Cox Burley Solicitors take your privacy seriously and we are committed to protecting your personal data.
The use of personal data is regulated under the European General Data Protection Regulations (GDPR) 2018. Under these regulations ‘Cox Burley Solicitors’ is responsible as ‘controller’ of your personal data and use of your data is subject to the rules of GDPR, your instructions and other legal and professional obligations.
This policy explains what personal information we collect, when and why we do so, how it is used, the conditions under which it may be disclosed to others and how it is stored and kept secure. It also explains your rights in relation to your personal data and what to do if you have a complaint.
Personal data is any information relating to an identified or identifiable individual and can include financial details and information relating to current or previous legal proceedings concerning you. Special category data is data which is of a more sensitive nature such as ethnic origin, health, sex life and sexual orientation as well as criminal offence data.
WHAT PERSONAL DATA DO WE COLLECT?
We only collect and process information that is relevant to the service we are providing to you. Without this information we may be unable to provide this service. Data can include, but not be limited to:
- Name, address and telephone number
- Information enabling us to confirm your identity i.e. date of birth, passport
- Contact details i.e. Email and mobile phone number
- Information regarding your case
HOW DO WE COLLECT YOUR DATA?
Most of your personal information is collected face to face, from you, at our initial meeting. However, we may also need to obtain information from public sources e.g. HMCTS and/or third party sources such as medical professionals, expert consultants and financial institutions. Third party sources will only be accessed with your knowledge and consent.
HOW WE USE YOUR PERSONAL DATA
Under data protection laws, we can only use your information if we have a legal basis for doing so. Cox Burley Solicitors primarily use the information you provide to us for the provision of legal services as part of our contract with you and to comply with our regulatory and legal obligations. We also use your data as part of our legitimate interests to efficiently and safely manage our practice e.g. fraud prevention and professional accreditation.
Sensitive or special category personal information can only be collected when it is necessary to establish, exercise or defend a legal claim. Processing of personal data relating to criminal offences and convictions is further restricted and can only be carried out under specific, lawfully authorised circumstances.
WHO DO WE SHARE YOUR DATA WITH?
We sometimes need to share the personal information we process with other organisations.
If this is necessary, we will only do so with full compliance of all data protection laws. Such organisations include:
Public bodies such as the courts, police or the Legal Aid Agency.
Non-public organisations such as external auditors, the Solicitors Regulation Authority (SRA) instructed barristers, experts or solicitors instructed as our agents.
HOW LONG DO WE KEEP YOUR DATA?
Your personal data is held at our offices both in paper and electronic form.
Following your case, we keep your file for 3 years from the completion of your case and sometimes longer, depending any requests made by you to retain it for a longer period up to 6 years, or to enable us to respond to any claims or complaints made by you.
During this time, your paper file will be stored with secure storage, following which it will be destroyed as confidential waste.
You have the following rights under data protection law in relation to your personal information:
- the right of access, free of charge and within one month
- the right to rectification of any mistakes in your personal data
- the right of erasure of your information unless the law requires or allows us to use your personal information for longer
- the right to request restriction of processing of your information in certain circumstances
- the right to data portability. to receive the personal data you provided to us in a structured, commonly used and machine-readable format and/or transmit it to a third party in certain situations
- the right to object to your data being used for direct marketing
- the right not to be subject to automated decision making
If you would like to exercise any of your rights, please email or write to Steven Cox specifying the details of the right you wish to exercise and what information this relates to. You will need to state your name, address and phone number and include proof of your identity (copy of driving licence or passport and recent utility or credit card bill). Depending on the circumstances, an administration fee may be payable.
HOW SECURE IS YOUR DATA?
All your personal data is protected by stringent security measures. Only those with a genuine business need have the authority to access your data and they are bound by a duty of confidentiality. In the unlikely event of a breach of security leading to accidental or unlawful destruction, loss, alteration or unauthorised disclosure of personal data, we have processes in place and will notify you in compliance with GDPR.
COMPLAINTS ABOUT DATA HANDLING
If you think there is a problem with the way your data is being handled, please contact Seven Cox, our partner in charge of data protection who will try to resolve any issues.
However, should you wish to make a complaint you can do so by contacting the Information Commissioner, this can be done through the website at https://ico.org.uk/concerns.
This policy was last updated on 30th October 2021 and is regularly monitored and reviewed.