Data Protection Privacy Notice
G M Wilson Solicitors Limited are committed to protecting and keeping confidential all information you provide to us, subject to certain legal responsibilities set out below.
We ask that you read this Privacy Notice carefully as it contains important information about this practice, how and why we collect, store, use and share personal information (data), your rights in relation to your personal information, and how to make contact us if you have a complaint.
About this practice
G M Wilson Solicitors Limited is a solicitors practice registered in England and Wales, authorised and regulated by the Solicitors Regulation Authority with SRA Number 596267. The Registered Office is at 1 Crown Court, Wakefield, WF1 2SU. This practice collects, uses and is responsible for certain personal information about you. When it does so, it is also regulated under the General Data Protection Regulations (GDPR), by the Information Commissioner and is responsible as a controller of that personal information.
Your personal information and how we use it
In the course of your legal matter we collect the following personal information when you provide it to us:
- Name, address, date of birth, contact information (telephone and email where appropriate), National Insurance number (where appropriate)
- Identity information and documentation
- Additional information in relation to your legal matter to enable us to advise you and progress your case. This will be depend on the type of legal work that you instruct the practice to undertake.
We use your personal information primarily to enable us to provide you with a legal service in accordance with your instructions. We also use your personal information for related purposes including, identity verification, administration of files, updating existing records if you have instructed the practice previously, business analysis to help improve the management of the practice, for statutory returns and legal and regulatory compliance. The information will be held in hard copy and/or electronic format.
You are responsible for ensuring the accuracy of all the personal data you supply to us, and we will not be held liable for any errors unless you have advised us previously of any changes in your personal data.
We will only take instructions from you or someone you authorise in writing.
When you are acting as an agent or trustee, you agree to advise your principal or the beneficiary of the trust that their personal information will be dealt with on these terms.
If we are working on your matter in conjunction with other professionals who are advising you, including experts, barristers, banks, building societies, mortgage lenders, property agents etc, we will assume, unless you notify us otherwise, that we may share and disclose relevant personal data and information about your matter to them, if we feel it is appropriate and necessary.
On occasions we ask other trusted companies to provide typing, costing, photocopying or other support work on our files to ensure that this work can be done promptly. We will always obtain a confidentiality agreement with these outsourced providers to ensure that they keep the information sent to them securely and confidentially. All routine typing, costing and photocopying is undertaken in house.
We use a private, secure, server based and cloud computing service to assist us processing and protecting your information and keeping it secure from the risks of fraud and cyber crime. All IT providers we use are subject to strict confidentiality agreements with this practice and we will ensure that they meet GDPR obligations in relation to the service they provide to us. All of the personal information you provide to us is kept in the UK; we will not transfer any of your personal data to another country outside the UK unless you specifically instruct us to do so.
There may be occasions when we are under a legal duty to share personal information with law enforcement or other authorities, including the Solicitors Regulation Authority, Legal Ombudsman or Information Commissioner. If we are required to disclose information to the National Crime Agency, we may not be able to tell you that a disclosure has been made. We may have to stop working for you for a period of time and may not be able to tell you why. We cannot be held liable for any loss you suffer due to delay or our failure to provide information in these circumstances. Occasionally some of our client files may be audited strictly confidentially by external auditors, consultants or examiners to ensure we meet our legal, quality and financial management standards. We may also disclose information to H M Land Registry, H M Revenue and Customs and other government agencies. Some information may be disclosed to our professional indemnity insurers and to our financial auditors, if required.
We will not share your personal information with any other third party and will not issue any publicity material or information to the media about our relationship and the work we are doing for you without your explicit consent.
How long your personal data will be kept
- We will hold your personal data including your name, address and contact details plus your file of papers for a period of time, depending on the nature of your case. We may also hold original documents such as Wills or Deeds per your instructions, or until such documents are required by you, or persons properly authorised to retrieve them on your behalf, such as Executors or Trustees. We will confirm this to you at the end of your case. After this period of time, your file of papers including the electronic file, will be destroyed confidentially, without reference to you, unless we contact you to confirm other arrangements or you contact us to request your file of papers at an earlier date. Further details of our file storage and destruction arrangements are provided in the terms of business and closing letter.
- In order to meet our regulatory requirements, we may be required to retain basic information about you to include your name, address and date of birth on our electronic database for a longer period of time
Why we collect and use your personal information
We intend to rely on the following lawful bases to collect and use your personal or sensitive personal data:
- Your consent
- Contractual obligations
- Legal obligations
- Public task
- Legitimate interests
Marketing our services
Information about the practice and current articles which may be of interest to you are available on our website.
We would like to keep in touch with you after we have concluded your matter(s) and let you know periodically about any changes that may affect our business relationship or services we have provided, information that we think may be of specific interest to you or to tell you about events or developments in the practice. We may also hold documents or receive information for you, where we may need to contact you in the future.
We will only do this where we feel it would be of benefit to you, or where we need to update you in relation to our terms of business or information about our practice.
We may rely on legitimate interest to contact you in this way as you have engaged us to provide services and/or we have an ongoing business relationship with you. You may inform us at any time if you do not want future contact from us in relation to promotional material, news, articles etc, however please be aware this may prevent us from advising you of any changes that may be relevant to our engagement, or ongoing business relationship to you. We may use third party software and services to assist us in relation to the processing of our marketing communications, but we will ensure we have confidentiality
agreements in place and will never disclose your information to third parties for them to use for their own marketing purposes.
About your rights
It is important that the information we hold about you is accurate and up to date. Please keep us informed if there are changes to the personal information we hold about you.
By law you have the right to:
- Request access to your personal data, which is referred to as a “data subject access request”. This allows you to receive a copy of the personal data we hold about you and check we are processing it lawfully
- Request the correction of personal data we hold about you. This enables you to correct any incomplete or inaccurate information we hold about you
- Request erasure of your personal data. This enables you to remove or erase your personal data where there is no good reason for us continuing to process it.
- Object to processing your personal data (where we rely on legitimate interest or those of a third party) and there is a particular reason regarding your situation for you to object. Where we process your personal data for direct marketing, you also have a right to object.
- Request a restriction of processing your personal data. This enables you to request a suspension in processing your personal data.
- Request the transfer of your personal information to another party.
If you wish to inform us of any changes, object, withdraw consent for us processing your personal data or access the information we hold about you, please contact James Marris. Please note in some cases we may not be able to delete, correct, restrict or grant an objection to processing your personal data if we have a legal obligation, legitimate interest or contractual reason to process it. If we refuse such a request, we will advise you, together with your right of appeal.
If you are requesting access to personal information, please also let us have sufficient information to identity you (including proof of your identity and address – e.g. a copy of your passport, driving licence and a recent utility bill or bank or credit card statement). You should also let us know the information to which your request relates, including any matter or reference numbers if you have them. This request is free of charge unless the request is manifestly unfounded or excessive.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business reason to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want to protect your information, computers and devices against fraud, identity theft, viruses and other online issues, please visit www.getsafeonline.org for further details.
Making a complaint
We hope that we can resolve any query or concern your raise about our use of your information.
The GDPR also gives you right to lodge a complaint with the Information Commissioner, who is the supervisory authority for data protection in the UK. They may be contacted at www.ico.org.uk or telephone 0303 123 1113.
Changes to this Data Protection Privacy Notice
We may change this notice from time to time. When we do, we will inform you via our website or by a direct communication with you (if there is a substantial change).
Please contact James Marris if you have any questions about this notice or the information we hold about you.
If you wish to contact us, please send a letter marked for the attention of James Marris, Compliance Officer for Legal Practice, G M Wilson Solicitors Limited, 1 Crown Court, Wakefield, WF1 2SU or call us on 01924 291111.
If you would like this notice in a different format please let us know.