PRIVACY NOTICE AND SUBJECT/ACCESS RIGHTS
Kerseys Solicitors LLP take your privacy very seriously. We ensure that we fully comply with General Data Protection Regulation UK(GDPR).
Your personal data will be controlled by Kerseys Solicitors LLP.
What personal information do we collect?
When you contract with us to provide legal services, we collect and use the personal information which is necessary to provide those legal services and take you on as a client. This information may include:
- Identity and Contact Data, which may include your name, address, telephone number, date of birth, marital status, passport number, employment history, educational or professional background, tax status, employee number, job title and function, and other personal data concerning your preferences relevant to our services;
- Financial and Payment Data, which may include your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
- Business Information, which may include information provided in the course of the contractual or client relationship between you or your organisation and Kerseys Solicitors, or otherwise voluntarily provided by you or your organisation;
- Information relevant to our legal advice, which may include personal data relevant to any dispute, grievance, investigation, arbitration, or other legal advice we have been asked to provide to our client;
- Profile and Usage Data, which may include passwords to Kerseys Solicitors’ website or password protected platforms or services, your preferences in receiving marketing information from us, your communication preferences and information about how you use our websites(s), including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs);
- Technical Data, which may include information collected during your visits to our website, the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform;
- When we use analytic cookies, Profile and Usage Data and Technical Data (as defined above) are collected and used;
- Physical Access Data, relating to details of your visits to our premises;
- Sensitive personal data: In the course of our client services, we may represent you and/or your organisation in legal matters that require us to collect and use sensitive personal information relating to you (that is, information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life and sexual orientation or details of criminal offences, or genetic or biometric data).
How do we obtain data about you?
- Where you provide it to us directly, for example by email, or in meetings, etc;
- Where we monitor use of, or interactions with, our website;
- From third party sources, for example, where we collect information about you to assist with our checks as part of our client acceptance procedures; or
- From publicly available sources.
How we use your personal data
We will only use your personal data where we are permitted to do so by applicable law.
The legal grounds we use to process your personal data are:
- To perform our contract with you.
- Where we need to use your information to comply with our legal obligations.
- Where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights
- Where your information is necessary for us to defend, prosecute or make a claim against you, us or a third party.
- Consent: where you have consented to our use of your information (you will have been given a consent form or some other means of expressing your consent and may withdraw your consent at any time through an unsubscribe or similar means).
Who we share your information with
We may disclose your personal information:
- to any competent law enforcement body, regulator, government agency or any other third party, where disclosure is necessary as a matter of law, to exercise of defend our legal rights or to protect your vital interests of those of another person; or
- to a person where you have given us your consent to disclose your information.
You indicate your consent by filling in and submitting any of our online forms, including but not limited to contact forms, Live Chat, Chat Bots, Google forms, and then ticking the box stating that you agree to our terms and conditions, any personal information that you send to us such as your name and email address indicate that you agree to and are opting in to receive our marketing material.
Where we rely on consent, we will always ask you to opt in to receipt of material from us. You can opt out of this at any time by selecting unsubscribe at the bottom of any marketing emails that you receive from us. You can also opt out at any point between times by contacting our Data Protection Officer or the point of contact at Kerseys with whom you normally deal.
Use of analytics and cookies
We may use aggregate anonymised information and statistics for the purposes of monitoring website usage and to help us develop our website and services. We use the analysis, for example, to determine which pages on our website are the most popular. We use Google Analytics ‘cookies’ for this purpose (see also our Cookies Policy on our website). You can set your browser to turn off cookies, but this will reduce the functionality available on our website. We also make this information available to our website maintenance company. These statistics contain no information that can be used to identify you.
How long we will retain your personal data
We will only keep your personal data for as long as is necessary to fulfil the purposes for which it has been collected and any other permitted linked purpose. This includes our legal, accounting and reporting requirements.
We have a file retention policy, details of which are available on request. We retain electronic personal data in order to assist current and previous clients with the retrieval of information held by us, deal with any conflicts of interest, and deal with any complaints and claims or regulatory issues.
Our Data Protection Officer (DPO)
Our Data Protection Officer is Kimat Singh who can be contacted by email on [email protected]
You have the following legal rights:
- a) Right of access to any personal data we hold. You may request, by letter or email:
details of any of your personal data held by us
b. the purpose of our processing your personal data
c. the persons or entities with whom we share your personal data
Our DPO will normally respond within one month of receiving the request. This period may be extended for a further two months for complex or numerous requests and in that event, we will inform you of the extension and reason for the delay. If a request (including under any other right set out below) is unfounded or excessive we are entitled to charge a fee or refuse to comply, but the onus of proof in on us to justify this.
- b) Right to rectification of any inaccurate personal data held by us.
- c) Right to erasure of personal data where it is no longer required for the purpose retained or where consent is withdrawn and there is no other legal basis for processing, except where processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.
- d) Right to restriction on processing where you contest the accuracy, feel that the process is unlawful or where you need the data now only for establishing, exercising or defending legal claims, except where you we ourselves need to establish, exercise or defend legal claims or protect another person’s legal rights.
- e) Right to data portability i.e., to request that your personal data be transferred to another service provider where the processing of data is necessary for the performance of a contract or processed on the basis of your consent.
- f) Right to object to the processing of your personal data and to ask us to block, erase and restrict your personal data.
Where your personal data has been shared with third parties, we must inform the recipients of any rectification or restriction of such personal data unless doing so proves impossible or would involve disproportionate effort.
You also have the right to complain to the Information Commissioner’s Office (ICO) Telephone 0303 123 1113 https://www.ico.org.gov.uk should we not deal correctly with any requests under the above rights, or you have any complaint about our processing of your personal data.
We regularly review this Privacy Notice and will post any updates to it on this website.