Amicus Law LLP respects the privacy of all individuals and we are committed to protecting your personal information (also known as ‘data’).
The purpose of this policy is to inform you how we look after your personal data, make clear your rights and how your privacy is protected by law.
It is important that all personal information we hold is accurate and up to date. We ask you to keep us informed of any changes that occur during your relationship with us.
1 | About us
Amicus law (also referred to as ‘we’ or ‘us’) is a limited liability partnership (number OC399264) authorised and regulated by the Solicitors Regulation Authority and registered in England and Wales under SRA number 628528.The registered office is Regional Rural Business Centre, Market Way, Bridgwater, Somerset, TA6 6DF. We are registered with the Information Commissioners Office (ICO) under number Z2138086.
2 | Who do we collect personal information from?
- Employees and prospective employees.
- Suppliers and service providers.
- Business and Legal contacts.
3 | Information we may collect about you.
Personal data means any information relating to an individual from which they can be identified. It does not include anonymous data, i.e. any data where the individual’s identity has been removed.
The various types of data include the following:
- Personal information such as name, date of birth, gender, marital status, national insurance number, passport and driving licence, family, employment etc.
- Contact information such as address, telephone numbers, email addresses, social media.
- Financial information such as bank and building society account details, credit card cards, income and expenditure, pensions and HMRC.
- Technical information obtained in the course of access made to our website, and in relation to your use of our services and the provision of services to you.
- The transaction details.
- Marketing preferences.
We may also acquire and process certain sensitive data which is a special category of information relating to an individual. We are only able to process such information if you have given specific consent, it is a legal requirement for us to hold such information or it is necessary to enable us to provide you with the service we are contracted to provide. The categories of information concerned are as follows:
- Racial or ethnic origin.
- Political opinion.
- Religious or philosophical beliefs.
- Trade Union membership.
- Genetic and biometric data.
- Sex life or sexual orientation.
We do not collect or store information relating to any offences committed by an individual or their criminal convictions unless it directly relates to the matter for which we have been instructed or we are legally obliged to retain it.
4 | How your personal information is collected.
Personal data is collected by various methods, the most frequent of which are:
- Direct contact with you face to face, by email, letter and telephone. The level and type of data collected will depend upon the basis of our relationship with you. In particular, whether you are a client or a prospective client, an employee or a prospective employee, a supplier, service provider or contractor.
- From our website via the ‘Contact Us’ page, the message service on the website and through our social media platforms. When you contact us using our website certain technical information is automatically collected such as your IP address operating system and browser type together with information concerning your use of the site, such as the URL, length of visit and pages viewed.
- Networking events and seminars attended by you. We may from time to time invite you to certain networking events and seminars being held by us where we feel they would be of use and interest to you.
- It is a legal obligation for us to obtain your consent before providing any marketing communications and we shall not do so without having such consent. You can also withdraw your consent to receiving marketing material from us at any time either by contacting us directly or unsubscribing via the link on any electronic communication received. At present we do not undertake any form of direct marketing.
- Through third parties such as those we have joined with to provide relevant information concerning the use of our website such as Google Analytics, companies and organisations providing specific search information such as Jordans and Companies House or public resources such as search engines and social media platforms.
5 | Why personal information is used by us.
- To enable us to perform the contract for legal services we are entering or have entered into with you or others at your request and provide additional client services you may require. We will not request or hold personal information about you or others unless it is necessary to enable us to perform the contract for the supply of services agreed between us.
Unfortunately, if you do not wish to provide us with your personal information we will be unable to provide any service to you.
- To confirm your identity in accordance with the money laundering regulations which is a legal obligation we have, and to enable us to carry out credit reference checks if necessary and appropriate.
- To comply with our legal and regulatory obligations placed upon us by our governing body and legislation such as audits and investigations.
- To protect our legitimate interests and to share commercial information with other relevant individuals or companies, to work with them to improve services and enable our business to continue to develop.
- To assist us in improving and evolving the services offered to you through our website and our social media accounts.
- To legitimately transfer your data to a third party in the event that we sell our business or any part thereof to enable the purchaser to continue to provide the service to you.
6 | Disclosure of Information to Third Parties
We may share your personal information with certain external third parties to enable us to properly carry out our services to you and comply with our legal and regulatory obligations as referred to previously. Examples of such third parties include:
- Those providing IT, software, marketing and administration services. In particular our external IT support is provided by Bluegrass Computer Systems and our case management system is provided by Solicitors Own Software.
- Other professionals including lawyers, accountants, experts, bankers, insurance providers and recruitment services.
- HMRC, Companies House and HM Land Registry.
- Event and marketing organisers.
We do not accept any liability for the actions of third parties in relation to your personal information and neither do we have any responsibility for their privacy policies.
7 | Storage of Personal Information
All personal information held electronically is stored on secure servers within the UK. If your data is transferred, stored or processed outside the European Economic Area (EEA) it will be for a legitimate reason to enable us to provide relevant services to you.
Where personal information is transferred outside the EEA we ensure that safeguards are in place. This can be by ensuring either:
- The jurisdiction of the recipient is considered to provide an adequate level of data protection, as determined by the European Commission.
- That contracts approved by the European Commission are in place.
- That a U.S. based recipient is part of the Privacy Shield which requires them to afford the similar protection to that agreed between Europe and the U.S.
8 | Data Security
Appropriate security measures are put in place to prevent your personal information from being accessed or used without your authority or from being lost, changed or disclosed.
Please bear in mind that the transfer of data via the internet and email may not be secure and whilst we will use our best endeavours to protect your personal information we cannot guarantee the security of any information sent to us via the ‘Contact Us’ page on our website and sending information by this method is at your own risk.
Access to your data is limited to those who need access for legitimate business reasons such as relevant employees and third parties. Your personal information will only be processed on our instruction and any party with access is, and remains, subject to a duty of confidentiality.
Should we suspect that there has been a personal data breach we will notify you immediately along with the relevant regulators as required by law.
9 | Data Retention
Any data collected from you in the course of a transaction will only be retained in accordance with the legal, accounting or reporting requirements placed upon us. This means that once our service to you has concluded we will need to hold your personal information for a certain period of time thereafter. A copy of our policy concerning the retention of files relating to the matter for which we were instructed by you is available upon request. The length of the retention period varies according to the matter type.
Where your personal information has been collected with your consent for marketing reasons we may continue to contact you. You have the right, at any time, to ask that your data be removed from such lists.
In certain circumstances (usually for analytical or research purposes) we may anonymise your data so that you cannot be identified from it. If we do this we shall retain such anonymised information indefinitely.
10 | Your Rights
The data protection laws give you certain rights over your personal information which are exercisable by you in some circumstances:
- You have the right to request access to the personal data we hold about you by making a ‘data subject access request’. This includes the right to know what personal information we hold, why we hold it and to request a copy. This means that you are able to ensure that we are processing your data lawfully.
- You have the right to request rectification of any incomplete or inaccurate personal information held subject to verification by us of its accuracy.
- You have the right to object to the processing of your information on grounds relating to your personal situation and the impact that the processing has upon this. However, our legitimate grounds for processing your data may override your rights and freedom. You also have the right to object to the processing of your personal data for marketing purposes.
- You have the right to request that your personal information be erased where there is no lawful or legitimate reason for it to be retained by us or where you have successfully exercised your right to object to the processing of your data.
- You have the right to restrict the processing of your personal information if you contest the accuracy of your data (and for so long as this takes to verify), the processing is unlawful but you do not require erasure, we no longer require the data save to defend or exercise our legal rights or if we need to verify whether or not we have overriding grounds for processing the same.
- You have the right to request the transfer of your personal data to a third party or for it to be released to you. Any data so requested will be supplied in a structured, commonly used, machine-readable format. This right only applies to automated information which you provided contest to us using, or which we were required to use in the performance of our contract with you.
- You have the right to withdraw your consent to us using your information at any time where you have previously given your consent. If this is likely to affect any of the services we currently offer to you we will advise you accordingly.
Should you wish to exercise any of the rights listed above please contact us. You will not have to pay a fee to access your personal data or exercise your rights although we reserve the right to do so if your request is deemed unreasonable, unfounded or excessive. In such circumstances we can also refuse to comply with your request.
To protect your information you may be required to provide evidence confirming your identity when making a request. This is to ensure that your personal information is not divulged to a person without entitlement to it.
We will endeavour to respond to all subject access requests within one month. If the timescale is likely to exceed this we will keep you informed.
12 | Complaints
If you believe that we have not adequately resolved a matter you have raised with us in relation to the protection of your privacy you have the right to complain to the Information Commissioners Office (the ‘ICO’). You can visit their website at www.ico.org.uk.
13 | Contact
All questions, comments and requests regarding this policy should be addressed to the Head of Professional Standards by email at firstname.lastname@example.org in writing to Amicus Law LLP, Regional Rural Business Centre, Market Way, Bridgwater, Somerset, TA6 6DF.