PRIVACY POLICY
This privacy policy explains how we collect and process your personal data/information which means any information about an individual from which that person can be identified.
On 25 May 2018 the law in relation to data protection changes with the introduction of the General Data Protection Regulation.
Save as set out below, we will use all personal data/information that is supplied to us as a data processor for the purpose of providing legal services. This firm’s registrable particulars under section 16 of the Data Protection Act 1998 are as follows:
Goward Property Law LLP
75 King William St
London
EC4N 7BEOur nominated representative for the purposes of the Data Protection Act 1998 is Paul Goward at the same address.
(1) What information do we collect?
Data you give to us:
Data you give to us when you become a client of the firm and use our services, when you talk to us on the phone or in person, or in emails or letters to us, when you use our website or when you provide us with feedback. And any other information that you choose to send to us
Data we collect when you use our services:
This includes payment and transaction data and data we gather from the devices you use to connect to our services such as computers and mobile phones, using cookies and other internet tracking software.
Data from third parties we work with:
This includes data from companies and individuals that introduce you to us, public information sources (such as Companies House),Agents working on our behalf, Government and law enforcement agencies, Professional intermediaries including accountants, corporate finance advisers, other lawyers, property agents, planning consultants, and banks.
(2) Using your personal data
Any personal data we receive for the purposes of our money laundering checks will be:
processed only for the purposes of preventing money laundering and terrorist financing or as otherwise permitted by law or with the consent of the person to whom the data belongs. By instructing us in accordance with our terms of business you will be consenting to us using your personal data for the purposes set out below.
We may use or share your personal information/data for the following purposes:
to provide legal services;
to comply with legal and regulatory requirements;
to carry out credit checks, to detect, investigate and prevent fraud and to trace debtors;
to update and enhance client records;
for internal analysis and research;
if Goward Property Law LLP or substantially all of its assets are acquired by a third party the personal data held by it about its clients will be one of the transferred assets;
to send by email or other permitted means (such as post or phone) publications, event information and marketing communications about our legal products and services which we think may be of interest to you or your employees. You and your employees can tell us at any time if you/they would prefer not to receive such information; and
to help detect, prevent or deal with criminal behaviour.
We may disclose personal information to:
our agents and service providers (some of which are located outside the European Union) for any of the purposes set out above;
credit reference agencies, the police, Government departments and agencies for the purposes set out above; and any person for the purposes set out above.
(3)Transferring your personal information outside the EEA
The EEA is the European Economic Area, which consists of the EU Members States, Iceland, Liechtenstein and Norway. If we transfer your personal information outside the EEA we have to tell you.
We will only send your data outside the EEA to:
follow your instructions to us to do so
comply with a legal duty
work with our agents and advisers who we use to help provide our services to you
(4) Security of your personal data
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure servers.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping your password and user details confidential. We will not ask you for your password.
(5) Policy amendments
We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.
We may also notify you of changes to our privacy policy by email.
(6) Keeping your personal information
We will keep your personal information for as long as you are our client.
After you stop being a client, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for one or more of the following reasons:
To respond to any questions or complaints from you
To maintain our records
To comply with laws and rules applicable to us
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In respect of personal data which we receive and process in order to comply with our legal duties to prevent money laundering and terrorist financing, we are required by law to retain such personal data for a period of five years from the end of the matter we are handling for you or from the date upon which you cease to be our client. In most cases we will retain the personal data in accordance with our file retention policy of six years from the date of the file being archived but we may do so for longer if necessary.
Where you have asked us not to send you direct marketing, we keep a record of that fact to ensure we respect your request in future.
(7) Marketing
We may use your personal information to tell you about relevant services.
We can only use your personal information to send you marketing messages if we have either your consent or a legitimate interest to do so.
You can ask us to stop sending you marketing messages at any time – you just need to contact us, or use the opt-out links on any marketing message sent to you.
We will get your express opt-in consent before we share your personal data with any other company for its marketing purposes. You can ask a third party company to stop sending you marketing messages at any time, by adjusting your marketing preferences in relation to that company or by using the opt-out links on any marketing message sent to you.
Where you opt out of receiving marketing messages, this will not apply to personal data provided to us as a result of purchasing our services or any other transaction between you and us.
(8) Your rights
You have certain rights which are set out in the law relating to your personal information. The most important rights are set out below.
Getting a copy of the information we hold
You can ask us for a copy of the personal information which we hold about you, by contacting us using the details set out above. This is known as a data subject access request.
You will not have to pay a fee to access your personal data, unless we believe that your request is clearly unfounded, repetitive or excessive. In such circumstances we can charge a reasonable fee or refuse to comply with your request.
We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month and in that case we will notify you and keep you updated.
Telling us if information we hold is incorrect
You have the right to question any information we hold about you that you think is wrong or incomplete. Please contact us using the details set out in section 1 above if you want to do this and we will take reasonable steps to check its accuracy and, if necessary, correct it.
Telling us if you want us to stop using your personal information
You have the right to:
object to our use of your personal information (known as the right to object); or
ask us to delete the personal information (known as the right to erasure); or
request the restriction of processing; or
ask us to stop using it if there is no need for us to use it (known as the right to be forgotten).
There may be legal reasons why we need to keep or use your data, which we will tell you if you exercise one of the above rights.
Withdrawing consent
You can withdraw your consent to us using your personal information at any time. Please contact us using the details set out in section 1 above if you want to withdraw your consent. If you withdraw your consent, we may not be able to provide you with certain products or services.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
Request a transfer of data
You may ask us to transfer your personal information to a third party. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
(9) Making a complaint
Please let us know if you are unhappy with how we have used your personal information by contacting us using the details set out above.
You also have a right to complain to the Information Commissioner’s Office. You can find their contact details at www.ico.org.uk. We would be grateful for the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.