Beasley Legal respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
The data we collect about you
Personal data or information, means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
Identity Data encompasses information can identify you such as your first name, last name, maiden name, title, gender, marital status and date of birth.
Contact Data encompasses information which can be used to communicate with you such as billing address, delivery address, email address, and telephone numbers.
Financial Data encompasses bank account and payment card details, or information about your financial position.
Transaction Data encompasses details about payments to and from you, any meeting records where you have met with us and other details of matters you have instructed us on.
Legal Data encompasses information relating to and/or arising from the legal advice which we are assisting you with.
Technical Data encompasses technology on the devices you use and which you communicate with us, such as your IP address.
How we obtain your personal data
Your personal data may come into our possession not only because you send it to us, but also from a large number of other parties such as the other party to the dispute and third parties, such as HM Land Registry, surveyors and banks.
How we use your personal data
We are legally obligated to comply with the statutory requirements referrable to how your personal data is used. These statutory requirements are set out in the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. We also need to follow strict rules called “data protection principles”.
As set out in the Government website (www.gov.uk./data-protection), we will comply with the following:
“Anyone responsible for using personal data must make sure the information is:
• used fairly, lawfully and transparently
• used for specified, explicit purposes
• used in a way that is adequate, relevant and limited to only what is necessary
• accurate and, where necessary, kept up to date
• kept for no longer than is necessary
• handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
There is stronger legal protection for more sensitive information, such as:
• race
• ethnic background
• political opinions
• religious beliefs
• trade union membership
• genetics
• biometrics (where used for identification)
• health
• sex life or orientation
There are separate safeguards for personal data relating to criminal convictions and offences.
Under the legislation, you have rights in relation to your personal data, with some exceptions [these rights are explained more fully below]. These include the right to:
• be informed about how your data is being used
• access personal data
• have incorrect data updated
• have data erased
• stop or restrict the processing of your data
• data portability (allowing you to get and reuse your data for different services)
• object to how your data is processed in certain circumstances
You also have rights when an organisation is using your personal data for:
• automated decision-making processes (without human involvement)
• profiling, for example to predict your behaviour or interests”.
We will only use your personal data when the law allows us to. We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so.
Privacy Policy
| Purpose | Lawful Basis for Processing |
|---|---|
| To register you as a new client and to enter into and perform the contract we have with you including carrying out conflict, credit and anti-money laundering checks to ensure that we are able to provide the contractual services to you. | (a) Performance of a contract with you; (b) Necessary for our legitimate interests; (c) Necessary to comply with a legal obligation. |
| To carry out our contract for the provisions of services to you including: (a) Managing payments, fees and charges; (b) Collecting and recovering money owed to us. |
(a) Performance of a contract with you. |
| To manage our relationship with you including: (a) General communication relating to your instructions; (b) Notifying you about changes to our terms or privacy policy; (c) Asking you for feedback. |
(a) Performance of a contract with you; (b) Necessary to comply with a legal obligation. |
| To enable you to provide feedback on our services, enable us to deal with any complaints and improve our service offering. | (a) Performance of a contract with you; (b) Necessary for our legitimate interests. |
| To notify you of changes in the law that might affect you or your business. | (a) Necessary for our legitimate interests. |
| For the prevention of fraud and other criminal activities. | (a) Necessary to comply with a legal obligation; (b) Necessary for our legitimate interests. |
| To ensure we meet with our certification and health and safety requirements. | (a) Necessary to comply with a legal obligation. |
| For network and information security purposes to enable us to protect against personal data loss. | (a) Necessary for our legitimate interests. |
| For management and auditing of our business operations including accounting. | (a) Necessary to comply with a legal obligation. |
| To comply with our legal and regulatory obligations, requirements and guidance such as the SRA’s Code of Conduct and the Financial Conduct Authority Handbook. | (a) Necessary to comply with a legal obligation. |
| To comply with other legal obligations such as maintaining a register of corporate gifts in order to comply with anti-bribery laws and maintaining a record of undertakings either given or received by us. | (a) Necessary to comply with a legal obligation. |
| For the establishment, exercise or defence of our legal rights. | (a) Necessary for our legitimate interests. |
| To share information, as needed with service providers or other third parties as part of providing services to you and operating our business. | (a) Performance of a contract with you; (b) Necessary for our legitimate interests. |
| To use data analytics to improve our website, marketing, client relationships and experiences. | (a) Necessary for our legitimate interests. |
| To make automated decisions on whether to inform you of products which may be of interest to you. | (a) Performance of a contract with you; (b) Necessary for our legitimate interests. |
| To send publications you have subscribed to; and/or invitations to events we consider relevant. | (a) Necessary for our legitimate interests; (b) With your consent where you are an individual. |
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:
• Request access to your personal data (known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
• Object to processing of your personal data in certain circumstances.
• Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data for example, where:
you want us to establish the data's accuracy;
you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims;
you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of some forms of your personal data to you or to a third party.
• Withdraw your consent at any time where we are relying on consent to process your personal data.
Complaints
We will deal with your request as soon as reasonably practicable. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk/cpncerns - Telephone: 0303 123 1113). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please do contact us in the first instance. Please also refer to our Complaints Policy which is published on our website.