Sherbornes Solicitors Limited (“We”) are committed to protecting and respecting your privacy. We take the processing and privacy of personal data extremely seriously, as detailed under the European General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018.
Sherbornes Solicitors Limited is classified as a “Data Controller” which means we may process your personal data. Processing is a term to describe any activity in relation to your data including but not limited to storage, transmission and destruction of data.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information you give us. You may give us information about you by filling in forms on our site http://sherborneslaw.co.uk/ (our site) or by corresponding with us by phone, e-mail or otherwise. The information you give us may include but is not limited to your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph.
- Information we collect about you automatically. With regard to each of your visits to our site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
We do not share information which is collected automatically by our website with third parties at any time.
USES MADE OF THE INFORMATION
We will only start to process personal information about you if we have a legitimate reason or if you have given us your consent. In most cases, we will collect information directly from you but we may amplify that information over time from other sources, such as your company website, or from your subsequent communications with you.
We use information held about you in the following ways:
- Information you give to us. We will use this information:
- to carry out our obligations under our Terms and Conditions and to provide you with the information that you request from us. The basis of our processing information of this type is to allow for the performance of a contract you have with us;
- to provide you with information about services we offer that are similar to those that you have already enquired about. The basis for processing this information is again to allow the performance of a contract we have with you, or, if appropriate because you have consented to this;
- to notify you about changes in the law. This takes the form of legal updates which you should only receive if you have opted in to receive such notifications. You may opt out at any time simply by telling us that you wish to. The basis for this processing is consent;
- to invite you to seminars and workshops on legal topics or to charity and/or corporate hospitality events we are organising. You will only receive these invites if you have opted in to receive them. You may opt out at any time simply by telling us that you wish to. The basis for this processing is consent.
- Information we collect about you. We will use this information to carry out our obligations under our Terms and Conditions and to provide you with the information that you request from us. The basis of our processing is our contractual relationship.
The retention period is described as below:
- Information kept for contractual reasons. We will hold that data securely for a period of 7 years from the conclusion of the contract, after which time we will destroy that data.
- Information held with consent from the individuals. We will continue to store this data until you withdraw your consent or indicate that such processing is not necessary. In this event, your data will be removed from our system immediately and deleted.
DISCLOSURE OF INFORMATION
We may disclose your personal information to third parties:
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation,
- or to protect the rights, property, or safety of Sherbornes Solicitors Limited, our employees, clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Any such third party will be required to take appropriate security measures to protect your personal information in line with our policies. We would not allow any third parties to use your personal data for their own purposes. We would only permit them to process your personal data for specified purposes and in accordance with our instructions.
WHERE WE STORE YOUR PERSONAL DATA
Where we have given you (or where you have chosen) a password which enables you to access documents and certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site or our email addresses; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Under GDPR, it is crucial that the information we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your contractual relationship with us.
Under specific circumstances, you have the right to:
- Access information held about you (“Data Subject Request”). You will not have to pay a fee to access your personal information unless your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with your request or we may agree to withhold information that is likely to be the subject of disclosure within litigation, or that is held by us in a legally privileged capacity. Also, we may need to request specific information from you to help us confirm your identity before we give you any access.
- Alter or correct the personal information we hold about you.
- Erase any personal information about you. You can ask us to remove or delete any personal data where there is no good reason for us continuing to process it.
- Restrict any processing of your personal data. You can ask us not to process your personal data for marketing purposes. We will never use your data for other peoples or organisations purposes nor will we disclose your information to any third party for such purposes.
- Transfer your personal data to a third party.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you want to make any changes in your personal information (or to exercise any of your other rights), please contact email@example.com.
In the circumstances where you have provided us with your consent to process your personal information, you have the right to withdraw your consent at any time. To withdraw, please contact firstname.lastname@example.org. Once we receive your request, we will no longer process your information, unless we have another legitimate basis for doing so in law.
We reserve the right to update this policy at any time.
The firms Data Protection Officer has responsibility for compliance and should you have any questions concerning your data, you should contact that person in the first instance. You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”).