This notice explains when and why we collect personal information relating to your privacy; how we use it, the conditions under which we may disclose it to others and how we keep it secure.
GDPR and Client Data
Avery Emerson as of 2018, adopted the European Union enactment of the new legislation to protect its client’s personal data following the EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA). The act aligns privacy laws across Europe and increases protection and data privacy rights for our clients.
Since, the firm has interpreted the legislation of the act that came into force in the UK, on 25 May 2018, by way of the firm’s data controller, Mr. Sukhjit Ahluwalia. Avery Emerson Solicitors adopts every precaution necessary to protect client data and implement thorough guidelines of privacy at all costs.
Further, the firm acknowledges its obligations as a data controller and data processor. This is reiterated to our clients within their client care document upon instruction.
What is considered personal data?
Th SRA has set out a definition detailing what is considered personal data and special category data (https://www.sra.org.uk/sra/how-we-work/privacy-notice/). At Avery Emerson, personal data and any information relating to an ‘identified or identifiable natural person’, can include personal data of an individual such as your name, but also identification numbers, online identifiers and/or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Information provided by you:
The information provided by you may relate to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the GDPR).
The information that is provided by you will always be stored with your consent, where possible. If we have to share your data with third parties, your consent will be required prior to the sharing; and it is firm policy that clients are regularly updated and advised on how the firm manages and handles their data. For more information and ease of reference, please do not hesitate to contact us for a confidential chat on 0208 215 0884.
Why we need it?
The primary reason for asking you to provide us with your personal data, is to allow us to first, carry out the relevant compliance checks at the initial meeting to validate your identity. It is then documented at every step of the process; your details are stored to verify yourself as our client and protect your identity as well as your finances.
The following are some examples, although not an exhaustive list, of what we may use your information for:
– Verifying your identity
– Verifying source of funds
– Communicating with you
– To establish funding of your matter or transaction
– Obtaining insurance policies on your behalf
– Processing your legal transaction including:
– Providing you with advice; carrying out litigation on your behalf; attending hearings on your behalf; preparing documents or to complete transactions
– Keeping financial records of your transactions and the transactions we make on your behalf
– Seeking advice from third parties, such as legal and non-legal experts
– Responding to any complaint or allegation of negligence against us
How do we collect information?
You provide us with personal data when you contact us by email, telephone or at the initial consultation at the office, and even through our website. The personal data collected and processed may include your first name, last name, a copy of your identification and contact details, your IP address and information regarding the pages of our website that you have accessed and when. This data is essential for us to provide legal services to you. If we do obtain personal data without your acknowledgement, you will be notified, and you will have the option to delete it.
Avery Emerson Solicitors complies with its obligations under the GDPR:
– By collecting and retaining only data necessary to pursue Avery Emerson’s legitimate business interests.
– By ensuring that appropriate technical measures are in place to protect Personal Data.
– By keeping personal data up to date.
– By storing and destroying data securely.
We adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.
What is the legal basis for processing your personal data?
The legal basis of our holding your personal data is for legitimate business interests.
Your personal data will be treated as strictly confidential. Except for legitimate business interests or to meet health and safety obligations, Avery Emerson Solicitors will aim to not share your personal data with third parties without obtaining your prior consent.
Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on our behalf. You will also be notified of this.
How long do we keep your personal data?
Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us.
As long as necessary to carry out your legal work.
For a minimum of 7 years from the conclusion or closure of your legal work; in case you, or we, need to re-open your case for any reason. For the duration of a trust. Some information or matters may be kept for 16 years – such as commercial transactions, sales of leasehold purchases, matrimonial matters (financial orders or maintenance agreements etc.). Probate matters where there is a surviving spouse or civil partner may be retained until the survivor has died in order to deal with the transferable Inheritance Tax allowance. Wills and related documents may be kept indefinitely. Deeds related to unregistered property may be kept indefinitely as they evidence ownership.
We will retain your data for as short a period as possible. The retention period may vary depending on the nature of the data. It will also take into account our need to meet any legal, statutory and regulatory obligations. In all cases our need to use your personal information will be reassessed on a regular basis and information, which is no longer required, will be disposed of.
Under the GDPR, you have a number of rights that you can exercise in certain circumstances. Where those circumstances are established, you may have the right to:
– Ask for access to your personal information and other supplementary information;
– Ask for correction of mistakes in your data or to supplement information Avery Emerson Solicitors holds on you;
– Ask for your personal information to be erased;
– Receive a copy of the personal information you have provided or have this information sent to a third party;
– Object at any time to processing of your personal information for direct marketing;
– Object to the continued processing of your personal information;
– Restrict Avery Emerson Solicitors processing of your personal information.
Complaints about the use of personal data
If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate this further. Our Data Protection Officer is Sukhjit Ahluwalia and you can contact him at firstname.lastname@example.org.
If you are dissatisfied with this policy or you any further queries about our data protection procedures or wish to lodge a complaint, please contact the firm in the first instance. Thereafter you have the right to submit a complaint to the Supervisory Authority, the Information Commissioner’s Office (ICO).
As your data is used by our firm for legitimate business interests, the above does not affects your rights under the legislation, in particular your right to access the data we hold on you. You may request a copy of the personal information we may hold on you – this should be submitted in writing to email@example.com. Please include enough information to enable us to identify you and search for appropriate data.
You have the right to object to this processing. Should you wish to do so please email firstname.lastname@example.org for further information.