This notice explains when and why we collect personal information about you; how we use it, when we may pass it on to others and how we keep it safe.
For clients of Nicholas & Co, you should read this notice alongside our terms and conditions of business, which are provided to you at the start of your work. If you are another party to a transaction, for instance, our client is buying a property from you or has a dispute with you that we are dealing with, we may also hold basic data about you relating to that matter.
Our website and services are not aimed at children because in legal work children are usually represented by their parents or guardians. If you are a child and need further advice or explanation about how we would or do use your data, please contact our Practice Manager, Gwen Philippou, email@example.com.
This notice does not apply to any websites that may have a link to ours or any websites belonging to others which we provide links to.
Who we are
We are Data Controllers. Data is collected, processed and stored by Nicholas & Co Solicitors Limited. We also process data provided by or required by others who may also be Data Controllers.
What Data do we collect?
The information we will request from you will depend on the work we are doing for you. This notice is intended for clients and prospective clients only. If you are another party to a matter we are dealing with, we suggest you first contact your own solicitor to check what information they have provided to us, but your rights in relation to your data remain the same.
In many cases personal data will be restricted to basic information, such as name, address, gender, contact details and information needed to complete ID checks but some of the work we do may require us to ask for more sensitive information.
Our website does record the IP address of people submitting client survey forms, but this is not tracked or analysed, it is only collected to show that responses are not all from the same person.
Sources of information
Information about you may be obtained from a number of sources; for instance
- You may give us information about yourself
- You may provide information relating to someone else - if you have the authority to do so
- Information may be passed to us by others in order that we can undertake your legal work on your behalf. These are most often:
- Banks or building societies
- Other law firms
- Search providers and identity checking providers
Why we need it
The primary reason for asking you to provide us with your personal data, is to allow us to carry out your requests - which will ordinarily be to represent you and carry out your legal work.
The following are some examples of how will use your information:
- Checking your identity
- Verifying source of funds
- Communicating with you
- To establish funding of your matter or transaction
- Obtaining insurance policies on your behalf
- Processing your legal transaction including:
- Providing you with advice; carrying out litigation on your behalf; attending hearings on your behalf; preparing documents or to complete transactions
- Keeping financial records of your transactions and the transactions we make on your behalf
- Seeking advice from third parties; such as legal and non-legal experts
- Responding to any complaint or allegation of negligence against us
Who has access to it
We have procedures to ensure secure processing of your personal data. We will not sell or rent your information. We will not share your information for marketing purposes.
Generally, we will only use your information within Nicholas & Co. However, there may be circumstances, in carrying out your legal work, where we may need to disclose some information to others; for example:
- HM Land Registry to register a property
- HM Revenue & Customs; e.g. for Stamp Duty Liability
- Court or Tribunal
- Solicitors acting on the other side
- Asking an independent legal specialist (such as a barrister) for advice; or to represent you
- Non-legal experts to obtain advice or assistance
- Translation Agencies
- Contracted Suppliers of support services such as IT, archiving or transcription, accountants
- External auditors or our Regulator; e.g. Law Society, SRA, ICO etc.
- Bank or Building Society; or other financial institutions
- Insurance Companies
- Providers of identity verification
- Any disclosure required by law or regulation; such as the prevention of financial crime and terrorism
- If there is an emergency and we think you or others are at risk
Where your information is shared with these external parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.
There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent which you are free to withdraw at any time.
Protecting your data
We recognise that your information is valuable and we take all reasonable measures to protect it.
We use technology to protect personally identifiable data from loss, misuse, alteration or destruction and ensure that, where possible, physical access to our buildings is carefully controlled. We also insist that contractors and staff agree to protect confidentiality of all information.
Keeping your data
Your personal information will be retained, usually in computer or paper files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us. We will then keep it for an additional period as described below. We rely on our insurers to guide us in the appropriate length of time to keep your information.
As a guide we will keep it for a minimum of 7 years from the closure of your legal work, in case you, or we, need to reopen the case or to defend complaints or claims against us. This will apply even if you do not proceed with your matter to a conclusion.
Certain types of matters may be kept for longer periods and some, such as those involving trusts, wills, or deeds to unregistered property may be kept indefinitely.
If you wish to know how long your matter will be stored for please ask your solicitor.
You are entitled to request a copy of your personal data (otherwise known as a Subject Access Request). If you wish to make a request, please do so in writing addressed to Nick Nicholas, Director; or contact the person dealing with your matter.
A request for access to your personal data means you are entitled to a copy of the data we hold on you - such as your name, address, contact details, date of birth, information regarding your health etc.
If the information we hold about you is wrong or misleading you can ask us to change it.
Complaints about the use of personal data
If you wish to complain about how we have handled your personal data, you can contact our Data Protection Officer, Nick Nicholas. You can contact him at firstname.lastname@example.org.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner's Office (ICO). https://ico.org.uk/concerns/
We may contact you in relation to services we have supplied to you, for instance, if we have held your will for some time we may check if you wish to update it or have it returned to you. We may also occasionally invite you to social or educational activities run by the firm but not with the intention of selling or promoting specific services. We do not use direct marketing methods and will never pass on or sell your details to a third party.
If this changes we will update this notice and ask for your permission to send you marketing information.
The following are examples of how we may use your non-sensitive personal information for our legitimate business interests:
- fraud prevention
- network and information systems security
- improving our services
- identifying usage trends
- providing non-identifiable statistical information to regulatory bodies, mortgage lenders or our insurers
Any questions regarding this notice and our privacy practices should be sent by email to email@example.com.