Privacy Notice

Introduction

This Notice is provided for clients, visitors to our website, and suppliers. It explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to third parties, and how we keep it secure.

Clients of the firm should read this Notice alongside our general terms of business which provide further information in respect of confidentiality and data privacy.

This Notice also explains your rights under the General Data Protection Regulation (GDPR) and how to exercise them.

Please note this Notice does not apply to any websites that may have a link to ours.

Who we are

North Ainley Solicitors is what is known as a Data Controller. We will collect process and store personal information you provide to us.

The firm is a partnership authorised and regulated by the Solicitors Regulation Authority under No. 00058840

Our address is 34/36 Clegg Street, Oldham, OL1 1PS. Our main reception telephone number is 0161-624-5614.

Our Data Privacy Manager is Geoffrey Lamb who can be contacted by e-mail – [email protected]

Personal Data

Personal data is any data from which you can be identified as the subject, this can be general information that you supply about yourself, such as your name, address, gender, date of birth, contact details (including telephone numbers and e-mail addresses). In the majority of cases personal data will be restricted to basic information and information needed to complete ID checks. However, some of the work we may do require us to ask for more sensitive information.

Sources of Information

We may obtain information about you from a number of sources including :-

The information you volunteer about yourself
The information you may provide relating to someone else, if you have the authority to do so
Information that may be passed to us by third parties to enable us to undertake legal work on your behalf. Third parties can include banks or building societies, organisations that have referred work to us, medical or financial institutions who provide your personal records and information

Why we need your personal data

The reason why we ask you to provide us with your personal data is to enable us to comply with your instructions which would usually be to represent you and undertake legal work on your behalf.

We may use your information for :-

  • Communicating with you
  • Verifying your identity
  • Verifying source of funds
  • Establishing funding of your matter
  • Obtaining Insurance Policies on your behalf e.g after-the-event legal expenses Policies, defective title Policies etc
  • Processing your legal transaction which will include providing you with advice, carrying out litigation on your behalf, attending Court hearings for you, preparing documents to undertake transactions
  • Keeping a financial record of your transactions
  • Obtaining advice from third parties such as Barristers and experts e.g medical experts
  • Responding to any allegation of negligence or any complaint against the firm

Who has access to your personal data

The firm operates a data protection regime to oversee the effective and secure processing of your personal data.

We will not sell pass on or share your information to third parties for marketing purposes.

Usually we will only use your information within the firm but there may be circumstances, in the process of carrying out your legal work, where we need to disclose some information to third parties for example :-

  • The Land Registry to register a property
  • HMRC e.g for Stamp Duty liability or inheritance tax
  • A Court or a Tribunal
  • Solicitors acting for an opponent or on the other side of a property transaction
  • Arranging for an independent Barrister for advice or to represent you at a Court or Tribunal
  • Non-legal Experts where necessary for advice or assistance
  • Translation Agencies
  • Suppliers who have a contractual relationship with us
  • External Auditors or Regulators such as the Solicitors Regulation Authority or Legal Ombudsman
  • Bank or Building Society or other financial institutions
  • Insurance Companies
  • Providers of identity verification
  • Any disclosure required by law or regulation in order, for example, to prevent financial crime and terrorism
  • In the event of there being an emergency and we consider you or others are at risk

In the event of information being shared with third parties we ensure that they comply, strictly and confidentially, with our instructions and do not use your personal information for their own purposes (save where you have explicitly consented to them doing so).

There may arise other situations where we need to use your personal data. In that event we will contact you separately to ask for your specific consent which you will be free to withdraw at any time.

How do we protect your personal data

We take all reasonable precautions necessary to protect your information whilst we hold it. We have security measures in place in order to protect personally identifiable data from loss, misuse, alteration or destruction. We adopt a high level of confidentiality obligations both within the firm and with third parties. We ensure that all personal data is handled and processed in line with our Confidentiality and Data Protection Policies.

We make use of computer safeguards such as firewalls and we enforce, to the best of our ability, physical access controls to our buildings and files in order to keep your data safe.

How long will we keep the data for

Your personal information will be retained, usually in our computer client databases, computer or paper files, only for as long as necessary to fulfil the purposes for which the information was collected, or as required by law, or as long as is set out in any relevant contract we may have with you.

The following are examples :-

  • We will keep your personal information for a minimum of 7 years from the conclusion or closure of your matter.  This is necessary in case you, or we, need to re-open your case for the purpose of defending complaints or negligence claims against us
  • In some instances we may keep information and matter files for a long-stop date of 16 years.  This will be relevant to some commercial transactions including purchases and sales of Freehold and Leasehold property, matrimonial matters (Financial Orders or Maintenance Agreements etc)
  • In some Probate matters where there is a surviving spouse or civil partner we may retain information until the survivor has died so that we can deal with any transferable inheritance tax allowance in accordance with your instructions
  • Wills and Lasting Powers of Attorney and related documents may be kept indefinitely
  • We may also retain Deeds in relation to property not registered at the Land Registry indefinitely as they are the only evidence of ownership

In personal injury matters which involve lifetime awards or personal injury Trusts the information may be kept indefinitely

Your individual rights

Under GDPR you have the following rights :-

  • The right to be informed about the collection and use of personal data.

This is a key requirement under GDPR and the purpose of this Privacy Notice to provide you with the information to which you are entitled.

  • The right to access personal data.

This right allows you to be aware of and to verify that we are processing your data in a lawful, fair, and transparent manner.

If you wish to make a request, please do so in writing addressed to our Data Privacy Manager, Geoffrey Lamb or alternatively contact the person dealing with your matter.

The information must be provided free of charge. However, when a request is manifestly unfounded or excessive, we can charge a reasonable fee based upon the administrative cost of providing the information.

A request to access your personal data means that you are entitled to a copy of the data we hold in respect of you, such as your name, address, contact details, date of birth, information regarding your health (where relevant) but it does not mean that you are entitled to the documents that contain this data.

  • The right to have inaccurate personal data rectified or completed, if it is incomplete.

Any request should be made verbally or in writing to the Data Privacy Manager or the person dealing with your case. If we have disclosed personal data to third parties, we must inform those third parties of any rectification you ask us to make.

  • The right to have personal data erased (otherwise known as the right to be forgotten).

This right is not absolute. It does not apply if processing of your data is necessary for one of the following reasons :-

  • To exercise the right of freedom of expression and information
  • To comply with a legal obligation
  • For the performance of a task carried out in the public interest or in exercise of official authority
  • For archiving purposes in the public interest, scientific research or statistical purposes
  • For the establishment, exercise or defence of any legal claims
  • The right to request the restriction or suppression of personal data.
  • When processing is restricted, we can store your data but not use it.

However the right only applies in the following circumstances :-

  • Where you contest the accuracy of the personal data. In that circumstance we will restrict the processing until we have verified the accuracy of the data
  • Where you object to the processing in circumstances where it is necessary for the performance of a public interest or purpose of legitimate interests, and we are considering whether our firm’s legitimate grounds override your right
  • Where processing is unlawful and you request a restriction
  • If we no longer need the personal data but you require the data to establish, exercise or defend a legal claim
  • The right to data portability.

This right allows you to obtain and re-use your personal data for your own purposes across different services.

  • The right to object.

You have the right to object to (1) processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (2) direct marketing and (3) processing for the purposes of scientific/historical research and statistics.

There are no exemptions or grounds for us to refuse your request to stop processing personal data for direct marketing purposes. Your right in this regard is absolute.

You must have an objection to processing on grounds relating to your particular situation. We must stop processing your personal data unless (a) we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or (b) the processing is for the establishment, exercise or defence of legal claims.

Automated decision making and profiling

Under GDPR there are rights related to automated decision making i.e making a decision solely by automated means without any human involvement and also rights related to profiling i.e automated processing of personal data to evaluate certain things about an individual.

This firm does not intend to introduce automated decision making or profiling.

Children

Our services are not aimed specifically at children because children are generally represented by their parent or guardians.  However, if you are a child and require further advice or explanation about how we would use your data, please contact our Data Privacy Manager.

Direct Marketing

We may contact you for the purpose of direct marketing.  This means that we may use your personal data which has been collected in order to communicate with you about latest developments in the law, events (such as seminars) products or services which we consider may be of interest to you.  The direct marketing communications may be provided to you by social media, e-mail or post.  We never pass on or sell your details to a third party.  We will not send you any marketing communications or call you without your specific consent.

We may collect your personal data for marketing purposes if you have submitted an online enquiry to us, followed, liked, subscribed to our social media channels, agreed to complete a questionnaire or survey, asked us a question or submitted any queries or concerns you have via e-mail or via social media, posted information to our website or social media channels, for example, when we invite comments on items or invite you to join discussions, or when you leave a review about us on Google or similar reviews.

Whenever we collect your personal data, you will be provided with the opportunity to opt in to receive marketing communications from us.  We warmly invite you to do this in the hope that you will find our communications useful but, if you choose not to, that is your absolute right and will not have any effect upon accessing our legal services.

We will only ever use non-sensitive personal information to target individuals with marketing.  In other words we will only use your name, address, telephone, e-mail, job description.  We will never use sensitive information or specific details for the purpose of marketing communications.

If having given your explicit consent to receive marketing communications, you no longer wish to receive such communications, you can unsubscribe by e-mailing [email protected] with your name and e-mail address.  Your details will be removed immediately.  Obviously if we are acting for you in a matter at the time, you will still receive transactional e-mails from us regarding your legal case.

Complaints about the use of personal data

If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Privacy Manager who will undertake an investigation.  The Data Privacy Manager for this purpose is Geoffrey Lamb and you can contact him at [email protected]

If you are not satisfied with our response or have reason to believe we are not processing your personal data in accordance with the current law, you can complain to the Information Commissioner’s Office (ICO).

©North Ainley Solicitors of 34/36 Clegg Street, Oldham, OL1 1PS.  The firm is a Partnership authorised and regulated by the Solicitors Regulation Authority under No. 00058840