Ashtons Legal is a partnership which is authorised and regulated by the Solicitors Regulation Authority (recognised body number 45826). All references to ‘us’ or ‘we’ throughout this statement are to Ashtons Legal.
What information we hold about you
During the course of our business it is necessary for us to process personal information about a range of individuals. We take the protection of this personal information seriously and this statement sets out a summary of how we use this information. Please contact us using the details below if you have any questions on this statement or the way in which we use your personal information. We may change this policy from time to time and will take reasonable steps to draw this to your attention including publishing it on our website.
Information about our clients
We collect personal information from our clients and those making enquiries with Ashtons Legal to the extent necessary to provide our services to you. In addition to information that you may provide directly to us, we may receive information about you from professionals engaged by you, other parties involved in the legal matter, people connected to you and public sources.
We will need to obtain certain identification information from you in order to act for you. In order to verify this information we may undertake checks with third parties which may include providing them with information that you have given to us. If you do not provide this information we may be unable to act for you.
Information about those who want to work with us We will collect personal information that you provide to us as part of any application that you make to work with us. We may also receive information about you from third parties such as recruitment consultants, referees and public sources.
We will hold your contact details and other information that you provide to us in relation to any enquiry that you make with us or if you ask to be added to any of our mailing lists. You can always opt out of receiving further marketing communications from us by contacting us at any time using the contact details below or the unsubscribe instructions in our emails.
Information about others
We may collect personal information from you and others in the course of providing services to our clients. You may be another party in a legal matter on which we are advising our client, or an employee, director, partner, trustee, attorney, beneficiary, witness or other person connected to our client or the legal matter on which we are advising. In addition to information that you may provide directly to us, we may receive information about you from a variety of sources including our client, others involved in the legal matter and public sources.
How we use your information
We may use your information in the following ways:
- Where it is necessary to perform our contract with you
- Where it is required by law including our obligations under the Solicitors Regulation Authority Code of Conduct, anti-money laundering and criminal financing legislation, court rules and other laws that apply to us from time to time
- Where you have provided consent, provided that you can withdraw this consent at any time
- Where it is necessary for our legitimate interests as a business including:
– Providing services to our clients
– Undertaking conflict checks
– Improving and developing our services
– The administration of our business
– Promoting our business.
– Establishing, exercising or defending our legal rights.
Special categories of personal data
We may need to use information revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, or information about your health, sex life or sexual orientation.
We will only use this kind of information in the following ways, where:
- We have your explicit consent
- It is necessary for us to use this information to protect your vital interests or those of another person where it is not possible to obtain consent
- It is necessary for us to do so in connection with the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
- In exceptional circumstances, another of the grounds specified in law for processing special categories of personal data are met. Who we may share your information with
We may disclose your information to others where necessary for the following purposes:
- To our infrastructure and service providers for them to provide these services to us
- To our regulatory bodies and external auditors
- With our client and others as necessary to progress a matter that we are advising on including insurers, counsel, experts, other professional advisers, courts and other parties involved in the legal matter or connected to our client
- To a third party as part of a sale of some or all of our business
- To law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or as otherwise required by law.
How we keep information secure
We will use appropriate technical and organisational measures to safeguard your personal data, for example we store your personal data on secure servers and access to your personal data is limited to approved staff.
Your information is stored by us at physical locations and on computer servers based in the UK, but some of our third party service providers may process your data outside of the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- The countries we transfer your personal data to have been deemed to provide an adequate level of protection for personal data by the European Commission
- We use contractual clauses approved by the European Commission which give personal data similar protection to that which it has in the EEA
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data that applies within the EEA.
How long we keep your information
We do not keep personal information for longer than we need it and maintain a detailed retention policy recording the periods of time categories of information are retained taking into account the reasons that we hold the data and our legal and regulatory obligations. Generally personal information held in relation to a legal matter on which we are advising will be retained for a minimum period of 7 years.
You have rights under data protection laws, in certain circumstances, including to:
- Request access to personal information that we may process about you
- Require us to correct any inaccuracies in your information free of charge
- To require us to erase personal data that we may process about you.
If you wish to exercise any of these rights, you should put your request in writing and provide us with enough information to identify you. If we need further information we will let you know.
If you have any concerns or questions as to the way in which we process your information please do contact us. In addition you have a right to bring a complaint with the Information Commissioner’s Office. More information on the Information Commissioner’s Office and your rights is available at www.ico.org.uk.
For any questions on this statement or the way that we handle your personal information please contact:
- The Data Protection Officer, Ashtons Legal, Trafalgar House, Meridian Way, Norwich NR7 0TA
- Email firstname.lastname@example.org or call 0330 404777.