundering regulations
  • Financial details so far as required by the money laundering regulations or as relevant to your instructions including your ability to meet my invoices
  • Bank and/or building society details
  • Details of your spouse/partner and dependants or other family members and friends, eg if you instruct me on a Will, Lasting Power of Attorney or Deputyship.
  • Details of your trustees and beneficiaries, eg if you instruct me on a Trust.
  • Details of your pension arrangements, eg if you instruct us on a pension matter or in relation to financial arrangements and Estate planning
  • Your medical records, eg if they are material in court proceedings or for tax planning or capacity assessment

4.3. This personal data is required to enable me to provide my service to you. If you do not provide personal data I ask for, it may delay or prevent me from providing services to you.

5. How your personal data is collected

5.1. I collect most of this information from you direct.

5.2. However, I may also collect information from publicly accessible sources, eg Companies House or HM Land Registry;

5.3. directly from a third party, eg:

  • sanctions screening providers;
  • client due diligence providers;

5.4. from a third party with your consent, eg:

  • your bank or building society, another financial institution or advisor;
  • consultants and other professionals that you or I may engage in relation to your matter;
  • your employer, professional body or pension administrators;
  • your doctors, medical and occupational health professionals;
  • your authorised agent(s)

5.5. via my website—we use cookies on my website (for more information on cookies, please see my website privacy statement published on my website)

5.6. via my information technology (IT) systems, eg:

  • case management, document management and time recording systems;
  • automated monitoring of my websites and other technical systems, such as my computer networks and connections, communications systems, email and instant messaging systems;

6. How and why I use your personal data

6.1. Under data protection law, I can only use your personal data if I have a proper reason for doing so, eg:

  • where you have given consent;
  • to comply with my legal and regulatory obligations;
  • for the performance of my contract with you or to take steps at your request before entering into a contract; or
  • for my legitimate interests or those of a third party.

6.2. The table below explains what I use (process) your personal data for and my reasons for doing so:

What I use your personal data for

Our reasons

To provide legal services to you

For the performance of my contract with you or to take steps at your request before entering into a contract

Conducting checks to identify my clients and verify their identity

Screening for financial and other sanctions or embargoes

Other processing necessary to comply with professional, legal and regulatory obligations that apply to my business, eg under health and safety regulation or rules issued by my professional regulator

To comply with my legal and regulatory obligations

Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies

To comply with my legal and regulatory obligations

Ensuring business policies are adhered to, eg policies covering security and internet use

For my legitimate interests or those of a third party, ie to make sure I am following my own internal procedures so I can deliver the best service to you

Operational reasons, such as improving efficiency, training and quality control

For my legitimate interests or those of a third party, ie to be as efficient as I can so I can deliver the best service for you at the best price

Ensuring the confidentiality of commercially sensitive information

For my legitimate interests or those of a third party, ie to protect my intellectual property and other commercially valuable information

To comply with my legal and regulatory obligations

Statistical analysis to help me manage my practice, eg in relation to my financial performance, client base, work type or other efficiency measures

For my legitimate interests or those of a third party, ie to be as efficient as I can so I can deliver the best service for you at the best price

Preventing unauthorised access and modifications to systems

For my legitimate interests or those of a third party, ie to prevent and detect criminal activity that could be damaging for me and for you

To comply with my legal and regulatory obligations

Updating and enhancing client records

For the performance of my contract with you or to take steps at your request before entering into a contract

To comply with my legal and regulatory obligations

For my legitimate interests or those of a third party, eg making sure that I can keep in touch with my  clients about existing and new services

Statutory returns

To comply with my legal and regulatory obligations

External audits and quality checks, and the audit of my accounts

For my legitimate interests or a those of a third party, ie to maintain my accreditations so I can demonstrate I operate at the highest standards

To comply with my  legal and regulatory obligations

6.3. The above table does not apply to special category personal data, which I will only process with your explicit consent.

7. Who I share your personal data with: –

7.1. I routinely share personal data with:

professional advisers who I instruct on your behalf or refer you to, eg barristers, medical professionals, accountants, tax advisors or other experts;

  • other third parties where necessary to carry out your instructions eg, Companies House, or HM Land Registry;
  • my insurers and brokers;

  • external auditors, eg in relation to quality assessments and the audit of my accounts;
  • my bank;
  • external service suppliers, representatives and agents that I use to make my business more efficient, eg, marketing agencies, analysis suppliers, cloud providers, software providers.

7.2. I only allow my service providers to handle your personal data if I are satisfied they take appropriate measures to protect your personal data. I also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

7.3. I may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with my legal and regulatory obligations.

7.4. I may also need to share some personal data with other parties, such as potential buyers of some or all of my business or during a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of such information will be bound by confidentiality obligations.

8. Where your personal data is held

8.1. Information may be held at my offices, third party agencies, service providers, representatives and agents as described above (see ‘Who I share your personal data with’).

9. How long your personal data will be kept

9.1. I will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data. As a general guideline I will not hold your data for more than seven years unless there is a specific need, or you instruct us to do so. When it is no longer necessary to retain your personal data, I will delete or anonymise it.

9.2. I will keep your personal data after I have finished advising or acting for you. I will do so for one of the following reasons:

to comply with your instructions;

  • Where I have drafted Wills and LPAs, I will keep the data for your lifetime, to be able to respond to any challenge to the validity of your Wills and LPAs.
  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that I treated you fairly;
  • to keep records required by law.

10. Your rights

10.1. You have the following rights, which you can normally exercise free of charge:

Access

The right to be provided with a copy of your personal data (the right of access)

Rectification

The right to require us to correct any mistakes in your personal data

To be forgotten

The right to require us to delete your personal data—in certain situations

Restriction of processing

The right to require us to restrict processing of your personal data—in certain circumstances, eg if you contest the accuracy of the data

Data portability

The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

To object

The right to object:

at any time to your personal data being processed for direct marketing (including profiling);

in certain other situations to my continued processing of your personal data, eg processing carried out for the purpose of my legitimate interests.

Not to be subject to automated individual decision-making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

10.2. For further information on each of those rights, including the circumstances in which they apply, please contact the Information Commissioner’s Office for guidance.

10.3. If you would like to exercise any of those rights, please let me know which right you want to exercise and the information to which your request relates. On receipt of such a request I will almost always ask you to: –

  • let me have enough information to identify you – eg your full name, address and client or matter reference number; and
  • let me have proof of your identity and address a copy of your driving licence or passport and a recent utility or credit card bill
  • Please do not however provide any proof of identity and address documentation until requested to do so by me.

11. Keeping your personal data secure

11.1. I have appropriate security measures to prevent personal data from being accidentally lost or used or accessed unlawfully. I limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

11.2. I also have procedures in place to deal with any suspected data security breach. I will notify you and any applicable regulator of a suspected data security breach where I are legally required to do so.

12. How to complain

12.1. I hope that I can resolve any query or concern you may raise about my use of your information.

12.2. The General Data Protection Regulations also gives you the right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.

13. Changes to this privacy statement

13.1. This privacy statement was published on 13 December 2021. I may change this privacy statement from time to time and any changes will be published on my website.

14. How to contact me

14.1. Please contact me by post, email or telephone if you have any questions about this privacy policy or the information I hold about you.

14.2. my contact details are shown below:

Helen Taylor TEP, Freelance Solicitor

8 Chestnut Green, Whitfield, Brackley, Northamptonshire, NN13 5TY

07399 712333

he***@he************.uk