Gordons LLP, together with any group companies (“we” “us” “our”), are committed to protecting and respecting your privacy. For the purposes of data protection legislation, we are the data controller and will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 and national laws which relate to the processing of personal data. Please read this policy to understand our views and practices regarding your personal data.
2. VISITORS TO OUR WEBSITE
2.1 we may collect and process personal data about you as follows:
2.1.1 when you complete forms on our website (“Site”). This includes where you request a quote, ask us to contact you or sign up to receive communications from us;
2.1.2 when you report to us a problem with our Site or contact us for any other reason. We may keep a record of that correspondence; and
2.1.3 we may collect and process details of your visits to our Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that you access (see section 2.2.2 on Cookies).
2.2 We may also collect data in the following ways:
2.2.1 We may collect information about your device including, where available, your Internet Protocol address, to protect against fraud, and your device’s operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
2.3 we may use your personal data for our legitimate interests in order to:
2.3.1 provide you with information, or services that you request from us;
2.3.2 allow you to participate in interactive features of our Site, when you wish;
2.3.3 ensure that the Site’s content is presented in the best way for you/your device;
2.3.4 improve our Site and services;
2.3.5 process and deal with any enquiries made by you; and
2.3.6 contact you for marketing purposes where you ask for these (see section 7).
Our Site may contain links to, and be linked from other websites. If you follow a link to other websites, they will apply different privacy policies, which you should read. We do not accept any responsibility or liability for them.
3.1 we will collect your contact details when you instruct us to provide legal services. We will use these to fulfil our contractual obligations to you. We are subject to a professional duty of confidentiality when handling your information.
3.2 we may need personal information from documentation such as your utility bills, passport and/or driving licence to confirm your identity and comply with Anti-Money Laundering legislation.
3.3 when acting for you, we may need to share your personal data with others such as credit reference agencies (see section 8), payment providers, other legal advisers (with your consent), the courts and postal service providers. Where we are acting for you in a transaction where a loan is being provided and you have provided us with identification documentation, we may need to share this with your lender.
3.4 with your agreement if it is not anonymised, we may advertise your feedback on our Site and marketing material.
3.5 we will keep your information for a period of at least six years from when we close your file unless we notify you of a different retention period.
3.6 where you have subscribed to receive marketing correspondence from us we will keep your personal data as set out in section 7 below.
4. THIRD PARTIES
We may collect personal data about third parties in the course of acting for our clients. We will use this to comply with our contractual obligations to our clients and to discharge our professional and legal duties as officers of the Court. We may need to share this with others involved with our clients’ cases. We will retain such personal data for a period of at least six years from when we close our client’s file subject to any other agreed retention period and any legal/professional obligations.
We will collect contact details and bank details to order and pay for goods or services. We will keep this personal data for 6 years after being provided with the goods or services.
6. IF YOU FAIL TO PROVIDE PERSONAL DATA
Where we need to collect your personal data and you fail to provide it when requested, we may not be able to perform an existing or intended contract between us. In this case, we may have to cancel a service you have with us but we will notify you.
7.1 where you indicate you would like to receive marketing correspondence from us, subscribe to our mailing lists or newsletters, enter any of our competitions or give us your details at any events,we may use personal data for our legitimate interests in order to provide you with details of our services, legal and business updates and events which we think may interest you. We may also share your personal data with organisations who jointly deliver events with us.
7.2 we will always ask you to opt-in to marketing information we send to you. You have the right to opt-out of receiving the information detailed in section 7.1 at any time. To opt-out of receiving such information you can:
7.2.1 click on the unsubscribe button in any electronic marketing communication; or
7.2.2 email us at email@example.com or call 0300 077 0300 giving us your contact details.
Where you have subscribed to receive marketing correspondence from us we will keep your personal data until you unsubscribe.
8. CREDIT CHECKS
8.1 we may carry out a credit check on our clients:
8.1.1 so that we can make credit decisions about you; and
8.1.2 to prevent fraud and money laundering.
8.2 our search will be recorded on the files of the credit reference agency and we will keep an electronic copy.
8.3 if you receive a low credit score, we may review our contractual arrangements with you.
8.4 if you provide false or inaccurate information and we suspect fraud, we will record this. If you want to see your credit file, please contact firstname.lastname@example.org.
9. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
9.1 we will only use your personal data where the law allows us to. Most commonly, we will use your personal data in the following circumstances:
9.1.1 for performance of a contract we enter into with you;
9.1.2 for compliance with a legal or regulatory obligation; and
9.1.3 for our legitimate interests (as described in this policy) and your fundamental rights do not override those interests.
10. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
10.1 in addition to the third parties mentioned above, we may disclose your information to the following third parties for legitimate interests:
10.1.1 those that supply us with goods and services;
10.1.2 other professional advisers, barristers, auditors, bankers and insurers;
10.1.3 HM Revenue & Customs, regulators, police and other authorities who may require us to report processing activities in certain circumstances;
10.1.4 IT software providers that host our website and store/maintain data for us; and
10.2 we may disclose personal data to the police, regulatory bodies such as the Solicitors Regulation Authority, legal advisors or similar third parties where we are under a legal or regulatory duty to disclose or share personal data, in order to comply with any contractual or legal obligation, or in order to enforce or apply our website terms and conditions and other agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
10.3 we will not sell personal data to other organisations without your consent.
11. CROSS-BORDER DATA TRANSFERS
12. DATA SECURITY
12.1 where you have a password to access parts of our Site or our portals, you are responsible for keeping this password confidential. Please do not share a password with anyone. We will never ask you to disclose your password to us.
12.2 the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk.
12.3 information you provide to us is shared on our secure servers. We have appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. We also limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.
13. ACCESS TO, UPDATING, DELETING AND RESTRICTING USE OF PERSONAL DATA
13.1 it is important that the personal data we hold about you is accurate. Please inform us immediately if the personal data we hold about you changes.
13.2 subject to section 13.4, data protection legislation gives you the right to object to the processing of your personal data in certain circumstances or withdraw your consent to the processing of your personal data where this has been provided. You also have the right to access information held about you and for this to be provided in an intelligible form. If you would like a copy of some or all of your personal information, please email email@example.com. In certain circumstances we may charge a reasonable fee to comply with your request.
13.3 you can also ask us to:
13.3.1 update or amend your personal data;
13.3.2 remove your personal data from our database;
13.3.3 send you copies of your personal data in a commonly used format and transfer your information to another entity; or
13.3.4 restrict the use of your personal data.
13.4 we may request information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Data protection legislation may allow or require us to refuse access to some or all the personal data that we hold about you or to refuse requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will tell you why, subject to any legal or regulatory restrictions.
13.5 please send any requests relating to the above to firstname.lastname@example.org specifying your name and what you would like us to do.
14. RIGHT TO WITHDRAW CONSENT
Where you have given consent to the collection, processing and transfer of your personal data, you can withdraw this in certain circumstances. To withdraw your consent, if applicable, please contact us at email@example.com.
We may update this policy at any time and any changes will be posted on our Site. Please check periodically for any updates. If we would like to use your personal data for purposes other than those we notified you about at the time of collection, we will notify you and, where required, seek your consent before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulations.
16. CONTACT US
Our Data Protection Lead oversees compliance with this policy. If you wish to contact us about this policy, please email firstname.lastname@example.org. This is in addition to your right to contact the Information Commissioners Office if you are not satisfied with our response to any issues you raise at https://ico.org.uk/global/contact-us/
Last updated: April 2018.