Edwards Family Law considers that the privacy of and management of the data it holds to be of paramount importance.
Please read the following information carefully. This privacy notice contains information about when and why we collect and store personal information from you. It also tells you how this personal information will be used, when it might be disclosed to third parties, how it will be kept secure and how long it will be retained. It also provides details of how to contact us and if you have a complaint. If you have any requests concerning your personal information or any queries about these practices, please contact us by e-mail at GDPR@edwardsfamilylaw.co.uk
1. WHO WE ARE
Edwards Family Law Limited (trading as Edwards Family Law) collects, uses and is responsible for certain personal data about clients and members of the public. We are regulated under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 and we are a controller of that personal information for the purposes of those laws. We are registered with the Information Commissioner’s Office with registration number ZA520379.
If you have any questions about this notice or if you want to exercise any of your rights under data protection laws you should contact Kelly Edwards by email at email@example.com
2. THE PERSONAL INFORMATION WE COLLECT AND USE FROM OUR CLIENTS
In the course of the provision of legal services (the Services) we collect some or all of the following personal data from our clients:
- the names of children (if any);
- residential address and business address;
- contact details, for example telephone number and email address;
- date of birth;
- marital status;
- copies of passport, national identity card, driving licence, utility bills, bank statements and similar documents;
- business and professional qualifications and experience;
- immigration status and work permits;
- data from our building access controls; and,
- data from our IT and communications monitoring system.
3. THE PERSONAL INFORMATION WE COLLECT FROM VISITORS TO OUR WEBSITE
We will collect information that you voluntarily provide to us if you fill in a form in our website or apply for a vacancy through the website. This information may include the following personal data:
- residential and business address;
- contact details, for example email and telephone number;
- and, where you provide it, some categories of personal data, for example ethnic origin and gender.
4. THE PERSONAL INFORMATION WE COLLECT FROM SUPPLIERS AND OTHER THIRD PARTIES
In the event you provide us with your personal data other than through use of our website or if we obtain your personal data from another party or from information you have made public, we will only collect, process and store your information for the purposes set out in this notice.
5. REASONS WE COLLECT AND USE PERSONAL DATA
We will only process personal data for the following purposes:
- To provide you with the information, products, and/or services you request;
- responding to your queries, requests and other communications;
- providing legal services, including dealing with legal proceedings, under a retainer or contractual agreement;
- enabling suppliers and service providers to carry out certain functions on our behalf in order to provide legal services, including webhosting, data storage, identity verification, technical, logistical, courier or other functions, as applicable;
- allowing you to use features on our website, when you choose to do so;
- sending you personalised marketing communications requested by you;
- ensuring security and preventing or detecting fraud;
- administration, including complaints’ resolution, troubleshooting of our website, data analysis, testing of new features, research, statistical and survey purposes;
- developing and improving the legal services we offer;
- recruitment and employment; and
- complying with legal and regulatory requirements and applicable law, including anti-money laundering legislation, guidelines and regulations or in response to a lawful request from a court or regulatory body.
The legal basis for our processing of personal data for the purposes described above will typically include:
- processing necessary to fulfil a contract that we have in place with you or other data subjects;
- your explicit consent;
- processing necessary for our or a third party’s legitimate interests, which is carried out on the basis of our legitimate interests to ensure that legal services are properly provided, our security and our clients security and our proper administration;
- processing necessary for compliance with a legal obligation to which we are subject; and,
- any other applicable legal grounds for processing from time to time.
6. SPECIAL CATEGORIES OF (SENSITIVE) PERSONAL DATA
You may also supply us with, or we may receive, special categories of (or sensitive) personal data. This is defined by data protection laws to include personal data revealing a person’s racial or ethnic origin, religious or philosophical beliefs, or data concerning health. We process these special categories of personal data on the basis of one or more of the following:
- where you have given explicit consent to the processing of the personal data for one or more specified purpose(s);
- where the processing relates to personal data which is manifestly made public by you;
- where the processing is necessary for the establishment, exercise or defence of legal claims;
- where the processing is necessary for reasons of substantial public interest, in accordance with applicable law. Such reasons include where the processing is necessary:
(a) for the purposes of the prevention or detection of an unlawful act or for preventing a fraud;
(b) for the provision of confidential advice.
7. DATA RELATING TO CRIMINAL CONVICTIONS AND OFFENCES
We will only collect and store personal data relating to criminal convictions and offences (including the alleged commission of offences) where necessary for the purposes of:
- the prevention or detection of an unlawful act and it is necessary for reasons of substantial public interest;
- providing or obtaining legal advice; or
- establishing, exercising or defending legal rights.
8. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
We routinely share personal data from our clients with various third parties in order to properly progress your case and in order to provide legal services. Third parties may include:
- Other law firms and the courts;
- Legal service providers;
- Third party experts such as forensic accountants;
- Business services suppliers;
- Background and identity check providers and credit check agencies;
- Agents, consultants and contractors;
- Insurance brokers and insurance companies;
- Third party litigation funders;
- Government, regulatory and other official bodies;
- law enforcement or other authorities if required by applicable law.
We will not share personal information with any other party unless specifically requested by you.
We use your personal data to notify you by email, telephone, post or SMS about important legal developments and services which we think you may find valuable, for sending you newsletters, invitations to seminars and similar marketing.
In this connection we may disclose personal data to third parties providing marketing services to us, or with whom we are conducting joint marketing exercises.
You have the right to opt out of receiving direct marketing communications from us at any time by contacting Kelly Edwards, using the contact details set out above, or using the unsubscribe link in emails.
10. EMAIL MONITORING
Email which you sent to us or which we send to you may be monitored by us to ensure compliance with professional standards and our internal compliance policies. Monitoring is not continuous or routine, but may be undertaken on the instruction of a partner where there are reasonable grounds for doing so.
11. FAILURE TO PROVIDE INFORMATION
If clients do not provide the personal data that we ask for and that we need to enable us to carry out their instructions, it may delay or prevent us from providing legal services to them.
The provision of name and address and information on identity documents is required from clients to enable us to comply with our obligations under anti-money laundering legislation.
12. HOW LONG WE KEEP YOUR DATA
We will hold the information we hold for our anti-money laundering checks on our clients for five years from the end of our relationship with the client. We will hold all other personal information on clients for seven years from the conclusion of their case. We hold the information visitors to our website give us for six months.
13. TRANSFER OF YOUR INFORMATION OUT OF THE EUROPEAN ECONOMIC AREA (EEA)
We will not routinely transfer personal data outside of the EEA or to any organisation governed by public international law or which is set up under any agreement between two or more countries. If we do propose to transfer personal data outside of the EEA, we will check that the data subject’s privacy rights are adequately protected by appropriate technical, organisational, contractual or other lawful means.
14. YOUR RIGHTS
Under the GDPR data subjects have a number of important rights. Those include rights to:
- fair processing of information and transparency over how we use your personal information;
- access your personal information;
- require us to correct any mistakes in your information;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
- object in certain other situations to our continued processing of your personal information;
- otherwise restrict our processing of your personal information in certain circumstances.
If you would like to exercise any of those rights, please:
- Email, call or write to our DPO, Kelly Edwards at firstname.lastname@example.org;
- Let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
- Let us know the information to which your request relates.
15. HOW WE KEEP YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify the data subject and any applicable regulator of a suspected data security breach where we are legally required to do so.
We hope that our DPO, Kelly Edwards, can resolve any query or concern raised about our use of personal information.
The General Data Protection Regulation also gives a right to lodge a complaint with a supervisory authority, in particular in the European Union (or EEA) state where you work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone 0303 1231113.
17. CHANGES TO THIS PRIVACY NOTICE
This privacy notice was published on 14 May 2019
We may change this privacy notice from time to time, and when we do we will update the copy on our website.