As our client, we will collect data about you in connection with the service we provide to you, in the following ways:
- From your interactions with us either by way of telephone, email, letters or personal meetings; and
- From third parties involved in your matter.
We take all reasonable precautions to keep your personal information secure, including safeguards against unauthorised access, use or data loss.
How the Law Protects You
Data protection law says that we are allowed to use personal information only if we have a proper reason to do so, and those proper reasons are as follows:
- To fulfil a contract we have with you.
- To protect your interests (i.e. to check conflict)
- When it is our legal duty.
- When it is in our legitimate interest.
- When you consent to it.
- When it is necessary to carry out a task due to public interest or obligation set by an Official Authority who has control over us.
In our role as your legal adviser, we are therefore permitted to use your data in order to fulfil our contract, or our engagement, with you.
How We Use Your Personal Data
The main ways in which we may use your personal data are as follows:
- To create your matter on our case management system.
- To meet our regulatory duties in respect of ID verification.
- To help us prevent and detect fraud, money laundering and other financial crimes.
- To draft and/or approve any legal documentation required in the transaction on which we are instructed.
- To progress your matter on which we are engaged.
Sharing Your Personal Information
We may share your personal information with third parties in order to progress your matter, depending on the type of matter. Some examples (the list is not exhaustive), are as follows: other solicitors, the Court, Counsel, HMRC, Land Registry, the Office of the Public Guardian, the Court of Protection.
Retaining Your Personal Information
We will retain your personal information for as long as it is necessary for the purposes outlined above. Typically we will retain your data for a minimum of seven years to fulfil our purposes, to comply with legal and regulatory requirements, or for any legal claims.
We will maintain the security and protection of the information we hold.
Your Data Subject Rights
- To request access to a copy of the personal information we hold about you (we can refuse to provide information where to do so may reveal another person’s personal data or would otherwise negatively impact on another person’s rights – unlikely in a conveyancing transaction scenario).
- To object to us using your personal data for automated decision making or for marketing analysis, or for profiling (we do not currently carry out these operations and have no plans to do so).
- To request a copy of your data, so long as was processed electronically – this is called Data Portability.
- To request that your data is deleted (known as the Right to be Forgotten); where it is no longer required for a legitimate business need, legal or regulatory obligations or the purposes it was collected for.
- Amend or correct your information – if you believe the information we hold is inaccurate, incorrect or incomplete.
- If you have given us consent to use your personal details for marketing, you will be able to withdraw the consent you granted at any time.
How We Respond to Your Rights
If you would like to exercise any of the above rights, please send a letter or an email, marked “Data Request” for the attention of our “Data Protection Manager”, to either our Redruth office or We may need to verify your identity prior to responding to your request. We will respond to your request within 30 days.
Making a Complaint
If you have any concerns about the use of your personal data, or the way we handle requests relating to rights, please raise a complaint, in the first instance with the fee earner handling your transaction. If you are not happy with the outcome, please request our Complaints Procedure from Reception. If you are then not happy with the way we handle your complaint regarding data use, you are entitled to raise a complaint direct with the UK Information Commissioner’s Office via the details available on their website – www.ico.org.uk