We area “data controller” which means that we are responsible for deciding how we hold and use personal information about you and for clearly explaining it to you. We are registered with the Information Commissioner’s Office as a data controller (ZA227518). We are a company incorporated in England and Wales (Company Number 09428051). Our registered office is 57 High Street, Shepton Mallet, Somerset, BA4 5AQ.
Whose information do we hold and what information will we collect.
Personal information means any information about an individual from which that person can be identified. We will hold information about Employees, Clients, Suppliers and Service Providers, third party contacts, parties on the other side in client matters, advisers, consultants, professional experts and other non-client contacts.
We may collect different information depending on your relationship with us. We will only collect information that is relevant to the matter that we are dealing with. This is necessary to enable us to perform the contract between us for the provision of legal advice, to establish or defend legal claims, to inform and improve the service we provide and in the legitimate interest of managing our business and improving our overall services. We may store and use the kinds of personal information listed below.
- your name, address, date of birth, gender, relationship status, employment details, contact details, bank details, background information about you and your relationship with the firm which may include lifestyle information and information about your family
- information that you provide when communicating with us through our website and using our website which may include your email address
- information relating to your legal matter and our instructions. This may include information about your family or other third parties
- information about your computer and your visits to our website. This may include your IP address, length of visit, geographical location, pages viewed and navigation paths
- your marketing preferences and information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters
- information that you post to our website for publication on the internet
- feedback you provide to us on our services
- information that is referred to as being in a “special category” which requires higher levels of protection and could include personal information about physical or mental health, disability, nationality, race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, criminal convictions
How will we use your personal information?
We will only use your personal information when the law allows us to. We will not, without your express consent, supply your personal information to any third party for the purpose of direct marketing. We may use your personal information for the following purposes:
- to provide legal services and to perform the contract we have entered into with you
- in connection with any ongoing or prospective legal proceedings
- to deal with enquiries or complaints
- to promote our services such as sending marketing materials and our newsletter. If you no longer wish to receive our newsletter you can inform us at any time via the unsubscribe link
- to administer and maintain our website
- to maintain accounts and records
- to administer, support and manage our business and staff
- where it is necessary for our legitimate interests or those of a third party and your interest and fundamental rights do not override those interests
- where we need to comply with a legal obligation
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
- with your consent
Who do we share your personal information with?
We may share your personal information with
- Our employees (normally this would be limited to those assisting with you matter)
- Professional advisers (such as Barristers and experts)
- Courts and Tribunals
- Suppliers or subcontractors
- Our regulator, the Solicitors Regulation Authority (“SRA”) HMRC or other government or law enforcement agencies
- Our insurance providers and our professional indemnity insurance broker
- Lexcel (the Law Society’s Legal Practice Accreditation Service) and other auditors for the purpose of auditing our compliance with our legal obligations (including Anti-Money Laundering requirements) and the SRA rules
How long do we keep your personal information
We will normally only keep your personal information for as long as necessary to fulfil the purpose for which we collected it. This would usually be throughout the period of time that we do work for you and afterwards for a suitable retention period as we are required to do by law to ensure we comply with any legal, accounting or reporting requirements.
We retain client files for a minimum of 7 years after the end of the matter, and the maximum period will depend on the nature of your matter. Confirmation of retention periods relevant to your matter will be outlined in the client care letter sent to you, if you instruct us to take on the matter. Accounting and financial information is retained for a period of 6 years, plus the current financial year, after the end of the matter.
We will also keep personal information if we consider that the information may be relevant to any ongoing or prospective legal proceedings and if necessary to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
Security of personal information
We have put in place appropriate technical and organisational precautions to protect your personal information from being lost, disclosed, misused, altered or accessed in an unauthorised way. We limit access to your personal information to those employees, agents, contractors, and other third parties who need to know. They will only process your personal information on our instructions and where they will keep it secure and are also subject to a duty of confidentially.
Contacting us via email
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government standards. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Unfortunately, the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. We store all personal information on our secure (password- and firewall-protected) servers.
We have put in place procedures to deal with any suspected data security breach and will notify you as well as any applicable regulator of any suspected breach where we are legally required to do so, or where it will mitigate risk to your rights and freedoms.
Transfers to third countries
All personal information which we hold is hosted on servers located within the EEA. If we are required to transfer information outside the EEA which would usually only be necessary for the performance of our contract with you or for the defence or exercise of legal claims we will take all reasonable steps to ensure that such transfers are secure and that appropriate safeguards are in place to protect your personal information. If you are based outside the EEA we may transfer personal information to the correspondence address that you provide to us and we will take all reasonable step to ensure such transfers are secure.
Your rights in connection with personal information we hold about you
In certain circumstances you have the following rights
- to request access to your personal information also known as a “subject access request”. This allows you to receive a copy of the personal information we hold about you. We will usually deal with your request free of charge and within 30 days. We reserve the right to charge a reasonable administration fee and to extend the time by a further 2 month period if your request is very complex/manifestly unfounded or excessive. Alternatively we may refuse to comply with the request in such circumstances.
- to request that we correct personal information we hold about you that is incomplete or inaccurate.
- to request erasure to your personal information. You can ask that we delete or remove your personal information if there is no good reason for us to continue holding it. We will deal with your request within 30 days however we reserve the right to retain information that we are required to hold by law or regulation, or that is required to exercise or defend legal claims
- to object to our processing your personal information where we are relying on a legitimate interest or we are processing your information for direct marketing purposes
- to request restriction of processing of your personal information
- to data portability or to request that we transfer your personal information to another party.
- to withdraw consent if you have provided your consent to the collection, processing and transfer of your personal information
To exercise any of the above rights or if you are unhappy about how we are using your personal information please contact Dervla Nash on 01749 330330 or email firstname.lastname@example.org
We may need to request personal information of you to confirm your identity and ensure your right to access information. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Our Cookies Policy
|PHPSESSID||BGWsolicitors.co.uk||The PHPSESSID cookie is native to PHP and enables websites to store serialised state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie.|
|.google.com||These cookies are associated with Google Universal Analytics and are used to distinguish unique users by assigning a randomly generated number as a client identifier. They are included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.|
You can disable cookies for this website or for all websites, but it might mean that some website functions no longer work for you. You can find instructions on how to change your cookie settings at this website: www.allaboutcookies.org.
Our website runs Google Analytics which is a web analysis service provided by Google. This enables us track and examine and prepare reports on the use of our website. We use the information to identify and fix problems as well as to offer more content which proves popular. We also use Google Analytics to advertise on line and to report how our advertisements relate to visits to our website.
If you’re in the European Union, the Google Analytics tool may store your information outside of the EU. The United States do not have the same laws regarding data protection as those in the European Union. By using our website, you acknowledge that such transfers take place.