Our Privacy (GDPR) Policy
Introduction
We take your privacy very seriously. Please read this policy carefully. It contains important information on how and why we collect, store and share your personal data. It also explains your rights in relation to the personal data we hold and process regarding you, and how you can contact us or supervisory authorities in the event that you may have a concern or a complaint.
In using your personal data, we are regulated under the General Data Protection Regulation (GDPR). These regulations apply across the European Union and we are responsible in the capacity of’ controller’ of your personal data for the purpose of the GDPR. Our use of your personal data is subject to your instructions, the UK GDPR, other relevant UK and EU legislation and our professional duties including our duty of confidentiality.
Key Definitions
The essential terms used in this policy have the following meanings:
We, Us, Our: Harrison Morgan Solicitors
Personal data: Any information relating to an identified or identifiable individual
Special category of personal data: Personal data revealing racial or ethnic origin, political opinions, religious belief, philosophical beliefs or trade union membership; genetic and biometric data; data concerning health, sex life and sexual orientation.
Who we are
We are a firm of solicitors regulated by the Solicitors Regulation Authority. For the purpose of the GDPR we are the controller of your personal data.
Whose personal data we control
We may collect, store use and share personal data about the following categories of people:
• Our clients, their family members, and other relevant persons
• Our advisers, consultants and other professionals
• Our suppliers and service providers
• Enquirers
• Complainants
Personal data we will collect about you
We set below the personal data we will collect in the course of advising and/or acting for you:
. Name. date of birth, gender, nationality, passport and/or identity card details;
. Address, telephone number, email address;
. Information relating to the matter in which you are seeking our service and/or representation.
Personal data we will collect about you
We set out below the personal data we will collect in the course of advising and/or acting for you depending on why you have instructed us:
. National Insurance and tax details;
. Financial details, bank account details;
.Employment, professional and business related information;
.Personal details of family members, relatives and other relevant individual;
. Information relating to marital status;
. Information relating to online presence
.Medical information
. Education, lifestyle and social circumstances;
. Racial, ethnic origin, gender and sexual orientation, religious or similar belief related information
We require this personal data to be able to provide our services to you.
How your personal data is collected
We collect most of this information directly from. However, we may also collect information;
. from publically accessible source such as the Company House, H M land Registry; etc;
. directly from a third party, eg;
. credit reference agencies;
. clients due diligence providers;
.from a third party with your consent, eg
. your bank or building society other financial instructions;
. consultants and other professionals we may engage in relation to your matter;
. your employer and/or trade union, professional body or pension administrators;
. doctors medical and occupational health professionals;
. via website
. via our information technology (IT) system, eg;
.case management, documents management and time recording system;
. automated monitoring of our website and other technical systems such s our computer networks and connections, CCTV and control systems communication systems, email and instant messaging system.
How and why we use your personal data
Under data protection law, we can only use your personal data if we have a proper reason for doing so. When we use your data we will rely on one or more of the following reasons:
. to provide our services to you;
. to protect and promote your legitimate interest;
. for the performance of our contract with you or take steps at your request before entering into a contract;
. to comply with our legal regulatory obligations; or
. where you have given consent
A legitimate interest is when we have a business or commercial reason to use your information, so long as this not overridden by our own rights and interests.
The following is a list of example of what we may use your data for:
.Verify your identity;
. Verify source of your funds;
Providing you with legal advice and representation in your legal matter(s);
. Obtaining insurance for you or on your behalf;
. Keeping records of your legal matter(s) or transaction(s);
. Instructing third party such as barristers, experts, etc
. Ensuring business polices are adhered to, eg. Policies covering security and internet us;
. Operational reasons, such as improving our practice, eg in relation to our client’s base, work, type or other efficiency measures;
.Gathering and providing information required by or relating to audits, enquires or investigations by regulated bodies;
. External audits and quality checks such as for Excel, ISO or Investors in People accreditation and the audit of our accounts;
Responding to a complaint or allegation of negligence against us:
Marketing our services
The above table does not special category personal data which we will only use with your explicit consent.
Marketing Communication
We may use your personal data to send you update (by email, text messages, telephone or post) about legal development that might be of interest to you and/or information about our services, including exclusively offers promotions or new services.
We will contact you before marketing purposes only with your consent. Please tick the relevant box on the letter of Acknowledgement’ if you would like to hear from us as indicated above.
Who we may share your personal data with
. Professional advisers who are instructed on your behalf or refer you to. eg. Barrister, medical professionals, accountants, tax advisers, translators or other experts:
. the Home office;
. solicitors acting on the other side;
. other third parties where necessary to carry out your instructions, eg your mortgage provider or H M Land Registry in case of property transaction or Company House
. Courts, Tribunal and the HMRC;
. credit reference and identity verification agencies
.our insurers and brokers;
. our IT and case management providers;
. contracted suppliers;
.external auditors eg. In relation to ISO or Lexcel accredited and the audit of our accounts;
.bank (s), building societies or other financial institutions;
.other third parties where disclosure is required by law or regulation;
.other third party, family members or personal representative in relation to who you have instructed us to discuss your case with;
We only allow our service providers to handle your personal data if we are satisfied that they take appropriate measure to protect your personal data.
We may also disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations
We may also need to share some personal data with other parties. Such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidential obligations.
There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent which you are free to withdraw at any time.
Where your personal date is held
Information may be held at our offices and those of third party agencies, service provider’s representatives and agent as described above.
Keeping your personal date secure
We have appropriate security measure t prevent personal data from being accidently lost or used or access unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and nay applicable regulator of a suspected data security breach where we are legally required to do so.
How long your personal data will be kept
We will retain your personal data only as long as necessary to fulfil the purpose for which the information was collected or as required by law or as long it is out in any relevant contract you hold with us.
We will do so for one of these reasons:
. to respond to any questions, complaints or claims made by you or your behalf;
.to show that we it confidential
. to keep records required by law
We will not retain your data for longer than necessary for the purpose set out in this policy. Different retention period apply for different types of data. For instances, we will keep your personal data:
. for as long as necessary to provide our services
. minimum of 7 years following the conclusion of your legal matter(s) in case we may need o re-open your case to respond to any questions, complaints or claim, made by you or on your behalf:
. for the duration of the trust, if your matter involves a trust
. indefinite if your matter involves a Will or related transaction:
In order to meet our regulatory requirements, we may be required to retain basic information about you, including your name, address, and date of birth in our electronic database for longer period. When it is longer necessary to retain your personal data, we will detect it.
Your rights
Under GDPR you have a number important rights, which you can exercise free of charge including:
. Right to access: The right to be provided with a copy of your personal data.
. Right to be informed: The right to be informed of what, why and how your personal data is collected and used.
. Right to rectification: The right to require us to correct any mistake in your personal data.
Right to erasure: The right to require us to delete your personal data where there is no compelling reasons for continue processing.
.Right to object: The right to object processing based on legitimate interest: and direct marketing.
. Right to restrict process: The right to require us to restrict processing of your personal data in certain circumstances eg. If you contest the accuracy of the data.
.Right to data portable: The right to receive the personal data you provided to us, in a structured, commonly used and machine readable format and/or transmit that data to a third party in certain situations
. Right not be subject to automated individual decision marketing. The right not to be subject to a a decision based solely on automated processing (including profiling) that produces legal affects concerning you or similar significantly affects you.
Further information about these rights can be found on the Information Commissioners Website: www.ico.orguk/for-the-public/(http: ww.ico.org.uk/for- the-public/).
If you would like to exercise any of these rights, please
.email, call or write our Data Protection Officer – Mr Sam Ewo Info@harrisonmorgans.co.uk, 0208 533 1090- 7 Mare Street, London E8 4RP
. let us have enough information tom identify you;
let us have proof of your identity and address ( a copy of your driving licence or passport and a recent utility or credit cred it bill and
. let us know the information to which your request relates, including any reference number if you have them.
How to complain
We hope that we can resolve any query, concern or complaint you may raise about our use of your information. You can also complaint to Information Commissioner’s Office, the UK supervisory authority.
The General Data Protection Regulation (GDPR) also gives you rights to lodge complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113
Changes to this policy
We may change this policy from time to time for updating and continue compliance purposes.
How to contact us
You can contact us by email, telephone or post if you have questions about this privacy policy or comments.
Mr Sam Ewo
Harrison Morgan Solicitors
7 Mare Street, London E8 4RP
Email: info@ Harrison morgans.co.uk
Tel: 0208 533 1090