Privacy Notice
Belgravia Solicitors is a “data controller” for the purposes of the General Data Protection Regulation (GDPR). This means that we are responsible for deciding how we hold and use personal information about you.
Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of Personal Data about you including, but not limited to, identity data, contact data, financial data, and data concerning your case, general instructions and the legal services provided by us. We may also process sensitive personal data in connection with the legal services provided which includes information concerning racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation and data regarding criminal convictions.
We will collect personal information about you and any relevant third parties during the engagement process, either directly from you or sometimes from your permitted agents and representatives. We may also collect additional information about you from third parties including the police, court service, crown prosecution service, parole board, legal aid agency, experts & consultants, family members, connected individuals and other agents or public bodies who may be involved in the conduct of your case. Additional personal information may be collected during the course of your relationship with us and any subsequent instructions we may receive.
Belgravia Solicitors will only use your personal information when the law allows us to. Most commonly, we will use your personal information:
- where we need to perform the contract we have entered into with you (or in order to enter into such a contract);
- where we need to comply with a legal obligation;
- where it is necessary for our legitimate interests (or those of a third party)and your interests and fundamental rights do not override those interests; or
- where it is necessary for the purpose of, or in connection with,
- legal proceedings (including prospective legal proceedings), the purpose of obtaining legal advice, or is otherwise necessary for the purposes of establishing, exercising or defending legal rights.
Please note that some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
Generally, we do not rely on consent as a legal basis for processing your personal data and we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. If it becomes necessary to obtain your consent, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of any contract with us that you agree to any request for consent from us and you will be able to withdraw your consent at any time.
We need all the categories of information listed above primarily to allow us to provide you with legal services, as per your instructions. We will keep your information confidential and will only use it for the purpose(s) for which it was provided or as is permitted in law (i.e. for dealing with complaints or regulatory investigations). Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a contract you have with us but we will notify you if this is the case at the time.
We may have to share your data with third parties. We will only share your personal data with third parties where required by law, where it is necessary to administer the contract you have with us or where we have another legitimate interest in doing so.
This may include barristers; experts; and others who we need to instruct to assist us with your matter, the Legal Ombudsman (if you complain about our services) and the Solicitors Regulation Authority (the statutory body that regulates solicitors). In doing so we will always take care to ensure that your information remains confidential and safe. We will liaise with you during your case about which experts, barristers and other third parties we instruct on your behalf. Sometimes we ask other companies or people to undertake tasks on our files to ensure this is done promptly (for example photocopying/scanning).
If you are a client under the legal aid scheme then we may be required to share some or all of that information with the Legal Aid Agency and / or with our quality assurance auditors. We may need to share some or all of your information with quality assurance auditors for the purposes of their assessment of whether we are adhering to quality standards.
Any examination will be strictly controlled and will be shared for the sole purpose of ensuring that our handling of your matter meets the requirements of the quality standard.
All third parties in the United Kingdom and the EU are subject to the provisions of the GDPR or similar regulations in relation to your Personal Data and we do not authorise third parties to use your Personal Data for their own purposes.
The data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. The GDPR restricts data transfers to countries outside the EEA in order to ensure that the level of data protection afforded to individuals by the GDPR is not undermined.
We will only transfer data outside the EEA where permitted to do so by law including where the necessary safeguards are in place such as standard contractual clauses approved by the European Commission or where the European Commission has issued a decision confirming that the country to which we transfer the Personal Data ensures an adequate level of protection. If you have any questions about the transfer of data outside the EEA, please contact us for further information.
The GDPR requires us to put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We ensure that reasonable security measures are taken against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so. If you have any questions about our current organisational and technical security procedures, please contact us for further information.
We will retain your information for a reasonable period or as long as the law requires.
Your Rights in connection with your Personal Information
You have a right to access the personal data we hold about you. You may ask us to rectify or erase the personal data we hold about you or to restrict the processing we carry out. You can also object to the way we are processing your personal data or request it is transferred to a third party.
For a full list of your rights and how these can be exercised, please visit www.ico.org.uk/your-data- matters for further details. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
You also have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us in writing at: Office S7, Enterprise House, Foleshill Enterprise Park, Courtaulds Way, Coventry, CV6 5NX or alternatively, by email at: mail@belgraviasolicitors.co.uk
The firm is registered with the Information Commissioner’s Office under registration reference: ZA811886.
Electronic Communications
During the course of this contract, we may wish to communicate electronically with one another. The electronic transmission of information cannot be guaranteed to be secure or error-free, as it will be transmitted over a public network, and such information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or otherwise be adversely effect or unsafe to use. We each agree to use reasonable procedures to check for the most recently known viruses before sending information electronically but we each recognise that such procedures cannot be a guarantee that transmissions will be virus free. We shall each be responsible for protecting our own interests in relation to electronic communications. Save in the case of fraud, neither of us (nor any Belgravia Solicitors person) should be liable to the other on any basis in respect of any damage or loss arising from or in connection with the electronic communication of information between us.
Future Contact
We sometimes use your personal data to enable us to provide you with further information in the future, where we think that such information might be of interest to you. If you do not wish to receive such information please let us know at any time and, thereafter, we will not retain your data on our system for such purposes.
