At SC Law we take the protection of your personal data very seriously. We will only use your personal information to deliver the services you have requested from us and to meet our legal responsibilities.
This privacy notice sets out how we collect and use personal data about you and with whom we may share it with in accordance with the General Data Protection Regulation (GDPR).
Personal data is information that relates to a living individual who can be identified by that data. It does not include information relating to a deceased person, groups, companies, organisations or public authorities.
The personal data we collect from you can be your name, address, e-mail address and telephone number. It can also include information about your gender, your financial circumstances, your social status and cultural background.
How do we collect information from you
We collect information and data directly from you at the point of your initial enquiry and when you instruct us to carry out work on your behalf. Such information may also be contained in documents you provide to us in accordance with your instructions.
How do we use your personal data
Your personal data is only used for the purposes of meeting our legal obligations and for assisting you in your case. We may need to share your personal information with third parties e.g. other Solicitors/Barristers, your opponent, professionals including translators and experts, government organisations including the Court. However when we use outside service providers, we only disclose the personal information that is necessary to deliver the service and we have contracts in place that requires them to keep your information secure and not to use it for their own purposes.
How you can access and update your information
Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email us or write to us to confirm the changes.
Security precautions in place to protect the loss, misuse or alteration of your information
Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Your data will usually be processed in our offices in the UK. However, to allow us to operate efficient digital processes, we sometimes need to store information in servers located in the UK. We take the security of your data seriously and so all our systems have appropriate security in place that complies with all applicable legislative and regulatory requirements.
We invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control.
We may occasionally contact you by email with details of any changes in legal and regulatory requirements or other developments that may be relevant to your affairs and where applicable, how we may assist you further. If you do not wish to receive such information from us, please let us know by contacting us.
How long will we keep your information?
We will only retain your personal data for as long as it is necessary to fulfil the purposes we collected it for. We will retain your personal data for the duration of your transaction/case and thereafter for a further period of six years following completion of your matter. The six year period is to take into account statutory limitation periods and to comply with the requirements of our insurers and regulators.
What are your rights?
Your data is processed in accordance with the General Data Protection Regulation (GDPR). We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
• Access to your information – you have the right to access your personal information that we hold.
• Rectification of your personal data – you have the right to have inaccurate or incomplete personal data rectified.
• Deletion of your information – you have the right to have your data erased in certain circumstances (though this will not apply where it is necessary for us to continue to use the data for a lawful reason)
• Restricting how we may use your information – you have the right to restrict to the use of your data in certain circumstances for example where we are checking the accuracy of your personal data or assessing the validity of your objections of how we may use your information.
• Objecting to how we may use your information – you have the right to object to the use of your data for example for marketing or profiling in which case we may only use your data with your consent.
Queries and complaints
We seek to directly resolve all complaints about how we handle your personal data. Please contact Saffora Choudri, the firm’s Data Controller, if you have any complaints or questions.
If we are unable to resolve your complaints, you have a right to register a complaint with the Information Commissions Office (ICO).