FISHER DAY LIMITED PRIVACY NOTICE (GENERAL)
Your privacy on www.fisherday.co.uk
Last updated on: 23rd May 2018
Welcome to Fisher Day Solicitors Privacy Notice.
Fisher Day Solicitors takes data protection seriously and is committed to respecting and protecting your personal data. Your personal data is data which by itself or with other data available to us can be used to identify you.
We understand that your privacy is important to you and that you care about how your personal data is used and shared. We respect and value the privacy of everyone who visits www.fisherday.co.uk (“our site”) and we may collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law.
This Privacy Notice explains how we will collect, store and use any personal data you provide via our website, email or networks and when you otherwise communicate with us (including in the course of the services we provide or the running of our firm
It is important that the personal data we hold about you is accurate and current.
Please keep us informed if your personal data changes during your relationship with us.
This Privacy Notice may change from time to time and, if it does, the up-to-date version will be available on our website and becomes effective immediately.
Please take the time to read this Privacy Notice, which contains important information about the way in which Fisher Day Solicitors, handles and processes personal data.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO so please contact us in the first instance.
For the purposes of this Privacy Notice, “Data Protection Legislation” is defined as, for the periods in which they are in force, the European Data Protection Directive 95/46/EC, all laws giving effect or purporting to give effect to the European Data Protection Directive 95/46/EC (such as the Data Protection Act 1998) or otherwise relating to data protection (to the extent the same apply) and, from 25 May 2018, the General Data Protection Regulation (Regulation (EU) 2016/670) (“GDPR”) or any equivalent legislation amending, supplementing or replacing the GDPR.
- WHAT DOES THIS POLICY COVER?
- YOUR RIGHTS
As a data subject, you have the following rights under the GDPR, which this Policy and our use of personal data have been designed to uphold:
– The right to be informed about our collection and use of personal data
– The right of access to the personal data we hold about you ;
– The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us)
– The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you (we only hold your personal data for a limited time, as per retainer, but if you would like us to delete it sooner, please contact us)
– The right to restrict (i.e. prevent) the processing of your personal data;
– The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
– The right to object to us using your personal data for particular purposes; and
– Rights with respect to automated decision making and profiling.
- The data we may collect about you
We may collect, or be provided with, and process information about you, and clients through various means, including:
in the course of carrying out work for you (or your business), in which case we will process any of your client personal data provided to us as a Data Processor as defined in the Data Protection Legislation;
- via our website (for example, on our ‘Contact Us’ page);
- by email or other electronic correspondence;
- by telephone;
- networking (e.g. conferences, customer events and/or other meetings or events either hosted or attended by us);
- otherwise through providing our services or operating our business.
Depending upon your use of our Site, we may collect some or all of the following personal and non-personal data
– Contact information such as email addresses and telephone numbers
– IP address
– Web browser type and version
– Operating system
The personal data you give to us may include:
- your name and title;
- contact information, including telephone number, postal address and email address;
- information relating to your location, preferences and/or interests;
- photographic identification;
- with respect to your clients, their personal data including special categories of personal data;
- the content of any enquiry submitted over our website;
- any other personal data we collect (such as the customer and client reference numbers which may be assigned to you) in the context of providing our services or in the course of operating our business.
Each time you visit our website, we may automatically collect the following information:
- Web usage information (e.g. IP address);
- Information about your visit, including the full uniform resource locators (URLs) clickstream to, through and from our website.
We may ask you for information when you report a problem with our website.
If you contact us, we may keep a record of that correspondence.
The personal data described above may relate to any of the following categories of person:
- our prospective customers;
- those who submit enquiries through our website or whose details are otherwise entered into our marketing management system.
- HOW CAN YOU CONTROL YOUR DATA?
In addition to your rights under the GDPR, when you submit personal data to us via email or via our site, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails, at the point of providing your details and by contacting us).
6. YOUR RIGHT TO WITHHOLD INFORMATION
You may access certain areas of our site without providing any data at all. However, to use all features and functions available on our site you may be required to submit or allow for the collection of certain data.
7. HOW CAN YOU ACCESS YOUR DATA?
You have the right to ask for a copy of any of your personal data information held by us (where such data is held). Please contact us for more details using our contact details.
- HOW DO WE STORE YOUR DATA?
– We only keep your personal data for as long as we need to in order to use it and/or for as long as we have your permission to keep it.
– Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure data collected through our site.
- WHAT DO WE USE YOUR INFORMATION FOR?
- How we use your information
We may use your information for the following purposes:
- to respond to any query that you may submit to us;
- to manage our relationship with you (and/or your business), including by maintaining databases of customers and other third parties for administration, accounting and
- relationship management purposes;
- to complete our contractual obligations to you;
- where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests;
- where we need to comply with a legal or regulatory obligation (for example any relevant anti-money laundering law or regulation);
- to send you any relevant information of our legal services and events that may be of interest to you using the email and/or postal address which you have provided, but only if you have given us your explicit consent to do so ,or we are otherwise able to do so in accordance with applicable Data Protection Legislation.
- You can withdraw your consent to marketing activity at any time by emailing us at email@example.com or in writing by return.
- to determine what is most effective about our website, and to help identify ways to improve it, and to tailor it to be more effective;
- to comply with any other professional, legal and regulatory obligations which apply to us or policies that we have in place;
- as we consider necessary to prevent illegal activity or to protect our interests.
- Legal grounds for processing your information
We will rely on the following legal bases under Data Protection Legislation for processing your personal data:
- Performance of, or entry into, a contract;
- Compliance with a legal obligation to which we are subject;
- We have a legitimate interest in doing so as a services provider;
- Where processing of ‘special category data’ is necessary in the context of the establishment, exercise or defence of legal claims;
- in certain circumstances, where we have express consent to do so. Where we collect consent, we will explain that it may be withdrawn at any time in accordance with the information we provide at that time;
We will process personal data as a Data Processor in accordance with the terms of the contractual arrangements in place between us.
- Sharing your information
We may share your details with third parties instructed by us, in accordance with your instructions to enable us to fulfil our contractual obligations to you in the course of the legal transaction / instructions, your matter.
We will only share your personal data in compliance with Data Protection Legislation.
We may disclose your information to third parties when:
- you specifically request this or it is necessary to provide our services to you,
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, transaction and for those provision of legal services only (In accordance with the retainer )
We will not sell your information, under any circumstances.
- Storage and retention of your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or regulatory and/or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We will procure that any third parties we engage to provide services in accordance with the contract between us, will keep your data and that they store your details on their systems, for as long as is necessary to provide the requisite service, and to comply with all applicable legal requirements.
We will not store your information for longer than is reasonably necessary or required by law, and/or as needed for the duration of our contractual relationship.
Following the completion of any contract (retainer) between us, we may also need to retain your personal data for legal and regulatory purposes, including
- pursuing any outstanding payments, and
- for HMRC audit purposes following payment of an invoice.
- Law Society and SRA regulatory requirements
- In accordance with file storage pursuant to retainer and law society guidelines of file storage and retention
- Sending your information outside of the EEA
We will not share your date with outside the EEA.
If however, we find we in a position we need to share your personal data with a recipient outside the European Economic Area (“EEA”) we will ensure we do so in compliance with Data Protection Legislation and having obtained your consent, where appropriate.
- Your information rights
Data Protection Legislation gives you the right to access information held about you.
We will aim to respond to any requests relating to your rights without undue delay and in any case within one month of receipt of your request. With respect to your clients we will, as you are the Data Controller, notify you if we directly receive a request relating to their rights.
We may ask you to confirm your identity so that we can validate a request. If you would like to make a request, please email or write to the DPO using the contact details provided above.
You have the right to:
- Request access to your personal data and check that we are lawfully processing it.
- Request correction of the personal data that we hold about you if you consider that it is inaccurate.
- Request the transfer of your personal data to you or to a third party.
- Request erasure of your personal data. This includes where you have been successful in exercising your right to object to processing (see below). However we may not be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Request restriction of processing of your personal data. This may be the case if you want us to establish the data’s accuracy or where our use of the personal data is unlawful but you do not want us to erase it.
- Object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms.
Where you exercise your rights to request erasure or request a restriction in the processing of your personal data or to object to processing of your personal data, we may still need to keep basic contact information about you if you are already or will shortly be an active customer as we will require this for contractual purposes.
- WHAT HAPPENS IF OUR BUSINESS CHANGES OWNERSHIP?
19. HOW DO WE PROTECT YOUR INFORMATION?
Fisher Day Solicitors implements a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.
20. DO WE DISCLOSE ANY INFORMATION TO OUTSIDE PARTIES?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others rights, property, or safety.
- CONTACTING US
Please ensure that your query is clear, particularly if it is a request
22. YOUR CONSENT
If you have any questions you can contact our Data Protection Officer at:
- E-mail – firstname.lastname@example.org
- Post – FAO Nurul Islam, Director, Fisher Day Solicitors, 127 Market Street, Hyde, Cheshire, SK14 1LF
CH: Registration Number: 10629196, ICO Registration Number: ZA261138