Place, Blair and Hatch Solicitors takes privacy very seriously. This privacy notice explains our practices regarding the collection, use and disclosure of your personal data as a result of you using this website.
Please read through this Privacy Notice together with any Terms of Business Letter and General Data Protection Policy sent to you.
Responsibilities: We are the Data Controller of the personal data we process and we will comply with Data Protection Law and Principals, which means that your data will be:
- Used lawfully, fairly and in a transparent way;
- Collected for the purposes explained in this notice and not used for any other purposes;
- Relevant to the purposes explained and limited to what is necessary to achieve those purposes;
- So far as possible, accurate and kept up to date;
- Kept for no longer than is necessary for the purposes we have told you about and in a manner that ensures appropriate security.
Should you have any queries regarding this Privacy Notice or if you want to exercise your legal rights in relation to your personal data you should contact in writing the Data Protection Officer at Place, Blair and Hatch. The Old Grammar School, 240 High Street, Northallerton, North Yorkshire, DL7 8LU. You can also email the Data Protection Officer at firstname.lastname@example.org
Changes to the Privacy Notice and your duty to inform us of changes
This version was last updated January 2019.
Please advise us of any changes in your personal data as it is important that the personal data held by us during our relationship is accurate and up to date.
Third Party Links
This website may include links to third party websites which we do not control and we would suggest that you read the Privacy Notice of such third party websites should you choose to visit them.
Personal Data We Collect About You
We will collect personal data from you such as:
- Your personal details including name, date of birth, address, telephone number, email address, national insurance number, marital status.
- Financial details such as bank account and payment card details.
- Profile data such as you responses to our client surveys.
- Information about how you use our website, products and services.
- Sensitive personal information. This data will be used for the specific purpose that you provide it for and to provide the services described in our Terms of Business Letter.
How We Collect Your Personal Data
We collect your personal data from various methods including as follows:
- Obtaining it directly from you by requesting you to fill out a form or survey, by correspondence, post, email or otherwise. This includes when you make an enquiry on our website, request a quote for legal services, instruct us to provide legal services or provide feedback.
- When you visit our website technical data is collected by using cookies.
- Personal data about you from third parties and public sources such as Companies House and the Land Registry.
- Job applications.
Why We Collect Your Personal Data
We collect data about you for the following reasons:
- If you instruct or look to instruct us to provide legal services, to enable us to carry out those services.
- The collection of identity information enables us to verify your identity and to ensure that we avoid any conflict of interest developing between our clients.
- To comply with legal or regulatory obligations such as anti-money laundering regulations.
Please be advised that we do not sell your data and we will not pass your data on to a third party without giving you prior written notification.
What We Do With Your Data: We will use your data to:
- Assess whether we are able to act for you;
- Provide legal services, advice and support to you;
- Manage those services we provide to you;
- Contact you using your preferred contact method;
- Maintain internal record keeping and analysis;
- Obtain feedback on customer satisfaction through our Customer Satisfaction Surveys for example;
- Train and manage our employees who deliver services;
- Investigate any complaints about the services provided.
To provide the legal services as detailed in our Terms of Business Letter we may share data with third parties. Such third parties will vary depending on the service provided but might include HM Revenue & Customs, the Probate Registry, the Land Registry, professionals providing services such as accountants, insurance companies.
Third party service providers must take appropriate security measures to protect your personal data. We only allow them to use the data in accordance with our instructions and not for their own purposes.
We may also need to share your data to meet our regulatory and legal obligations with the following organisations:
- The Solicitors Regulation Authority (SRA) or the Financial Conduct Authority (FCA);
- Serious Organised Crime Agency (SOCA) where criminal activity is suspected;
- National Crime Agency (NCA) where fraudulent activity or money laundering activities are suspected;
- Office of Financial Sanctions Implementation (OFSI) where a customer matches a government list of individuals with frozen assets.
How We Will Keep Your Personal Data Safe
- We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way;
- We limit access to your personal data to those agents and third party service providers who need it to assist in the services being provided as detailed in our Terms of Business Letter to you. They will only process your personal information on our instructions and they are subject to a duty of confidentiality;
- We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so;
- We use anti-virus software to protect our systems and data.
Your Rights Regarding Your Personal Data: If you require information regarding your rights under the Data Protection Law you should visit the Information Commissioners Office website (www.ico.org.uk). We summarise your rights as follows:
Request Access: A Data Subject Access Request allows you to obtain a copy of the personal data we are holding about you. Upon receipt of a written request, we must give you access to paper and electronic information that we have within 30 days. We cannot provide you with parts of your record which contain confidential information about other people, data which may cause harm to someone or information that may hinder the prevention or detection of a crime.
Request a Change to Inaccurate Information: You can require inaccurate personal data to be corrected any incomplete personal data to be completed.
Delete Information (Right to be Forgotten): You can require us to delete or remove personal data for example where such personal data is no longer necessary in relation to the purposes for which it was collected, where the processing is unlawful or where you have withdrawn your consent for us to use your information (where there is no other legal reason for us to use it).
We cannot delete information that we are required to retain by law, to meet our regulatory and statutory obligations or in order to defend future legal claims.
Restrict Use of Your Personal Data: You can require us to stop processing data for a period in the following circumstances:
- While we verify the accuracy of personal data which you contest;
- Where the processing was unlawful;
- Where we no longer need the personal data for the purposes of the legal services provided but you require the data for the establishment, exercise or defence of legal claims
Right to Object: You have the right to object to the storage and use of your personal data in two circumstances:
- If we base the reason we are holding your data on the grounds that it is necessary for our legitimate interest or those of a third party and there is something relating to your particular situation which makes you want to object.
- If we are using your personal data for direct marketing purposes.
Right to Complain: You can complain to the Information Commissioners Office, the UK Supervisory Authority for data protection issues (www.ico.org.uk).